URL: http://zdorovia.com.ua/
Submission: On June 18 via api from GB — Scanned from GB

Summary

This website contacted 105 IPs in 17 countries across 109 domains to perform 612 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 91.210.190.92 48440 (AS-EKVIA)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a03:90c0:41:... 199524 (GCORE)
2 104.18.2.81 13335 (CLOUDFLAR...)
2 4 88.212.202.52 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
5 27 51.83.220.94 16276 (OVH)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 146.0.227.107 29066 (VELIANET-...)
1 19 146.0.227.109 20773 (GODADDY)
5 77.123.132.26 35680 (VOLIA)
1 2 37.157.6.245 198622 (ADFORM)
6 51.89.9.252 16276 (OVH)
1 4 5.178.65.245 50673 (SERVERIUS-AS)
7 9 2.20.157.55 16625 (AKAMAI-AS)
11 11 35.157.1.22 16509 (AMAZON-02)
4 34.98.67.61 15169 (GOOGLE)
3 216.52.2.19 29791 (VOXEL-DOT...)
1 3 194.247.175.19 196831 (BEMOBILE-AS)
3 3 199.115.119.227 30633 (LEASEWEB-...)
2 2 54.229.65.185 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
3 3 188.42.191.196 7979 (SERVERS-COM)
1 183.110.238.136 4766 (KIXS-AS-K...)
4 4 185.64.190.79 62713 (AS-PUBMATIC)
13 34 142.250.184.226 15169 (GOOGLE)
1 7 104.36.113.107 62713 (AS-PUBMATIC)
1 3.216.198.78 14618 (AMAZON-AES)
5 2a0c:5c81:513... 55081 (24SHELLS)
2 8.2.110.114 46636 (NATCOWEB)
1 3 185.184.8.90 204995 (RTB-HOUSE...)
1 2 144.76.118.233 24940 (HETZNER-AS)
3 3 18.156.0.31 16509 (AMAZON-02)
2 8.2.110.206 46636 (NATCOWEB)
2 193.200.65.6 6681 (GIVEME-CLOUD)
1 6 198.47.127.20 3257 (GTT-BACKB...)
3 66.155.71.149 13768 (COGECO-PEER1)
3 9 35.186.253.211 15169 (GOOGLE)
6 15 18.210.31.151 14618 (AMAZON-AES)
6 5.178.65.253 50673 (SERVERIUS-AS)
9 11 37.252.173.62 29990 (ASN-APPNEX)
6 46.249.52.248 50673 (SERVERIUS-AS)
4 4 104.92.74.8 16625 (AKAMAI-AS)
8 23.205.235.133 16625 (AKAMAI-AS)
6 104.102.28.254 20940 (AKAMAI-ASN1)
3 205.234.175.175 30081 (CACHENETW...)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
63 2a00:1450:400... 15169 (GOOGLE)
2 3 35.227.248.159 15169 (GOOGLE)
4 6 37.157.6.241 198622 (ADFORM)
5 35.71.131.137 16509 (AMAZON-02)
1 2 2a04:4e42:400... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
4 9 192.82.242.209 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.241.232.111 16509 (AMAZON-02)
2 3 18.198.126.47 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
2 2 185.86.137.131 201081 (SMARTADSE...)
2 7 52.208.103.128 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 3 54.76.93.140 16509 (AMAZON-02)
2 54.76.64.233 16509 (AMAZON-02)
1 162.55.236.225 24940 (HETZNER-AS)
3 3 151.101.194.49 54113 (FASTLY)
1 143.204.89.56 16509 (AMAZON-02)
1 1 3.81.232.90 14618 (AMAZON-AES)
1 2 54.239.37.45 16509 (AMAZON-02)
2 3 69.192.160.219 16625 (AKAMAI-AS)
3 3 99.80.238.5 16509 (AMAZON-02)
1 67.202.105.32 32748 (STEADFAST)
2 17 62.149.0.72 15497 (COLOCALL ...)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 54.72.207.25 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
5 69.173.144.138 26667 (RUBICONPR...)
1 1 37.157.6.247 198622 (ADFORM)
6 52.222.139.112 16509 (AMAZON-02)
3 51.15.145.115 12876 (Online SAS)
21 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 172.217.18.2 15169 (GOOGLE)
3 4 69.173.144.139 26667 (RUBICONPR...)
44 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 3.120.214.218 16509 (AMAZON-02)
2 8 52.30.64.95 16509 (AMAZON-02)
16 185.64.189.110 62713 (AS-PUBMATIC)
2 3 52.50.170.21 16509 (AMAZON-02)
2 2 185.29.132.245 30419 (MEDIAMATH...)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 154.59.122.79 174 (COGENT-174)
2 2 52.59.94.57 16509 (AMAZON-02)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 104.89.45.32 16625 (AKAMAI-AS)
1 38.27.122.101 174 (COGENT-174)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 54.210.33.215 14618 (AMAZON-AES)
1 151.101.193.44 54113 (FASTLY)
2 3 35.244.174.68 15169 (GOOGLE)
2 3 169.50.137.182 36351 (SOFTLAYER)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 54.80.163.3 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 66.155.71.25 13768 (COGECO-PEER1)
1 1 51.68.39.188 16276 (OVH)
4 4 2620:116:800d... 16509 (AMAZON-02)
1 1 38.67.14.233 174 (COGENT-174)
1 1 34.102.253.54 15169 (GOOGLE)
1 1 37.252.172.250 29990 (ASN-APPNEX)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
6 2600:9000:236... 16509 (AMAZON-02)
38 34.208.170.188 16509 (AMAZON-02)
2 142.250.185.70 15169 (GOOGLE)
4 142.250.74.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 3.68.169.133 16509 (AMAZON-02)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 2 54.145.48.80 14618 (AMAZON-AES)
2 2 172.105.203.31 63949 (LINODE-AP...)
5 5 141.94.171.216 16276 (OVH)
3 3 35.201.96.126 15169 (GOOGLE)
2 104.36.113.68 62713 (AS-PUBMATIC)
2 4 77.243.60.138 42697 (NETIC-AS)
2 52.201.183.195 14618 (AMAZON-AES)
2 52.18.233.6 16509 (AMAZON-02)
1 2 52.208.25.247 16509 (AMAZON-02)
612 105
Apex Domain
Subdomains
Transfer
107 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
2 MB
58 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
ad.doubleclick.net — Cisco Umbrella Rank: 203
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 283
197 KB
53 zdorovia.com.ua
zdorovia.com.ua
1 MB
52 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 791
pixel.adsafeprotected.com — Cisco Umbrella Rank: 548
static.adsafeprotected.com — Cisco Umbrella Rank: 532
dt.adsafeprotected.com — Cisco Umbrella Rank: 475
384 KB
50 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 627
image2.pubmatic.com — Cisco Umbrella Rank: 1024
image4.pubmatic.com — Cisco Umbrella Rank: 993
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 652
simage2.pubmatic.com — Cisco Umbrella Rank: 635
simage4.pubmatic.com — Cisco Umbrella Rank: 1230
aud.pubmatic.com — Cisco Umbrella Rank: 5811
61 KB
32 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 7545
file.adpartner.pro — Cisco Umbrella Rank: 271623
61 KB
31 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 46134
inv-nets.admixer.net — Cisco Umbrella Rank: 2737
207 KB
21 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1193
eus.rubiconproject.com — Cisco Umbrella Rank: 601
token.rubiconproject.com — Cisco Umbrella Rank: 762
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2555
pixel.rubiconproject.com — Cisco Umbrella Rank: 358
45 KB
19 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5267
s.e-planning.net — Cisco Umbrella Rank: 7767
u-ams02.e-planning.net — Cisco Umbrella Rank: 70360
i.e-planning.net — Cisco Umbrella Rank: 7818
10 KB
19 google.com
www.google.com — Cisco Umbrella Rank: 9
adservice.google.com — Cisco Umbrella Rank: 92
5 KB
16 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1801
mwzeom.zeotap.com — Cisco Umbrella Rank: 1437
5 KB
15 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2549
19 KB
14 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 5024
sync.adtelligent.com — Cisco Umbrella Rank: 4133
7 KB
13 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 886
tags.crwdcntrl.net — Cisco Umbrella Rank: 1435
sync.crwdcntrl.net — Cisco Umbrella Rank: 761
48 KB
13 go2net.com.ua
scripts.go2net.com.ua
ads.go2net.com.ua — Cisco Umbrella Rank: 275818
173 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 247
secure.adnxs.com — Cisco Umbrella Rank: 435
10 KB
11 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1652
us-u.openx.net — Cisco Umbrella Rank: 402
1 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
6 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
271 KB
9 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623
8 KB
9 adform.net
adx.adform.net — Cisco Umbrella Rank: 4033
dmp.adform.net — Cisco Umbrella Rank: 4948
cm.adform.net — Cisco Umbrella Rank: 1757
c1.adform.net — Cisco Umbrella Rank: 613
5 KB
7 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1079
5 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
104 KB
7 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 459
d.agkn.com — Cisco Umbrella Rank: 551
4 KB
7 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2724
adservice.google.co.uk — Cisco Umbrella Rank: 4465
2 KB
6 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 4296
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 4680
2 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 813
5 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3946
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
1 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 308
cms.analytics.yahoo.com — Cisco Umbrella Rank: 963
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 512
3 KB
4 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1201
2 KB
4 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 461
cms.quantserve.com — Cisco Umbrella Rank: 1132
2 KB
4 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3587
pixel-sync.sitescout.com — Cisco Umbrella Rank: 638
764 B
4 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1030
584 B
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8319
3 KB
3 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 5304
646 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 557
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 969
1 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 344
id.rlcdn.com — Cisco Umbrella Rank: 657
616 B
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 531
2 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 861
1 KB
3 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7419
2 KB
3 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 52890
642 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 687
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 468
usermatch.krxd.net — Cisco Umbrella Rank: 1325
942 B
3 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8220
loada.exelator.com — Cisco Umbrella Rank: 21780
2 KB
3 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 698
match.taboola.com — Cisco Umbrella Rank: 2536
608 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 452
768 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 710
921 B
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2229
2 KB
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 4632
1 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 104250
643 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
831 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
37 KB
3 nashamama.com
nashamama.com
40 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 329
fonts.googleapis.com — Cisco Umbrella Rank: 67
87 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2968
643 B
2 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1258
417 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1261
69 B
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2561
789 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 944
1 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2000
1 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 265
95 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1069
344 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1115
476 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 844
s.tribalfusion.com — Cisco Umbrella Rank: 2502
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1010
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 464
1 KB
2 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 1982
707 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 651
656 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 994
764 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1227
1 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1545
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 36650
682 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 212
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1171
752 B
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 96008
702 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 15022
1020 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 18763
543 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 5481
258 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5589
746 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3209
888 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 129697
i.bigmir.net — Cisco Umbrella Rank: 256825
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 100
53 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 485643
r.i.ua — Cisco Umbrella Rank: 158553
4 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4560
465 B
1 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 6297
697 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3529
482 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3974
104 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1146
522 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 836
518 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1497
220 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4526
348 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 2208
114 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1367
674 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1027
44 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 750
363 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1610
408 B
1 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 3612
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4245
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 509
225 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 70803
206 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1990
359 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1725
596 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 14191
411 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 8669
280 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 6715
904 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 555
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
9 KB
612 109
Domain Requested by
63 pagead2.googlesyndication.com cdn.admixer.net
file.adpartner.pro
pagead2.googlesyndication.com
zdorovia.com.ua
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
ad.doubleclick.net
53 zdorovia.com.ua zdorovia.com.ua
44 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
38 dt.adsafeprotected.com googleads.g.doubleclick.net
34 cm.g.doubleclick.net 13 redirects spl.zeotap.com
googleads.g.doubleclick.net
zdorovia.com.ua
27 a4p.adpartner.pro 5 redirects zdorovia.com.ua
a4p.adpartner.pro
19 inv-nets.admixer.net 1 redirects cdn.admixer.net
zdorovia.com.ua
ads.us.e-planning.net
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
16 simage2.pubmatic.com ads.pubmatic.com
15 a.audrte.com 6 redirects ads.us.e-planning.net
a.audrte.com
zdorovia.com.ua
s.adtelligent.com
13 mwzeom.zeotap.com spl.zeotap.com
13 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
12 sync.adtelligent.com 1 redirects s.adtelligent.com
ads.us.e-planning.net
ads.pubmatic.com
12 cdn.admixer.net zdorovia.com.ua
cdn.admixer.net
scripts.go2net.com.ua
11 ib.adnxs.com 9 redirects spl.zeotap.com
googleads.g.doubleclick.net
11 x.bidswitch.net 11 redirects
10 ads.go2net.com.ua cdn.admixer.net
zdorovia.com.ua
9 www.googletagservices.com googleads.g.doubleclick.net
fw.adsafeprotected.com
9 image6.pubmatic.com 4 redirects ads.pubmatic.com
9 rtb.openx.net 3 redirects ads.us.e-planning.net
googleads.g.doubleclick.net
8 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
s.adtelligent.com
7 ps.eyeota.net zdorovia.com.ua
a.audrte.com
s.adtelligent.com
7 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 static.adsafeprotected.com googleads.g.doubleclick.net
pixel.adsafeprotected.com
6 adservice.google.com pagead2.googlesyndication.com
6 adservice.google.co.uk pagead2.googlesyndication.com
6 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
6 ads.pubmatic.com ads.us.e-planning.net
s.adtelligent.com
ads.pubmatic.com
6 u-ams02.e-planning.net ads.us.e-planning.net
ads.pubmatic.com
6 s.e-planning.net ads.us.e-planning.net
6 ssum-sec.casalemedia.com 6 redirects
6 onetag-sys.com ads.go2net.com.ua
ads.us.e-planning.net
s.adtelligent.com
5 pixel.onaudience.com 5 redirects
5 fonts.gstatic.com fonts.googleapis.com
5 match.adsrvr.org spl.zeotap.com
ads.pubmatic.com
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
4 uipglob.semasio.net 2 redirects
4 d.agkn.com 2 redirects googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net ad.doubleclick.net
4 pixel.adsafeprotected.com googleads.g.doubleclick.net
zdorovia.com.ua
4 fw.adsafeprotected.com 2 redirects googleads.g.doubleclick.net
4 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
4 token.rubiconproject.com eus.rubiconproject.com
4 bcp.crwdcntrl.net spl.zeotap.com
tags.crwdcntrl.net
4 dmp.adform.net 3 redirects spl.zeotap.com
4 secure-assets.rubiconproject.com 4 redirects
4 image8.pubmatic.com 4 redirects
4 odr.mookie1.com zdorovia.com.ua
spl.zeotap.com
googleads.g.doubleclick.net
4 ads.us.e-planning.net 1 redirects ads.go2net.com.ua
s.adtelligent.com
4 counter.yadro.ru 2 redirects zdorovia.com.ua
3 visitor.fiftyt.com 3 redirects
3 sync.crwdcntrl.net 2 redirects
3 sync.1rx.io 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 js.cookieless-data.com s.e-planning.net
3 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
3 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 aa.agkn.com 1 redirects ads.pubmatic.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 spl.zeotap.com ads.us.e-planning.net
3 i.e-planning.net ads.us.e-planning.net
3 pixel.sitescout.com ads.us.e-planning.net
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 3 redirects
3 creativecdn.com 1 redirects zdorovia.com.ua
cdn.admixer.net
3 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
3 ads.betweendigital.com 3 redirects
3 sync.lemmatechnologies.com 3 redirects
3 pa.tns-ua.com 1 redirects zdorovia.com.ua
cdn.admixer.net
3 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
3 scripts.go2net.com.ua zdorovia.com.ua
cdn.admixer.net
scripts.go2net.com.ua
2 io.narrative.io 1 redirects
2 rtb.gumgum.com ads.pubmatic.com
2 rtb.adentifi.com ads.pubmatic.com
2 aud.pubmatic.com
2 loada.exelator.com 2 redirects
2 gocm.c.appier.net 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 s0.2mdn.net googleads.g.doubleclick.net
2 ad.doubleclick.net www.googletagservices.com
2 id.rlcdn.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 px.owneriq.net 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 sync.mathtag.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 www.gstatic.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 sync.spotim.market s.adtelligent.com
2 ad.360yield.com 2 redirects
2 csync.loopme.me 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 beacon.krxd.net spl.zeotap.com
2 sync.smartadserver.com 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 trc.taboola.com 1 redirects spl.zeotap.com
2 s.adtelligent.com inv-nets.admixer.net
s.adtelligent.com
2 m.trafmag.com zdorovia.com.ua
2 cs.mobfox.com zdorovia.com.ua
cdn.admixer.net
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 us.ck-ie.com zdorovia.com.ua
2 pool.admedo.com 2 redirects
2 ads.avct.cloud 2 redirects
2 adx.adform.net 1 redirects zdorovia.com.ua
2 www.youtube.com zdorovia.com.ua
www.youtube.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pmp.mxptint.net 1 redirects
1 pixel.quantserve.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 idsync.rlcdn.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 match.bnmla.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 cm.adform.net 1 redirects
1 vid.vidoomy.com s.adtelligent.com
1 ic.tynt.com s.adtelligent.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com spl.zeotap.com
1 sync.richaudience.com spl.zeotap.com
1 cms.analytics.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 cs.yellowblue.io zdorovia.com.ua
1 idsync.admixer.co.kr zdorovia.com.ua
1 www.google.co.uk zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 static.xx.fbcdn.net www.facebook.com
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 www.facebook.com zdorovia.com.ua
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
1 ajax.googleapis.com zdorovia.com.ua
612 161

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA
2021-11-15 -
2022-12-05
a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2022-06-08 -
2023-06-21
a year crt.sh
*.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-27 -
2022-06-25
3 months crt.sh
adpartner.pro
R3
2022-06-14 -
2022-09-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
ads.us.e-planning.net
R3
2022-05-04 -
2022-08-02
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-03-11 -
2023-04-12
a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018
2022-04-29 -
2023-05-01
a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2022-05-28 -
2022-08-26
3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2
2021-11-12 -
2022-12-14
a year crt.sh
*.mobfox.com
R3
2022-03-31 -
2022-06-29
3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-14 -
2023-06-14
a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-06-01 -
2022-08-30
3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-12-15 -
2023-01-15
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.audrte.com
Amazon
2022-02-24 -
2023-03-24
a year crt.sh
*.e-planning.net
R3
2022-05-17 -
2022-08-15
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2022-02-23 -
2023-02-03
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-04 -
2023-06-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-29 -
2022-12-30
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-13 -
2022-10-14
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
widespace.com
Amazon
2022-02-23 -
2023-03-24
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-05-29 -
2022-08-27
3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2021-08-06 -
2022-09-05
a year crt.sh
sync.console.adtarget.com.tr
R3
2022-05-27 -
2022-08-25
3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA
2022-05-29 -
2022-08-27
3 months crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-23 -
2023-03-22
a year crt.sh
*.google.co.uk
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
juke.mmi.tns-ua.com
R3
2022-05-16 -
2022-08-14
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA
2022-03-18 -
2023-03-18
a year crt.sh
fw.adsafeprotected.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
*.match.prod.bidr.io
Amazon
2022-01-27 -
2023-02-25
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-01 -
2023-03-28
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-05-02 -
2023-06-03
a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018
2021-12-05 -
2022-12-06
a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2
2021-12-30 -
2023-01-31
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2021-10-27 -
2022-11-27
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-01-18 -
2022-07-13
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
teads.tv
R3
2022-06-01 -
2022-08-30
3 months crt.sh
static.adsafeprotected.com
Amazon
2021-09-05 -
2022-10-04
a year crt.sh
dt.adsafeprotected.com
Amazon
2021-11-19 -
2022-12-18
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
adentifi.com
Amazon
2021-09-04 -
2022-10-03
a year crt.sh
*.gumgum.com
Amazon
2022-05-06 -
2023-06-04
a year crt.sh

This page contains 131 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: 0E8BCA9AE4F167061CE29966E2F14808
Requests: 125 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Frame ID: 8AF28670BC488A3E3D6F31EA8379BBB0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 13A35B512686C1D26E93421EF8D99333
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 59642095BC67890E2C3A35DB06CF4320
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: BB657888593F3EB3895525D8A4552D44
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=65172291402423224&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=1&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 720D965CFFEF6E095237B476A3EE638F
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 530AE1A37E99514618283679DB7DC576
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 3864BDA843C835D5300DC70C0B347737
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 3AE4A3FA5BD2938DDF0F424613A77252
Requests: 13 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 5E3CFF112371B2B42FC92515F700830E
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: CDAA89ACD8641EA6AB0A4E24B963922D
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Frame ID: D43CD3211276131FB2A4828ECAE85C33
Requests: 21 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: E48E3A2EBC40CFC1BCAAD32BAED9F1AC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: C981181B44C8ED268FD19D02CA7E8D13
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 35012A4DD62C78C6BD9AB8D653059B5B
Requests: 28 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: ADD96EB5E32974AEDE3DAEA69E4FDE9C
Requests: 2 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: 043850A27F2006D9CF256517F533B89B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: F6CA9D1F8C1AC32973137DDA6E70BAF5
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 67ED73A88C26415BDDDDECFF48F3AF6D
Requests: 8 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_65172291402423224&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F1fe50076-f152-4d1e-aca4-ac081f359156%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D40607c47b2326bb29212f7580ba25ac8
Frame ID: 87D0CAF916619B2BA6757E05DA932032
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: A20A6BD2B71C3EC21EADAAA4BF3BECCD
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 52AA96EF96A24A1DCF7C6508E1EC0BBF
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 3BE7C91168948B247DD2861BA516CA2D
Requests: 8 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 54B8C7E1510ABD616389EFCABC913191
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 5C46D03ED791615950CF421BD6E03794
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 738927D678F25E1205757CB08B2C06AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: C1DADDC59D59E5663160D79997624542
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8890989073348379753
Frame ID: 9322FAFAC86608FAAC404C2A2B36D9B4
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 90AA521335D112DFFAEE450820857789
Requests: 13 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5b76564d-22ef-4297-b56f-11b820420fd9
Frame ID: 98C7AED11F3779E1843FA9724CFEF9E6
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 8E8DB9D2E68139BFC7B70D2EE8820896
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 3BB24A96CB9B0B0843EA11DE50ED455B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Frame ID: 2F19D73E3ACE86228FA390493187A957
Requests: 9 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 57BC70CBEA1C57847E5EEBD43F6CEFED
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 943F2EC5A9E5756F5749857CAF9E8879
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 57EA46291BFBE214188D5ED93182C13A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 1719A7DE26B8D2C7E7C4E33A469C1A03
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5771192511099334769
Frame ID: CD6A800C39CCAE2F79F62B4B974FA232
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 22E3C940D1CF8607213795B103349133
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: F5E0AAC173E0F8A227BEF455474C99BC
Requests: 4 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=8890989073348379753
Frame ID: 902870BF38D6D26EBA16F5C74AEFA6B5
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: A9C64805C5FF3771B5AB86C033AAF7F1
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AA7CRTmkhoAqAcvF
Frame ID: 563A1572FBD25DB7BA919460F2174749
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 62AE2542DFFBFD8192694375AB2046FF
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=2&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 792B33A4BCC9B49D174033C0307EA896
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 9FB61071DBA4011FFDE44CEB82734652
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 7FF4D0B6770F140F69C4759C18D2AAC5
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AA7CRTmkhoAqAcvF
Frame ID: 485AC7F709D965A5775FCDCC1F471C72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Frame ID: F46C03668194F0E8CAC18551011BA0FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Frame ID: A8B41B7868C2DD26D8A1BECA8B070A0F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Frame ID: 6A51712B6AFDE8A3ABD650F7FA065CD7
Requests: 10 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: F8DB8A3288A8D8D7EAAA14A279F79CAE
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 99D84B243E1F23EDC54DAB6350333FE7
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: E1A9BA285345DF6EE7C77A76BDE601F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Frame ID: 3DACB04B049858E6A72CBE914798D2F6
Requests: 17 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fd866b1b8-d7fa-484c-9492-34710e4ce109%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI4LCJzaG93X2lkIjoiZDg2NmIxYjgtZDdmYS00ODRjLTk0OTItMzQ3MTBlNGNlMTA5IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D7b799a9cda764d53aabd8acecbbf5261&showId=d866b1b8-d7fa-484c-9492-34710e4ce109&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd
Frame ID: 0D1D739CC8B47888D41C037D7F7F0A0F
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 61B142335F819238CCBCD215DF42C940
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Frame ID: DC648AF278C524A62AD4C63064CB8392
Requests: 4 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 9157C5497DA277B7669B269C2193E64B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 293ECC7952E876E3C55F90FE18EBA537
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: E130883CCAF23C4EF567A0AF9E23CF89
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522d866b1b8-d7fa-484c-9492-34710e4ce109%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d866b1b8-d7fa-484c-9492-34710e4ce109%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: EB863505BB46BCE5837E97EE122D99EB
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522d866b1b8-d7fa-484c-9492-34710e4ce109%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d866b1b8-d7fa-484c-9492-34710e4ce109%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: E929E1A3B48120E6A8F59EF474E2D0B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Frame ID: D0554CBF332F2D28C012EE5B24C0877D
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Frame ID: 2919B88CC89245DC675647BC7B4115A6
Requests: 44 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 8B2E4A850706C03542CE0399DFD309ED
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=3&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: C06A4004662E543B3E91DE0EA2494FBD
Requests: 2 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 08559B3EC6F2CDF6ED1FEEAED9C163BA
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AA7CRTmkhoAqAcvF
Frame ID: 3A65772B00E7EFCC91B3C2FE19468BB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820316&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528429067&bpp=8&bdt=82&idt=109&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=5934688548278&frm=8&ife=1&pv=2&ga_vid=1321067920.1655528429&ga_sid=1655528429&ga_hid=261691692&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1373777333&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2788399133417738&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.pjcuxn1nk4ma&fsb=1&dtd=123
Frame ID: A0E03921AE73D5C43A7FF2150593D9B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B75E667C57CE6871F19B68776413B25A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40E94A46CC43FD4201BBCA057FA2D734
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E27B01F666D8FF12FE71C745EBA1C430
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD0CC1EB552970D2B923920CE137402C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D404DB6DCF34DF2CC40D2A969272C72F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 970B49D3191727DBFD9D55EB274CADF3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 992B9A22590E0EAB6246A8CFE8B55358
Requests: 2 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fd71ffa45-195b-44a8-8427-c26a54bc3720%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI5LCJzaG93X2lkIjoiZDcxZmZhNDUtMTk1Yi00NGE4LTg0MjctYzI2YTU0YmMzNzIwIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc71fc3a8a2a98ab540d39a3e148fb64d&showId=d71ffa45-195b-44a8-8427-c26a54bc3720&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd
Frame ID: F82E94F103CE5E20141C3A3574301B47
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522d71ffa45-195b-44a8-8427-c26a54bc3720%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d71ffa45-195b-44a8-8427-c26a54bc3720%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: A72CAB89BE4B3898B88F9E19A776B27E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522d71ffa45-195b-44a8-8427-c26a54bc3720%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d71ffa45-195b-44a8-8427-c26a54bc3720%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 6FD1CF6D1631F8D9A3057074A0549E42
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGPqCwcoBMAE&v=APEucNUp-Dlo65vvxQFyTJ0FQgVBP6namWmw-Aql9V97CZMcQtWlbVp8VNTwTFJjP4SJuZZ-Vc3s8MzjFo6bz3CgJsLJe7T5_rJPzo6wYow0XYYjm-17h2qLf7X8snd6G0cQZGe2mDqI1PGTXp_yg79XPxlFPz6VK77T5xS77FwPuPfp7z15jeI
Frame ID: A599133CA3199B20491F103DB313F7C0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 2C108DBC1C074F0B7BD1AB42EA82F1B0
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Frame ID: 709DBD994D5CAABBE86AC53E7CB511CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yq1b7AAJwvaGzAAo&gdpr=0&gdpr_consent=
Frame ID: 430AFB248ABFDC8B37004C5454BE5079
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: D6EEDFFE6CB92BCB24B389DDD231BA05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3cb862ad-5bed-4300-ac8a-1fd20d146b14&gdpr=0&gdpr_consent=
Frame ID: 16FC4076D3914BCC716FD334F783ABA2
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 749886EDE22AB4D5DEF446B052A62F92
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 879A228B648CFB1215AD4A3F5BC93070
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 40862C46564F027F75612482F683CD8A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=675823621855
Frame ID: 2FEFEC67306C33D01E94E537B01B1F26
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5tBk1kwx1O2qzr5&gdpr=0&gdpr_consent=
Frame ID: 31E25D9222B2AB9C899C509773794D74
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 339A94645D19E3BB6A2683FCDD4817DE
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 2C443FA1C2D880B694BBB0E545D7E562
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 434B0E1C02DFFC4DF64C7B42C46B04C7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7ed9a0fd-ebef-4282-878f-df286dbac497
Frame ID: C9CB56B37CF1A7E2A0B413EF9609D958
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 510D5D4B7CE1953D189B114DDB4BA020
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d078bdd9-7494-4da0-9680-582879060e7f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Frame ID: FF17532430E47C7285741E1B058347FE
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2b02da0c-ac3e-4ea5-bf32-70f8c641a659-tuct9a6e16d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 640A29F1976671EFE583FDB1664EB4E6
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=7e8db8008544cb3a&uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Frame ID: C464DF5AABA0EB9D562589B7F9B49B6F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CA36076014D47131461BB1280AA8A1FB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGO2GwcoBMAE&v=APEucNVpIwIV9irijv30r6DzmOi1UFIUqpxLnY4sWk0GIqii8buK92gLg-LYXADDDrWs6fo2kYTH10aC8lFN1Gvf2wA8Wmoa5eifH35qxCftFy6oP4jZ3jb-HyICkte9X8M_LgQwyizFz4uyxDNSzuJmgPhFS0fv42pnH7ZiSyC0Iwx0hzDapVw
Frame ID: EA738E06A13B7F21701A0F37CEC24E7A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 00DF7639D9E77EE4942C571038E695CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A73CA84EF305CE8F0C9220058FF580D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16EC0539496421E1A29B3AC7E819DDF6
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 5305AA8159678D87B8C83BFCE3163BAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 80DFB20AE0BED592A3BBC43DED5B5130
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C80057EBE2013C77A76482E525C04E2A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823869&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528429606&bpp=12&bdt=206&idt=406&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=4774550765480&frm=8&ife=1&pv=2&ga_vid=1561587913.1655528430&ga_sid=1655528430&ga_hid=1812444650&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3853590412&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31067769%2C42531605%2C42531608%2C31065825&oid=2&pvsid=2096387545079407&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ax1dj21qbied&fsb=1&dtd=420
Frame ID: 4F0340AF55915FD8E8465E53C9EC9D96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FE78FDA2162071EE8D5FDACD567CDA84
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Frame ID: 399F241AC217DDAA09ACB1B871D84FBF
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 7E6E1767BECDB0C8D117B83BA0A6948C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD78218C99FDD9FA4953BB3BFE7286DD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5D5C0B2B1D75D7F78A52D490BBE0116
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A9741A441D19BD7BED65819C8D384EA9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B782157B79EADCC4372E88BCF09490B1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 27014FC3E41C6B89063F6DA376FD3EBF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 96B69CA61FD86F29DB41D77A7B689CA4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DEF6D64BEFD368194270016A33E3A359
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 13731BBA695E8232CD3C2D2B8E1F3F4C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 38FF74BCE8F03E1E179CDC0EAB3957B0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6119977725
Frame ID: FE72425353104E749683C4B6B46CB3D5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
Frame ID: 5A1703B227BEFA325552ACEED9469FCD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HNu6hRnjQmdk4kVZmd_WhNmKxGM
Frame ID: 4A6E11357B07C09E470602B218E80750
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=juG9l1HWCzWFEn8V8FutYg
Frame ID: AD917B3690643ED87CCF23B32F758820
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=7ed9cdc1beb8ef27&uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Frame ID: 0B297F2AD4C8F5A3DE411E90BE1A6255
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5017687871
Frame ID: AAD6C1B5390A12BB6BD3FF6588421239
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
Frame ID: 981C889AAE59E6809F7040B1B4749EA3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6Q-IBnnbSjdR9V9okZdWmdmKxGM
Frame ID: EAE602AF78773CF1A53DE6A776A0FA52
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=FnaQv_xFBbex3tZn8FutYg
Frame ID: 6EBE581FDF366AE680D40F5416060852
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Frame ID: 4D6D22F8FA76D61AE9A404B1F61EF0BE
Requests: 1 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=7ed9cdc1beb8ef27&uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Frame ID: 5A376A6BF7CBFE7891AC03EF6BBF285F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

612
Requests

74 %
HTTPS

22 %
IPv6

109
Domains

161
Subdomains

105
IPs

17
Countries

4932 kB
Transfer

10493 kB
Size

155
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • http://a4p.adpartner.pro/branding?id=1550&0.3331838784525203 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.3331838784525203
Request Chain 58
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 59
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.5778275594335149 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.5778275594335149 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.5778275594335149
Request Chain 67
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n5503&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 70
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=688787862&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=643061180&utmr=-&utmp=%2F&utmht=1655528427335&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1386756890.1655528427.1655528427.1655528427.1%3B%2B__utmz%3D148597372.1655528427.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1147962215&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=688787862&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=643061180&utmr=-&utmp=%2F&utmht=1655528427335&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1386756890.1655528427.1655528427.1655528427.1%3B%2B__utmz%3D148597372.1655528427.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1147962215&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1386756890.1655528427&jid=1147962215&_v=5.7.2&z=688787862 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1386756890.1655528427&jid=1147962215&_v=5.7.2&z=688787862 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1386756890.1655528427&jid=1147962215&_v=5.7.2&z=688787862&slf_rd=1&random=732122035
Request Chain 84
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_423809&url=http%3A%2F%2Fzdorovia.com.ua%2F HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_423809&url=http%3A%2F%2Fzdorovia.com.ua%2F
Request Chain 91
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 92
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB
Request Chain 93
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=eaef3e8ad51b439f8299d617ffecd440&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=eaef3e8ad51b439f8299d617ffecd440&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c5992057-d116-475f-a56f-fd26a216474a&ssp=admixer&gdpr=&gdpr_consent=
Request Chain 95
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=eaef3e8ad51b439f8299d617ffecd440 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z56B3E6DAE674F78A0A0FC380DB57CEB&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=eaef3e8ad51b439f8299d617ffecd440
Request Chain 96
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Deaef3e8ad51b439f8299d617ffecd440 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=9238933f-eec3-11ec-8728-801844df0ab8 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=lemma&user_id=9238933f-eec3-11ec-8728-801844df0ab8 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=aed88965-cc67-40f3-bbcc-51bbcc9b8863&ssp=lemma HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=c5992057-d116-475f-a56f-fd26a216474a HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=9238933f-eec3-11ec-8728-801844df0ab8 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=c5992057-d116-475f-a56f-fd26a216474a HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=c5992057-d116-475f-a56f-fd26a216474a HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=338f4f5f-a8e6-4695-9669-71dd34e1ec0a&user_group=1&ssp=lemma&bsw_param=c5992057-d116-475f-a56f-fd26a216474a HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=c5992057-d116-475f-a56f-fd26a216474a HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=eaef3e8ad51b439f8299d617ffecd4409238933f-eec3-11ec-8728-801844df0ab8
Request Chain 97
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=0205e699-1718-52a9-b1ab-9cc6d306c72d
Request Chain 99
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Deaef3e8ad51b439f8299d617ffecd440 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Deaef3e8ad51b439f8299d617ffecd440&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUIyM0FBOUEtMzhERC00RDZELUEzMzMtNTM5RkRGREZDRjEz&gdpr=0&gdpr_consent=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUIyM0FBOUEtMzhERC00RDZELUEzMzMtNTM5RkRGREZDRjEz&gdpr=0&gdpr_consent=0&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11576&id=eaef3e8ad51b439f8299d617ffecd440
Request Chain 102
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 103
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=eaef3e8ad51b439f8299d617ffecd440 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=eaef3e8ad51b439f8299d617ffecd440
Request Chain 104
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-pe4GGxtE2uFkH1Dc_aw1D7i0c8QVOW7DrpXxsQg-~A
Request Chain 107
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3DEB23AA9A-38DD-4D6D-A333-539FDFDFCF13 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Request Chain 110
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d9e06798-a675-44d2-8df8-20d92f975ccd
Request Chain 115
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7e8db8008544cb3a%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D7e8db8008544cb3a%2526uid%253D%2524UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7e8db8008544cb3a&uid=8890989073348379753
Request Chain 116
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 121
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 137
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0302529d-d3d6-4f39-bd6a-07115ec66a7f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Request Chain 142
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Request Chain 143
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=9fd7238f-dd73-4f9f-8b51-d3bd1ebcbf0d&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 144
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=22777325864304179063780404123747324637&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Request Chain 146
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7110440455866742923&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Request Chain 148
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361&bounce=1&random=2782782501 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=FV/LUlcd4353Jry0cyyVmO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Request Chain 149
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 151
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-vrg2eMhE2oq0T3ABSXIzW8ttLIsVrY21sw--~A&zpartnerid=570&env=mWeb
Request Chain 152
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=dXClg%2FprakoNNLtH6cn3hG7NKJhQ%2Fl7%2B%2BS41iYitP1U%3D
Request Chain 156
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361&_test=Yq1b7AAJwvaGzAAo HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yq1b7AAJwvaGzAAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361&_test=Yq1b7AAJwvaGzAAo
Request Chain 158
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Request Chain 159
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361&dcc=t
Request Chain 161
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Request Chain 166
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8890989073348379753
Request Chain 168
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5b76564d-22ef-4297-b56f-11b820420fd9
Request Chain 170
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d9e06798-a675-44d2-8df8-20d92f975ccd
Request Chain 171
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=b4aa3df4-0a31-4bd3-b7fb-2433e7b3325c
Request Chain 172
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8890989073348379753
Request Chain 173
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=5a7d1f8a-84ff-44ec-8e7b-1ad356ea374f
Request Chain 176
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=eaef3e8ad51b439f8299d617ffecd440
Request Chain 183
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7ed9cdc1beb8ef27%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7ed9cdc1beb8ef27&uid=8890989073348379753
Request Chain 185
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 194
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3D7a0daae8-7d41-4a79-678f-99aadd767b0a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=7a0daae8-7d41-4a79-678f-99aadd767b0a&zdid=1361
Request Chain 196
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5771192511099334769
Request Chain 197
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=f46b4e9de06a6769
Request Chain 200
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 201
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=8890989073348379753
Request Chain 202
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yq1b7CMSAqsT5-pQYqA69QAA%26301
Request Chain 203
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Request Chain 229
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 232
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=eaef3e8ad51b439f8299d617ffecd440&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=0205e699-1718-52a9-b1ab-9cc6d306c72d&ssp=admixer&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=c5992057-d116-475f-a56f-fd26a216474a&gdpr=&consent=&gdpr_pd=
Request Chain 251
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7ed9cdc1beb8ef27%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7ed9cdc1beb8ef27&uid=8890989073348379753
Request Chain 253
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 276
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Da3b68edf-ad91-475d-4ef5-f223083ddf49%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=a3b68edf-ad91-475d-4ef5-f223083ddf49&zdid=1361
Request Chain 316
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 326
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=&google_gid=CAESEK9PHSPwcXzeZXGvBZSJwzk&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 327
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5771192511099334769 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Request Chain 367
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yq1b7AAJwvaGzAAo&gdpr=0&gdpr_consent=
Request Chain 368
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKalFrN0ZXcmdBQUJTMl9CbDZ5Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 369
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3cb862ad-5bed-4300-ac8a-1fd20d146b14&gdpr=0&gdpr_consent=
Request Chain 373
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=675823621855
Request Chain 374
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5tBk1kwx1O2qzr5&gdpr=0&gdpr_consent=
Request Chain 375
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 376
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 378
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7ed9a0fd-ebef-4282-878f-df286dbac497
Request Chain 379
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 380
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d078bdd9-7494-4da0-9680-582879060e7f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Request Chain 381
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2b02da0c-ac3e-4ea5-bf32-70f8c641a659-tuct9a6e16d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 385
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cad062ad-5bed-4600-9a34-dc28e18bdc19
Request Chain 386
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOCsErcc7ilZrLKa6HT4bIM&google_cver=1
Request Chain 388
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3699384941058415959&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 391
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AwBQ68ZE2uXZ8Aj8FgZeFmgU2okltEQ-~A&gdpr=0&gdpr_consent=
Request Chain 392
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9352bfff-eec3-11ec-8c0d-337669439089&gdpr=0&gdpr_consent=
Request Chain 393
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8890989073348379753&gdpr=0&gdpr_consent=
Request Chain 396
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c5992057-d116-475f-a56f-fd26a216474a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=ff903a9a-97d4-4f9e-b0cc-669591a9b4e2&expires=1&user_group=5&ssp=pubmatic&bsw_param=c5992057-d116-475f-a56f-fd26a216474a HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c5992057-d116-475f-a56f-fd26a216474a&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 397
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=U0PoR1AT7EdIE7ASVkakFFFEvhBIQbAbBhPK8QkP
Request Chain 398
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F1A5DCA6_C629DF7&r=https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 399
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5771192511099334769
Request Chain 400
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8890989073348379753
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=&google_gid=CAESEK9PHSPwcXzeZXGvBZSJwzk&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 416
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5771192511099334769 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Request Chain 419
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwMxb7qnCs3KLHrcwB3Q9w&google_cver=1
Request Chain 420
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq1b7CMSAqsT5-pQYqA69QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwMxb7qnCs3KLHrcwB3Q9w&google_cver=1
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENGhJVTMhIXo89p22y3R1J8&google_cver=1
Request Chain 422
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg5MDk4OTA3MzM0ODM3OTc1Mw%3D%3D
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECNWFSoTcTOcpzxzTTqyJW0&google_cver=1
Request Chain 434
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFNFjYUZYVwSshKJDJ8_GzQ&google_cver=1
Request Chain 440
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEL2IU848UqD5NFKeIRoxZA&google_cver=1&google_push=ARnp8GBVvcCVl7t6_ykDsgvWGeoTajIaMjrJJsw0_VI5UWbjpb1qOjuYCpK-PeLWwYOhPrDLCk7HDHcz_bEf6qwWj6RozmisXWLpQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBVvcCVl7t6_ykDsgvWGeoTajIaMjrJJsw0_VI5UWbjpb1qOjuYCpK-PeLWwYOhPrDLCk7HDHcz_bEf6qwWj6RozmisXWLpQQ&google_hm=cWB3GezbldNgejps3toxHw
Request Chain 441
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GC9wZBHQ9f5DjHrLosddUkb6CivAlRYMMlaspgoRarUUKWmJal-mRwSp4F9tq2ocUlpfV_6IA9jZ3JiSdItAcDHwrVCJ5-NNQ&google_gid=CAESEEC7a-WO7SzFdDt440aUdks&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO23tZUGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUm5wOEdDOXdaQkhROWY1RGpIckxvc2RkVWtiNkNpdkFsUllNTWxhc3Bnb1JhclVVS1dtSmFsLW1Sd1NwNEY5dHEyb2NVbHBmVl82SUE5alozSmlTZEl0QWNESHdyVkNKNS1OTlE HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwakNNb1oxRlV0RUkyaE53dEhMUmh5LTYxQWRNaTFzdkVJSVFnZkcweEVVQQ==&google_push
Request Chain 444
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEo5AGqLhOkHtJk44skaejU&google_cver=1&google_push=ARnp8GDdHIABHzEqFvXgg33_k-310kt616xzHbmi_Ao4PATjpLPdwTtd-IGG86s6z0vIAGzfaUgpgb5jInJl2eWj55tCy1EJkG_Faw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDdHIABHzEqFvXgg33_k-310kt616xzHbmi_Ao4PATjpLPdwTtd-IGG86s6z0vIAGzfaUgpgb5jInJl2eWj55tCy1EJkG_Faw
Request Chain 445
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN8073sYJ9vzJI-HUx7jr-o&google_cver=1&google_push=ARnp8GB2QFwfSIfDPQz_rXulkIek64l2JHtMLcgIugyhRLaCpWtzEY-MxEBygfE_vUG0ltnEG8Gd8qslxJcvDVy7PK9uLXvNHqTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZSVlktNy1NNE5P&google_push=ARnp8GB2QFwfSIfDPQz_rXulkIek64l2JHtMLcgIugyhRLaCpWtzEY-MxEBygfE_vUG0ltnEG8Gd8qslxJcvDVy7PK9uLXvNHqTc
Request Chain 446
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&google_push=ARnp8GCVOWbgx3e1qUdPJBPPhWIwWmWvIXnGDwBf04XmYWoE5ZkQSZQ6nhG6Uzfs3fjdRceE0z2a5YHrNyQbIWCdTAJIcKmbixFk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_push=ARnp8GCVOWbgx3e1qUdPJBPPhWIwWmWvIXnGDwBf04XmYWoE5ZkQSZQ6nhG6Uzfs3fjdRceE0z2a5YHrNyQbIWCdTAJIcKmbixFk&google_cver=1&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc
Request Chain 448
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145646/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417943%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1655528428%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1655528428772%26bpp%3D2%26bdt%3D695%26idt%3D167%26shv%3Dr20220615%26mjsv%3Dm202206140101%26ptt%3D9%26saldr%3Daa%26correlator%3D2138816995503%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1386756890.1655528427%26ga_sid%3D1655528427%26ga_hid%3D1122636691%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44763827%252C31065741%252C31068031%26oid%3D2%26pvsid%3D3733430330646665%26tmod%3D1053751258%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.bndv2ojkvd0y%26fsb%3D1%26dtd%3D173&adsafe_type=d&adsafe_jsinfo=,id:165b283a-4bfa-1471-43d9-ee2ecaae944e,c:fRxX01,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-t985h,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:35,oid:931a243b-eec3-11ec-bc69-520ed5c1185b,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 461
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145720/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D250%26slotname%3D6208660382%26adk%3D2159672584%26adf%3D2751417948%26pi%3Dt.ma~as.6208660382%26w%3D300%26lmt%3D1655528428%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1655528428852%26bpp%3D2%26bdt%3D717%26idt%3D105%26shv%3Dr20220615%26mjsv%3Dm202206140101%26ptt%3D9%26saldr%3Daa%26correlator%3D2138816995503%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1386756890.1655528427%26ga_sid%3D1655528427%26ga_hid%3D1697581068%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D970%26ady%3D933%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1564989781%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31067769%252C42531605%26oid%3D2%26pvsid%3D2243736371601816%26tmod%3D1326392155%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.yibyr0cbvb9r%26fsb%3D1%26dtd%3D122&adsafe_type=d&adsafe_jsinfo=,id:d48ddb93-4e33-5167-1b65-b6445bf05481,c:fRxX4G,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-qshkx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t95azQk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:30,oid:931a249a-eec3-11ec-b2bd-86a0353e4bdb,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 485
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=&google_gid=CAESEK9PHSPwcXzeZXGvBZSJwzk&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 487
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5771192511099334769 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Request Chain 515
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEL2IU848UqD5NFKeIRoxZA&google_cver=1&google_push=ARnp8GC50vMviRdcyvoElHUaaOTp-0xnoTn3UcY3NKiFEUpywWMr-9s9MXJH6l2emtFGRZacEwNYRaZdLOB35dNQ4v9DxNGyV5J5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GC50vMviRdcyvoElHUaaOTp-0xnoTn3UcY3NKiFEUpywWMr-9s9MXJH6l2emtFGRZacEwNYRaZdLOB35dNQ4v9DxNGyV5J5&google_hm=cWB3GezbldNgejps3toxHw
Request Chain 516
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEOXg93rnPAvk6pqR-WvI-gc&google_cver=1&google_push=ARnp8GCFHg4nKrT6DRXqXw7CrVlo0_ogtDMSGNcJ-EPk4zvKDGCAo0YyLg06SKPNahTFwuU_7QB1uxXC-wSe3nfnxTS5enkUIqNl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCFHg4nKrT6DRXqXw7CrVlo0_ogtDMSGNcJ-EPk4zvKDGCAo0YyLg06SKPNahTFwuU_7QB1uxXC-wSe3nfnxTS5enkUIqNl&google_hm=Q0FFU0VPWGc5M3JuUEF2azZwcVItV3ZJLWdj
Request Chain 517
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCYqfSyU53-7FbEGpaWw1f-a4giahqcBiesSkr6w5J3bJkRvbQ3h96LicW1M14NB0FqYfw9p9KpxVBxXxvd04KGGmZuZCc&google_gid=CAESEHU1nRGO0pdMcQk85CaVbw4&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCYqfSyU53-7FbEGpaWw1f-a4giahqcBiesSkr6w5J3bJkRvbQ3h96LicW1M14NB0FqYfw9p9KpxVBxXxvd04KGGmZuZCc&google_gid=CAESEHU1nRGO0pdMcQk85CaVbw4&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTgwNTAwMzEwMDA5NjU4NDM3MDU1Ng%3D%3D&google_push=ARnp8GCYqfSyU53-7FbEGpaWw1f-a4giahqcBiesSkr6w5J3bJkRvbQ3h96LicW1M14NB0FqYfw9p9KpxVBxXxvd04KGGmZuZCc
Request Chain 519
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEo5AGqLhOkHtJk44skaejU&google_cver=1&google_push=ARnp8GAS_juC422JgAcPRxtDhYhAnonIKzW7XzqABeZbo40JjwOZ9DAz3Bnzl9m1mJX8VAeJYLqhlWlgZY_yku9Q7qrzyrrTCP46 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAS_juC422JgAcPRxtDhYhAnonIKzW7XzqABeZbo40JjwOZ9DAz3Bnzl9m1mJX8VAeJYLqhlWlgZY_yku9Q7qrzyrrTCP46
Request Chain 520
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN8073sYJ9vzJI-HUx7jr-o&google_cver=1&google_push=ARnp8GCHLaQKgxcRU6NIJaPWjPz9WCzIyQFq5ApmIZBcllXgC6tVEHDOErXupa_-_Qf7zupiTXlwbp34tr0GRZc6SolhRGoJaL4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZTUlktMUQtNUlQMQ==&google_push=ARnp8GCHLaQKgxcRU6NIJaPWjPz9WCzIyQFq5ApmIZBcllXgC6tVEHDOErXupa_-_Qf7zupiTXlwbp34tr0GRZc6SolhRGoJaL4w
Request Chain 521
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&google_push=ARnp8GANKg1RQ1ut36ZJviI9yWHo0Jq9IjUcXT1Nlug6fluwUndhvVyn2A7OTtZlZFmdRc4EklbpxhEPlSpYVWuc9FLyZ5ZDuiGt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_cver=1&google_push=ARnp8GANKg1RQ1ut36ZJviI9yWHo0Jq9IjUcXT1Nlug6fluwUndhvVyn2A7OTtZlZFmdRc4EklbpxhEPlSpYVWuc9FLyZ5ZDuiGt&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc
Request Chain 529
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEL2IU848UqD5NFKeIRoxZA&google_cver=1&google_push=ARnp8GBPElA-cXlPTQSL6HrYHV1lVEmBQaSXgqMeXLVd-iETb9ryu4lJNjI4iAfimAO9C3HVpG1H2ioVdnpkTt3RAjZ7pGipdj4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBPElA-cXlPTQSL6HrYHV1lVEmBQaSXgqMeXLVd-iETb9ryu4lJNjI4iAfimAO9C3HVpG1H2ioVdnpkTt3RAjZ7pGipdj4&google_hm=cWB3GezbldNgejps3toxHw
Request Chain 530
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEOXg93rnPAvk6pqR-WvI-gc&google_cver=1&google_push=ARnp8GDkO67896uq-jBi9RQ9zSkV52IPmewqO_mux7c-rlRXqajw3uUMPKW3DkzVozq1T6DXpBUEvsuzmGFpKt9Gdgdrpf-qPMWn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GDkO67896uq-jBi9RQ9zSkV52IPmewqO_mux7c-rlRXqajw3uUMPKW3DkzVozq1T6DXpBUEvsuzmGFpKt9Gdgdrpf-qPMWn&google_hm=Q0FFU0VPWGc5M3JuUEF2azZwcVItV3ZJLWdj
Request Chain 533
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEo5AGqLhOkHtJk44skaejU&google_cver=1&google_push=ARnp8GDbWY7OGWG6dm0BhZRHJnCiSUdZsCUTJ8W89cYxQwjFQ85vRigpMshVfH_0Kuxn-oyexNd3s1cEh089N6hVZ7pngpu8srUs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDbWY7OGWG6dm0BhZRHJnCiSUdZsCUTJ8W89cYxQwjFQ85vRigpMshVfH_0Kuxn-oyexNd3s1cEh089N6hVZ7pngpu8srUs
Request Chain 534
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN8073sYJ9vzJI-HUx7jr-o&google_cver=1&google_push=ARnp8GA73_39kR2_my76s84lx4beuENpWOFrpSRoepPhogD0a0V_QxGtL0imjyji7nZRN0BvaMD2QpG69n2xxi2xFX0xn3v830PG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZTVU8tUi1SNFc=&google_push=ARnp8GA73_39kR2_my76s84lx4beuENpWOFrpSRoepPhogD0a0V_QxGtL0imjyji7nZRN0BvaMD2QpG69n2xxi2xFX0xn3v830PG
Request Chain 535
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&google_push=ARnp8GBArOiq3JqF-Rbb7Y_lUwcfRJURsYjCqy-tS9knpA56l1wqHF4ELnWUYmtI0K6O9gDmN6tbfdS08WEMLVHSHpAijdHyvc9N HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&google_push=ARnp8GBArOiq3JqF-Rbb7Y_lUwcfRJURsYjCqy-tS9knpA56l1wqHF4ELnWUYmtI0K6O9gDmN6tbfdS08WEMLVHSHpAijdHyvc9N
Request Chain 569
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1655528431675 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6119977725
Request Chain 570
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
Request Chain 571
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HNu6hRnjQmdk4kVZmd_WhNmKxGM
Request Chain 572
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=juG9l1HWCzWFEn8V8FutYg
Request Chain 574
  • https://pixel.onaudience.com/?partner=214&mapped=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=13017b97dca19c34bbdb9ba112041a9f&gdpr=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=26cb9f1e1fee4f6d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=26cb9f1e1fee4f6d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent} HTTP 302
  • https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=d2f410214eaec4f6
Request Chain 575
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&addseg=11,34,40
Request Chain 576
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 580
  • https://pixel.onaudience.com/?partner=214&mapped=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 581
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&gdpr= HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&addseg=11,34,40
Request Chain 582
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 584
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5017687871
Request Chain 585
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
Request Chain 586
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6Q-IBnnbSjdR9V9okZdWmdmKxGM
Request Chain 588
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=FnaQv_xFBbex3tZn8FutYg
Request Chain 606
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:EB23AA9A-38DD-4D6D-A333-539FDFDFCF13 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=94c5b0e0-eec3-11ec-a9a5-06119d0d8b4f&companyId=673&id=pubmatic_id:EB23AA9A-38DD-4D6D-A333-539FDFDFCF13

612 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
zdorovia.com.ua/
89 KB
23 KB
Document
General
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
eacc5c1f227757577961e63cdce9fe3068f7e5562e0c8c2c58f37350e04fb251

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Sat, 18 Jun 2022 05:00:26 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/
38 KB
39 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Mon, 18 Jul 2022 05:00:26 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/
27 KB
27 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Mon, 18 Jul 2022 05:00:26 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/
267 KB
267 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Mon, 18 Jul 2022 05:00:26 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/
12 KB
13 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Mon, 18 Jul 2022 05:00:26 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/
64 KB
64 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Mon, 18 Jul 2022 05:00:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/
84 KB
85 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 13:11:08 GMT
X-Content-Type-Options
nosniff
Age
56958
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
85925
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="hosted-libraries-pushers"
Expires
Sat, 17 Jun 2023 13:11:08 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/
4 KB
5 KB
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Mon, 18 Jul 2022 05:00:26 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/
16 KB
16 KB
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Mon, 18 Jul 2022 05:00:26 GMT
media.js
zdorovia.com.ua/templates/default3/js/
0
0
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/
13 KB
13 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Mon, 18 Jul 2022 05:00:26 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/
7 KB
8 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Mon, 18 Jul 2022 05:00:26 GMT
loader2.js
scripts.go2net.com.ua/scripts3/
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-06-15T15:31:05+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Wed, 18 May 2022 15:36:34 GMT
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-06-18T04:56:56+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:25 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/
2 KB
2 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Mon, 18 Jul 2022 05:00:27 GMT
skrytayaag1.jpg
zdorovia.com.ua/uploads/dsn/41/0c/001/
14 KB
15 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/41/0c/001/skrytayaag1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
164af201f5fbd33692ad8492c4b6fbb086826e7abdecbf9709ff144060540fdd

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 15 Jun 2022 20:40:53 GMT
Server
nginx/1.12.1
ETag
"62aa43d5-3987"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14727
Expires
Mon, 18 Jul 2022 05:00:27 GMT
3ed1dffcadf474f1478e48001a20f4343ca103cd1.jpg
zdorovia.com.ua/uploads/dsn/11/52/002/
17 KB
18 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/11/52/002/3ed1dffcadf474f1478e48001a20f4343ca103cd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b5c099e51f583677c365ac6124f224849c308ec1d0060dde244446cb7a5dcd74

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Tue, 14 Jun 2022 08:56:58 GMT
Server
nginx/1.12.1
ETag
"62a84d5a-450e"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17678
Expires
Mon, 18 Jul 2022 05:00:27 GMT
shutterstock_632544941-18463-288041.jpg
zdorovia.com.ua/uploads/dsn/91/08/002/
22 KB
22 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/91/08/002/shutterstock_632544941-18463-288041.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8f0d370040854764327b438aaa978105ba66f1d22a2d16f8abf56fda88cbc10f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Mon, 13 Jun 2022 20:41:56 GMT
Server
nginx/1.12.1
ETag
"62a7a114-5875"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22645
Expires
Mon, 18 Jul 2022 05:00:27 GMT
ai-248889-aux-head-20170505_mysli_new_t1.jpg
zdorovia.com.ua/uploads/dsn/f9/f9/002/
20 KB
20 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/f9/f9/002/ai-248889-aux-head-20170505_mysli_new_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
bd43e9afffa375b83820ee779c0f2a917b6e65ddf822ae21c6b0cfe9e9a5c3d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 12 Jun 2022 20:17:18 GMT
Server
nginx/1.12.1
ETag
"62a649ce-4ec1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20161
Expires
Mon, 18 Jul 2022 05:00:27 GMT
aux-head-1532008741-20180719_les_jagody_t1.jpg
zdorovia.com.ua/uploads/dsn/1b/70/001/
32 KB
32 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/1b/70/001/aux-head-1532008741-20180719_les_jagody_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
126f811e0afe1b7f004f3edbea475094a2c22939e1ecfcdd0a7e86feabd4da27

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Fri, 10 Jun 2022 20:12:15 GMT
Server
nginx/1.12.1
ETag
"62a3a59f-7e94"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32404
Expires
Mon, 18 Jul 2022 05:00:27 GMT
d068605-depositphotos-110762450-l-20151.jpg
zdorovia.com.ua/uploads/dsn/f8/8c/001/
26 KB
27 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/f8/8c/001/d068605-depositphotos-110762450-l-20151.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ed14c8f2a126d78e1423face18245b9d7070e6efefef46c870ed4c70658d11cd

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Thu, 09 Jun 2022 08:55:24 GMT
Server
nginx/1.12.1
ETag
"62a1b57c-69b5"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27061
Expires
Mon, 18 Jul 2022 05:00:27 GMT
vzhati.jpeg
zdorovia.com.ua/uploads/dsn/51/a6/001/
18 KB
19 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/51/a6/001/vzhati.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99e1f7f30256ab164bcd52ba6331097ae879d262b8aa2b664f507ef6c0db7671

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 08 Jun 2022 09:15:16 GMT
Server
nginx/1.12.1
ETag
"62a068a4-495f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18783
Expires
Mon, 18 Jul 2022 05:00:27 GMT
zhuliasi.jpg
zdorovia.com.ua/uploads/dsn/42/c5/001/
12 KB
13 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/42/c5/001/zhuliasi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Mon, 06 Jun 2022 10:12:41 GMT
Server
nginx/1.12.1
ETag
"629dd319-31cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12749
Expires
Mon, 18 Jul 2022 05:00:27 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/
29 KB
29 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Mon, 18 Jul 2022 05:00:27 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/
30 KB
30 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Mon, 18 Jul 2022 05:00:27 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/
24 KB
24 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Mon, 18 Jul 2022 05:00:27 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/
13 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Mon, 18 Jul 2022 05:00:27 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/
22 KB
22 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Mon, 18 Jul 2022 05:00:27 GMT
kor.jpg
zdorovia.com.ua/uploads/dsn/3b/80/005/
20 KB
20 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/3b/80/005/kor.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 08 Sep 2021 08:44:53 GMT
Server
nginx/1.12.1
ETag
"61387805-4f89"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20361
Expires
Mon, 18 Jul 2022 05:00:27 GMT
doglyad.jpg
zdorovia.com.ua/uploads/dsn/dd/14/018/
18 KB
18 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/14/018/doglyad.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Fri, 29 Jan 2021 10:09:42 GMT
Server
nginx/1.12.1
ETag
"6013dee6-4655"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18005
Expires
Mon, 18 Jul 2022 05:00:27 GMT
shud.jpg
zdorovia.com.ua/uploads/dsn/9f/63/014/
16 KB
16 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/9f/63/014/shud.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 27 Jan 2021 13:56:56 GMT
Server
nginx/1.12.1
ETag
"60117128-3ff4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16372
Expires
Mon, 18 Jul 2022 05:00:27 GMT
5.jpg
zdorovia.com.ua/uploads/dsn/03/2b/055/
33 KB
34 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/03/2b/055/5.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Fri, 15 Jan 2021 10:50:41 GMT
Server
nginx/1.12.1
ETag
"60017381-84f8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34040
Expires
Mon, 18 Jul 2022 05:00:27 GMT
b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
zdorovia.com.ua/uploads/dsn/41/69/002/
15 KB
15 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/41/69/002/b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Mon, 18 Apr 2022 19:59:33 GMT
Server
nginx/1.12.1
ETag
"625dc325-3b39"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15161
Expires
Mon, 18 Jul 2022 05:00:27 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/
12 KB
12 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Mon, 18 Jul 2022 05:00:27 GMT
0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
zdorovia.com.ua/uploads/dsn/c2/6d/002/
32 KB
33 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/c2/6d/002/0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Thu, 06 Jan 2022 20:09:55 GMT
Server
nginx/1.12.1
ETag
"61d74c93-814b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33099
Expires
Mon, 18 Jul 2022 05:00:27 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/
14 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Mon, 18 Jul 2022 05:00:27 GMT
kurkuma1.jpg
zdorovia.com.ua/uploads/dsn/b6/ce/003/
32 KB
32 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/b6/ce/003/kurkuma1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
83924e1048daf674ec6d237889a0afa30392cd58147e9dbbcf672ba58840293d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Fri, 03 Jun 2022 08:16:19 GMT
Server
nginx/1.12.1
ETag
"6299c353-7f5a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32602
Expires
Mon, 18 Jul 2022 05:00:27 GMT
zhl.jpg
zdorovia.com.ua/uploads/dsn/ce/f1/002/
19 KB
19 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/ce/f1/002/zhl.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d1393a1a39514819587ea7f328eaa5227e14d01f362dd5db1adfc30aeaba18a2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 01 Jun 2022 13:16:49 GMT
Server
nginx/1.12.1
ETag
"629766c1-4b95"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19349
Expires
Mon, 18 Jul 2022 05:00:27 GMT
ai-217504-aux-head-20160809_produkty-t1.jpg
zdorovia.com.ua/uploads/dsn/ad/9e/001/
28 KB
29 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/ad/9e/001/ai-217504-aux-head-20160809_produkty-t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ab420a1b05301d25dd20fcd88331d007bf6208241e9ea887b5e6fe3ff89f730b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 12 Jun 2022 19:56:43 GMT
Server
nginx/1.12.1
ETag
"62a644fb-70ca"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28874
Expires
Mon, 18 Jul 2022 05:00:27 GMT
limoooo.jpeg
zdorovia.com.ua/uploads/dsn/39/18/001/
14 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/39/18/001/limoooo.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ad90c72c916983c74bff0e9d17a9bd5f1511156dd0b14fdebd495ac008b29765

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sat, 04 Jun 2022 18:49:50 GMT
Server
nginx/1.12.1
ETag
"629ba94e-388d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14477
Expires
Mon, 18 Jul 2022 05:00:27 GMT
iiii.jpg
zdorovia.com.ua/uploads/dsn/2f/3e/002/
44 KB
45 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/2f/3e/002/iiii.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f2215033dfa8c17e7ca34c814dfbb6795f646fb6062e6ccc701c96e8ab74e9fa

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Tue, 14 Jun 2022 13:41:32 GMT
Server
nginx/1.12.1
ETag
"62a8900c-b121"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45345
Expires
Mon, 18 Jul 2022 05:00:27 GMT
dda3ed8df0a793c7cce411be8707881933d7758b1.jpg
zdorovia.com.ua/uploads/dsn/99/b6/001/
63 KB
63 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/99/b6/001/dda3ed8df0a793c7cce411be8707881933d7758b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
80286e0801df9518d1d1d1181974c1e7b0dd6e73c6f39db55967e215d41a2d91

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Thu, 16 Jun 2022 08:13:41 GMT
Server
nginx/1.12.1
ETag
"62aae635-fb8c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64396
Expires
Mon, 18 Jul 2022 05:00:27 GMT
68307ceecea4bf906347dc57a2bd5434e27ec7bb1.jpeg
zdorovia.com.ua/uploads/dsn/77/d0/001/
30 KB
30 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/77/d0/001/68307ceecea4bf906347dc57a2bd5434e27ec7bb1.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
71fc8608a89562a2d3f01432fe9119be5591770b3009203536c1411186197e62

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Thu, 16 Jun 2022 08:06:59 GMT
Server
nginx/1.12.1
ETag
"62aae4a3-78a3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30883
Expires
Mon, 18 Jul 2022 05:00:27 GMT
eab55a908f6dc505a850e68ef08beda5a804c0901.jpg
zdorovia.com.ua/uploads/dsn/28/6f/002/
26 KB
26 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/28/6f/002/eab55a908f6dc505a850e68ef08beda5a804c0901.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
efe2d0874a4d2d1e8bd38eb0fded111968ce47bea2e0a649e9190eb1a054990c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Thu, 16 Jun 2022 08:00:17 GMT
Server
nginx/1.12.1
ETag
"62aae311-6811"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26641
Expires
Mon, 18 Jul 2022 05:00:27 GMT
shutterstock_1008313948.jpg
zdorovia.com.ua/uploads/dsn/37/15/001/
33 KB
33 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/37/15/001/shutterstock_1008313948.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8c046437526bcf825118fdf7807de310d676badb0d699e9f5c5f75ba74567577

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 08 Jun 2022 05:52:14 GMT
Server
nginx/1.12.1
ETag
"62a0390e-83a4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33700
Expires
Mon, 18 Jul 2022 05:00:27 GMT
zhiiir.jpg
zdorovia.com.ua/uploads/dsn/73/26/004/
14 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/73/26/004/zhiiir.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
14826ac7e71aa382242c9411704b011152300bf40e1627595076a2480280b8af

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 08 Jun 2022 06:05:55 GMT
Server
nginx/1.12.1
ETag
"62a03c43-3840"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14400
Expires
Mon, 18 Jul 2022 05:00:27 GMT
kmk.jpg
zdorovia.com.ua/uploads/dsn/30/bd/001/
19 KB
19 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/30/bd/001/kmk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f99cb79fd6ac0ce3561d51bafa271b8c7e5751d541c3d50a432b400c85c6a499

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 08 Jun 2022 05:56:21 GMT
Server
nginx/1.12.1
ETag
"62a03a05-4c7e"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19582
Expires
Mon, 18 Jul 2022 05:00:27 GMT
uzhlst.jpg
zdorovia.com.ua/uploads/dsn/a8/ad/001/
28 KB
28 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/a8/ad/001/uzhlst.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4808ac5d99ea06411190f330780a3f8d8bf96b3e433137fa64bbc4307b6788e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Wed, 08 Jun 2022 06:01:22 GMT
Server
nginx/1.12.1
ETag
"62a03b32-70ad"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28845
Expires
Mon, 18 Jul 2022 05:00:27 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/
5 KB
5 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Mon, 18 Jul 2022 05:00:26 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/
5 KB
5 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:26 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Mon, 18 Jul 2022 05:00:26 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/
30 KB
31 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Mon, 18 Jul 2022 05:00:27 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/
13 KB
13 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Mon, 18 Jul 2022 05:00:27 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/
13 KB
13 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Mon, 18 Jul 2022 05:00:27 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/
13 KB
14 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Mon, 18 Jul 2022 05:00:27 GMT
3_1_3.png
i.i.ua/r/
2 KB
3 KB
Image
General
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Age
41358
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
71d1761d2bdf3622-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Tue, 13 Jun 2023 02:40:39 GMT
logo
counter.yadro.ru/
672 B
896 B
Image
General
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
672
Expires
Sat, 17 Jun 2023 21:00:00 GMT
iframe_api
www.youtube.com/
980 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f8e518cd706f3f6c743f964efa6f5cf3a4f2ea5b589694dec8ed2295b4f2bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 18 Jun 2022 05:00:27 GMT
vast.js
cdn.admixer.net/scripts3/r/
0
0

branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.3331838784525203
  • https://a4p.adpartner.pro/branding?id=1550&0.3331838784525203
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.3331838784525203
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:27 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.3331838784525203
Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4665
date
Sat, 18 Jun 2022 03:42:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sat, 18 Jun 2022 05:42:42 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.5778275594335149
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 17 Jun 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.5778275594335149
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 17 Jun 2021 21:00:00 GMT
s
r.i.ua/
43 B
852 B
Image
General
Full URL
http://r.i.ua/s?u152465&p0&n0.37152297502923926&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:27 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
71d1761d181a35e3-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/
89 KB
89 KB
Image
General
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:27 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/
3 KB
3 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Mon, 18 Jul 2022 05:00:27 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/
26 KB
26 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Mon, 18 Jul 2022 05:00:27 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/
251 B
583 B
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Mon, 18 Jul 2022 05:00:27 GMT
link-arrow.png
zdorovia.com.ua/templates/default3/img/
3 KB
3 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Mon, 18 Jul 2022 05:00:27 GMT
page.php
www.facebook.com/plugins/ Frame 8AF2
15 KB
9 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b92c0caaaf082b47a978444807a3f8214377afd2d65ea9ad40e118295392bf68
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sat, 18 Jun 2022 05:00:27 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
PcHbbcQTCBfHnSX1ou3oU0Stfwqn6kYA6o4962me1PkdQiSqnGX4t+XqtXaYtwgUQAj3rJwhwVkpgKnBItJuQA==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n5503&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB
Image
General
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Tue, 21 Jun 2022 05:00:27 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
www-widgetapi.js
www.youtube.com/s/player/f05de49d/www-widgetapi.vflset/
157 KB
51 KB
Script
General
Full URL
https://www.youtube.com/s/player/f05de49d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3322e4697d424c705cfe921a4086dbb13982e9265276ced4e8a002ba6da78bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 02:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
10283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52281
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 00:19:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 18 Jun 2023 02:09:04 GMT
uW5A-9M9qu_.css
static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/ Frame 8AF2
18 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/l/0,cross/uW5A-9M9qu_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
417dbce419383072377a955804304271ad17feb16889c06d05023898df3b6a49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wNfQQXzjcvSHi20fs+m+0w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4761
x-fb-rlafr
0
x-fb-debug
aVlNH56q6ih15HxKIdIoBxTW9m/TgCOxW2pOl6dl7syRLDvKrTkf0tohR6eeWInFOizM0OddTmtpymU+je740w==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 17 Jun 2023 14:51:40 GMT
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=688787862&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=688787862&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1386756890.1655528427&jid=1147962215&_v=5.7.2&z=688787862
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1386756890.1655528427&jid=1147962215&_v=5.7.2&z=688787862
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1386756890.1655528427&jid=1147962215&_v=5.7.2&z=688787862&slf_rd=1&random=732122035
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1386756890.1655528427&jid=1147962215&_v=5.7.2&z=688787862&slf_rd=1&random=732122035
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1386756890.1655528427&jid=1147962215&_v=5.7.2&z=688787862&slf_rd=1&random=732122035
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 13A3
738 B
510 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:27 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc32
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/
23 KB
8 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-31T09:05:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 09:05:56 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/
75 KB
20 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 5964
738 B
396 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:27 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc32
branding.min.js
a4p.adpartner.pro/apstc/
13 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.3331838784525203
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:27 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame BB65
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.3331838784525203
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sat, 18 Jun 2022 05:00:27 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame 720D
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=65172291402423224&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=1&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.3331838784525203
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
b80373045e99f69b1ad509576cd1d5ba53237508826acddde57e6e4e05411405

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:27 GMT
server
nginx
analytics.js
www.google-analytics.com/ Frame 720D
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=65172291402423224&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=1&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
680
date
Sat, 18 Jun 2022 04:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 18 Jun 2022 06:49:07 GMT
branding
a4p.adpartner.pro/ Frame 720D
1 KB
888 B
XHR
General
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=65172291402423224&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=1&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
40d130e5e3ac56a96f4a30983edc991604d52492088e772164395588ac4cd4cf

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=65172291402423224&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=1&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 18 Jun 2022 05:00:27 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
dsp.aspx
ads.go2net.com.ua/
8 KB
3 KB
Script
General
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4183020136689519&cpv=d92c641e-85a9-457d-c452-7331480cfe13&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22571747b6-cbe1-b5a9-abb3-106ec997a953%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220a186ad0-b44f-e0ef-3e15-c70062ccb9d1%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22b7c3a7d6-6314-876c-b39d-acce46cf912c%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
fc8a22b220de93a325e6f4baec8d597162c70dac008cb2aba8453c7857075ce3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2771
X-Xss-Protection
0
dsp.aspx
inv-nets.admixer.net/
8 KB
3 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8840755246706040&cpv=d92c641e-85a9-457d-c452-7331480cfe13&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22677b58e1-3823-d51c-7b17-c0488f4c5f98%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2284bd90e1-70ad-cef6-c789-ec67bbca8419%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2294006fd0-b7be-3730-c100-79c58d70e7f7%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2246818c15-4cbe-db0e-d2a6-adb13427a754%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
a1ce86b84eb7fea4333f16d9d5e38f1f3c51e9b290e91e026237dcbdaf6d4eff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2358
X-Xss-Protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/
13 KB
13 KB
Image
General
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:27 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame 530A
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:27 GMT
expires
0
pragma
no-cache
server
nginx
/
adx.adform.net/adx/
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_423809&url=http%3A%2F%2Fzdorovia.com.ua%2F
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_423809&url=http%3A%2F%2Fzdorovia.com.ua%2F
3 KB
2 KB
Script
General
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_423809&url=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
32aefdfce89c4a4696f3e8619b5e8943eaea71f5532723df2d84a67e1eaed8d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTMyMzA0Mw&callback=globalAml.oid_423809&url=http%3A%2F%2Fzdorovia.com.ua%2F
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/46506/
28 KB
11 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/46506/
42 KB
18 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-05-31T09:05:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 09:05:59 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/46506/
13 KB
5 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/46506/
11 KB
4 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/46506/
215 KB
74 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
/
onetag-sys.com/usync/ Frame 3864
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4183020136689519&cpv=d92c641e-85a9-457d-c452-7331480cfe13&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22571747b6-cbe1-b5a9-abb3-106ec997a953%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220a186ad0-b44f-e0ef-3e15-c70062ccb9d1%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22b7c3a7d6-6314-876c-b39d-acce46cf912c%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 3AE4
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4183020136689519&cpv=d92c641e-85a9-457d-c452-7331480cfe13&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22571747b6-cbe1-b5a9-abb3-106ec997a953%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220a186ad0-b44f-e0ef-3e15-c70062ccb9d1%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%2C%7B%22id%22%3A%22b7c3a7d6-6314-876c-b39d-acce46cf912c%22%2C%22tagid%22%3A%22211243eb-11ba-464c-a0c6-ba847f55b0ad%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_211243eb11ba464ca0c6ba847f55b0ad_zone_13175_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5c648b0b18c0625108e728131807e2ea6cb26708931c7f8f13e4d419589a146d

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:27 GMT
expires
Sat, 18 Jun 2022 05:00:27 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sat, 18 Jun 2022 05:00:27 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
304
Expires
Sat, 18 Jun 2022 05:00:28 GMT
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=eaef3e8ad51b439f8299d617ffecd440&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=eaef3e8ad51b439f8299d617ffecd440&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c5992057-d116-475f-a56f-fd26a216474a&ssp=admixer&gdpr=&gdpr_consent=
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c5992057-d116-475f-a56f-fd26a216474a&ssp=admixer&gdpr=&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c5992057-d116-475f-a56f-fd26a216474a&ssp=admixer&gdpr=&gdpr_consent=
Date
Sat, 18 Jun 2022 05:00:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
ap.lijit.com/
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:27 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=eaef3e8ad51b439f8299d617ffecd440
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z56B3E6DAE674F78A0A0FC380DB57CEB&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=eaef3e8ad51b439f8299d617ffecd440
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z56B3E6DAE674F78A0A0FC380DB57CEB&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z56B3E6DAE674F78A0A0FC380DB57CEB&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=eaef3e8ad51b439f8299d617ffecd440
date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-cache
server
nginx/1.18.0
content-length
0
expires
-1
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3Deaef3e8ad51b...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=9238933f-eec3-11ec-8728-801844df0ab8
  • https://x.bidswitch.net/ul_cb/sync?ssp=lemma&user_id=9238933f-eec3-11ec-8728-801844df0ab8
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=aed88965-cc67-40f3-bbcc-51bbcc9b8863&ssp=lemma
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=c5992057-d116-475f-a56f-fd26a216474a
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=9238933f-eec3-11ec-8728-801844df0ab8
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=c5992057-d116-475f-a56f-fd26a216474a
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=c5992057-d116-475f-a56f-fd26a216474a
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=338f4f5f-a8e6-4695-9669-71dd34e1ec0a&user_group=1&ssp=lemma&bsw_param=c5992057-d116-475f-a56f-fd26a216474a
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=c5992057-d116-475f-a56f-fd26a216474a
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=eaef3e8ad51b439f8299d617ffecd4409238933f-eec3-11ec-8728-801844df0ab8
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=eaef3e8ad51b439f8299d617ffecd4409238933f-eec3-11ec-8728-801844df0ab8
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=eaef3e8ad51b439f8299d617ffecd4409238933f-eec3-11ec-8728-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=0205e699-1718-52a9-b1ab-9cc6d306c72d
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=0205e699-1718-52a9-b1ab-9cc6d306c72d
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=0205e699-1718-52a9-b1ab-9cc6d306c72d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
idsync
idsync.admixer.co.kr/
43 B
904 B
Image
General
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18-Jun-2022 14:00:29 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
cs
cs.yellowblue.io/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Deaef3e8ad51b439f8299d617ffecd440
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3Deaef3e8ad51b439f8299d617ffecd440&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUIyM0FBOUEtMzhERC00RDZELUEzMzMtNTM5RkRGREZDRjEz&gdpr=0&gdpr_consent=0
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUIyM0FBOUEtMzhERC00RDZELUEzMzMtNTM5RkRGREZDRjEz&gdpr=0&gdpr_consent=0&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=0
  • https://cs.yellowblue.io/cs?aid=11576&id=eaef3e8ad51b439f8299d617ffecd440
0
280 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11576&id=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
3.216.198.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-198-78.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
http://zdorovia.com.ua/
date
Sat, 18 Jun 2022 05:00:29 GMT
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11576&id=eaef3e8ad51b439f8299d617ffecd440
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
100
content-type
text/html; charset=utf-8
sync.html
s.console.adtarget.com.tr/
63 B
63 B
Image
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
sfaf25.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B
Image
General
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT, Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Sat, 18 Jun 2022 05:00:28 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=eaef3e8ad51b439f8299d617ffecd440
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=eaef3e8ad51b439f8299d617ffecd440
43 B
130 B
Image
General
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
144.76.118.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.233.118.76.144.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=eaef3e8ad51b439f8299d617ffecd440
date
Sat, 18 Jun 2022 05:00:28 GMT
server
nginx
etag
W/"88d00a0a251bc6f27bb3c1c46acec436bbf914e58bbd82a72e14444c43efc3aa"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-pe4GGxtE2uFkH1Dc_aw1D7i0c8QVOW7DrpXxsQg-~A
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-pe4GGxtE2uFkH1Dc_aw1D7i0c8QVOW7DrpXxsQg-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-pe4GGxtE2uFkH1Dc_aw1D7i0c8QVOW7DrpXxsQg-~A
date
Sat, 18 Jun 2022 05:00:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/
42 B
510 B
Image
General
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=eaef3e8ad51b439f8299d617ffecd440&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
1px-matching-admixer.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3DEB23AA9A-38DD-4D6D-A333-539FD...
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
date
Sat, 18 Jun 2022 05:00:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
1px-matching-go2net.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sync.html
s.adtelligent.com/ Frame 5E3C
3 KB
2 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8840755246706040&cpv=d92c641e-85a9-457d-c452-7331480cfe13&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22677b58e1-3823-d51c-7b17-c0488f4c5f98%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2284bd90e1-70ad-cef6-c789-ec67bbca8419%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2294006fd0-b7be-3730-c100-79c58d70e7f7%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2246818c15-4cbe-db0e-d2a6-adb13427a754%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
42664f9e0f4f18a21091f2eddca5d06ab4a1cb832d47eae22cbca6a6dcdceaa7

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1249
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
Adtelligent
X-Robots-Tag
noindex
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d9e06798-a675-44d2-8df8-20d92f975ccd
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d9e06798-a675-44d2-8df8-20d92f975ccd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d9e06798-a675-44d2-8df8-20d92f975ccd
date
Sat, 18 Jun 2022 05:00:27 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
pixelSync
pixel.sitescout.com/dmp/ Frame 3AE4
0
191 B
Image
General
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7e8db8008544cb3a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 3AE4
43 B
352 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D7e8db8008544cb3a%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
sa5sq9j23jejbl6qvnbrfva9u6405lqp
ptag
a.audrte.com/ Frame 3AE4
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
543e9f02671e13d4e6fc561d24865c9c91019a7a3c82a9fd6224c8bc5bb3d577

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 3AE4
566 B
521 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:27 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 17 Jun 2027 05:00:27 GMT
um
u-ams02.e-planning.net/ Frame 3AE4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7e8db8008544cb3a%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253D7e8db8008544cb3a%2526uid%253D%2524UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7e8db8008544cb3a&uid=8890989073348379753
42 B
104 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7e8db8008544cb3a&uid=8890989073348379753
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
18786e1d-bafa-493c-bc4f-88426bd9bd7b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7e8db8008544cb3a&uid=8890989073348379753
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CDAA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Jun 2022 05:00:28 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 18 Jun 2022 05:00:28 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D43C
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=94624
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 19 Jun 2022 07:17:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame E48E
1 KB
988 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame C981
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 3501
7 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25d6f11535532e928c979bcec6cce4a3b573affee1914d560dcc79ea33f8ae6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
71d17623a9cc01e7-ZRH
content-encoding
br
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
media
a4p.adpartner.pro/ Frame ADD9
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
loader2.js
scripts.go2net.com.ua/scripts3/ Frame 0438
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-06-15T15:31:05+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Wed, 18 May 2022 15:36:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F6CA
164 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a49ca12d6a5e621c12c4747d0c6fcd7876a5b71cc4c34c11b07f92f9563207e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56329
x-xss-protection
0
server
cafe
etag
5260317051072517239
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 67ED
164 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cad0abc84efa9d7d6013414d63ae9d73b854e711ebb8460fee5510b54c79cab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56328
x-xss-protection
0
server
cafe
etag
12780250676264956238
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:28 GMT
ev_view.aspx
ads.go2net.com.ua/
43 B
300 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=138d8175-e2f8-4586-b3fe-549d96f607a6&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9ed89d6f-f2ee-4d9a-957e-1e0f2b4c1b86&inst=ADS-EU-6&ts=637911252277521778&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=49bccbf5-6aef-443c-8d8b-d5e5938aa176&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9cb8997e-6ba4-46db-b560-2d4bb741a898&inst=ADS-EU-6&ts=637911252278027235&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=15b9797d-9d3f-43e0-82d0-f1298c8b7f03&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9cb8997e-6ba4-46db-b560-2d4bb741a898&inst=ADS-EU-6&ts=637911252278027235&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=4&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=db79cf4a-3f78-4338-b6b3-a57ff9681b32&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9cb8997e-6ba4-46db-b560-2d4bb741a898&inst=ADS-EU-6&ts=637911252278027235&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
zdorovia.com.ua_160x600_br1.html
file.adpartner.pro/2297/2297845/ Frame 87D0
3 KB
1 KB
Document
General
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_65172291402423224&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F1fe50076-f152-4d1e-aca4-ac081f359156%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D40607c47b2326bb29212f7580ba25ac8
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"62947f06-cf9"
last-modified
Mon, 30 May 2022 08:23:34 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame A20A
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:28 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 52AA
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25221fe50076-f152-4d1e-aca4-ac081f359156%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:28 GMT
expires
0
pragma
no-cache
server
nginx
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3BE7
164 KB
56 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c1b12cd0b9f4b2c59c8680c5003baa750b6a91ef78f86d2ca38167b6796ec7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
8602043458874040792
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
56329
X-XSS-Protection
0
Expires
Sat, 18 Jun 2022 05:00:28 GMT
ev_prebid.aspx
ads.go2net.com.ua/
0
220 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&device=28&rule=323CA158-54EA-47F4-83D3-BA5C22D4CCE1&requestId=3ac5ecb9-818f-42e5-9b68-aa858bedd4e0&hp=1048539382&page=zdorovia.com.ua%2F&segments=494%2C4%2C2&ts=637911252277521778&ap=MA%3D%3D&asign=676817720&sync=3%2C88%2C80&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=E4391929-8523-47EC-9B3C-357AB8574452&inst=ADS-EU-6&pxl=0&pvid=9ed89d6f-f2ee-4d9a-957e-1e0f2b4c1b86&ip=217.138.196.99&item=F34E2A12-1873-45CF-A327-13F884B02F8C&crid=F34E2A12-1873-45CF-A327-13F884B02F8C&size=240x350&profile=4C02EB63-7790-4196-82B4-5362F7AB3A87&isopt=0&adv=N%2FA&dsp=Adform&dstUrl=http%3A%2F%2F&cet=24&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/
43 B
300 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=4&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=3ac5ecb9-818f-42e5-9b68-aa858bedd4e0&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9ed89d6f-f2ee-4d9a-957e-1e0f2b4c1b86&inst=ADS-EU-6&ts=637911252277521778&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
getuid
ib.adnxs.com/ Frame 3501
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 3501
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=0302529d-d3d6-4f39-bd6a-07115ec66a7f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7...
95 B
181 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=0302529d-d3d6-4f39-bd6a-07115ec66a7f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d176258b3c01e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=0302529d-d3d6-4f39-bd6a-07115ec66a7f&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 3501
0
331 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3501
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0%26reqId%3Df8a62767-261a-4de7-613c-a62eb94e3f16%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 3501
0
163 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
24
date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1655528428.336220,VS0,VE24
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6951-MXP
u
dmp.v.fwmrm.net/ad/ Frame 3501
0
411 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:8513:7dd7:332b:6625 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:29 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a627...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d1762c486401e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
date
Sat, 18 Jun 2022 05:00:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=9fd7238f-dd73-4f9f-8b51-d3bd1ebcbf0d&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=9fd7238f-dd73-4f9f-8b51-d3bd1ebcbf0d&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d176261bad01e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=9fd7238f-dd73-4f9f-8b51-d3bd1ebcbf0d&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=22777325864304179063780404123747324637&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=22777325864304179063780404123747324637&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17625fb8e01e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v034-058ca741f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6PItwXFhRv8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=22777325864304179063780404123747324637&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 3501
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7110440455866742923&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7110440455866742923&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17625eb8501e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7110440455866742923&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 3501
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=FV/LUlcd4353Jry0cyyVmO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4d...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=FV/LUlcd4353Jry0cyyVmO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17626bc1501e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
last-modified
Sat, 18 Jun 2022 05:00:28 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=FV/LUlcd4353Jry0cyyVmO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17626ec3201e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tpid=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0
bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/ Frame 3501
0
0
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-vrg2eMhE2oq0T3ABSXIzW8ttLIsVrY21sw--~A&zpartnerid=570&env=mWeb
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-vrg2eMhE2oq0T3ABSXIzW8ttLIsVrY21sw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17626bc1601e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-vrg2eMhE2oq0T3ABSXIzW8ttLIsVrY21sw--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=dXClg%2FprakoNNLtH6cn3hG7NKJhQ%2Fl7%2B%2BS41iYitP1U%3D
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=dXClg%2FprakoNNLtH6cn3hG7NKJhQ%2Fl7%2B%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17626ec3701e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=dXClg%2FprakoNNLtH6cn3hG7NKJhQ%2Fl7%2B%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 3501
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 3501
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.64.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-64-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1655528428
x-served-by
beacon-n023-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 3501
95 B
359 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yq1b7AAJwvaGzAAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yq1b7AAJwvaGzAAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361&_test=Yq1b7AAJwvaGzAAo
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17628bd6701e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1655528429.821471,VS0,VE0
x-served-by
cache-lcy19222-LCY
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=Yq1b7AAJwvaGzAAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361&_test=Yq1b7AAJwvaGzAAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 3501
0
206 B
Image
General
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-56.fra50.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
ybiz7pnuG7oxgUzwPO6OLLLBW4bwKGi_1_a4n5iluds9aqRGYGrrxg==
x-cache
Miss from cloudfront
usermatch.gif
beacon.krxd.net/ Frame 3501
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
54.76.64.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-64-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1655528429
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
date
Sat, 18 Jun 2022 05:00:28 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3501
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd...
43 B
645 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
54.239.37.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1J1F59HW906GNSQNZ7M9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0933FEY6VWRKG5MWM7NA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 3501
0
225 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 3501
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17627dcc401e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
date
Sat, 18 Jun 2022 05:00:28 GMT
cross-origin-resource-policy
cross-origin
content-length
0
d
ic.tynt.com/r/ Frame 54B8
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Sat, 18 Jun 2022 05:00:28 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame 5C46
1 KB
996 B
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
033a53416c1a8de97aa263b853cccc6c938fabce45a09a6938f963368b674c1b

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
691
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 7389
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1DA
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=94624
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 19 Jun 2022 07:17:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 9322
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8890989073348379753
0
390 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8890989073348379753
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 18 Jun 2022 05:00:28 GMT
Etag
589f7a4a25a5e1a0
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
3d9414db-bda7-44db-8479-922475b51782
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Jun 2022 05:00:28 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=8890989073348379753
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
/
ads.us.e-planning.net/uspd/1/ Frame 90AA
2 KB
963 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
4440b4ee008d9f1725a1df1257da07a2d2d6aa238e4b9569cff88dabcc240a9e

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
expires
Sat, 18 Jun 2022 05:00:28 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601
csync
sync.adtelligent.com/ Frame 98C7
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5b76564d-22ef-4297-b56f-11b820420fd9
0
407 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5b76564d-22ef-4297-b56f-11b820420fd9
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 18 Jun 2022 05:00:28 GMT
Etag
589f7a4a25a5e1a0
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71d176251aca01e7-ZRH
content-length
0
date
Sat, 18 Jun 2022 05:00:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=5b76564d-22ef-4297-b56f-11b820420fd9
server
cloudflare
sync.html
s.adtelligent.com/ Frame 8E8D
2 KB
1 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
713b1f4af50233e8a002ae691629fe3a3ff822aa59549efa3b12edba2742e8c2

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
895
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Jun 2022 05:00:27 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 5E3C
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d9e06798-a675-44d2-8df8-20d92f975ccd
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d9e06798-a675-44d2-8df8-20d92f975ccd
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
589f7a4a25a5e1a0
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d9e06798-a675-44d2-8df8-20d92f975ccd
date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame 5E3C
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=b4aa3df4-0a31-4bd3-b7fb-2433e7b3325c
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=b4aa3df4-0a31-4bd3-b7fb-2433e7b3325c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
589f7a4a25a5e1a0
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=b4aa3df4-0a31-4bd3-b7fb-2433e7b3325c
date
Sat, 18 Jun 2022 05:00:28 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 5E3C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8890989073348379753
0
390 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8890989073348379753
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
589f7a4a25a5e1a0
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aef7a48b-76b2-4cb0-98f0-e7b0ae631676
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8890989073348379753
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 5E3C
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=5a7d1f8a-84ff-44ec-8e7b-1ad356ea374f
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=5a7d1f8a-84ff-44ec-8e7b-1ad356ea374f
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
589f7a4a25a5e1a0
Content-Length
0

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=5a7d1f8a-84ff-44ec-8e7b-1ad356ea374f
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
eqtcrf12n01l4p7vnv1m5sibt2qcli40
pixel
ap.lijit.com/ Frame 5E3C
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:28 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
vid.vidoomy.com/ Frame 5E3C
0
0
Image
General
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

csync
sync.adtelligent.com/ Frame 5E3C
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=eaef3e8ad51b439f8299d617ffecd440
0
403 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
589f7a4a25a5e1a0
Content-Length
0

Redirect headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=eaef3e8ad51b439f8299d617ffecd440
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 87D0
117 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_65172291402423224&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F1fe50076-f152-4d1e-aca4-ac081f359156%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D40607c47b2326bb29212f7580ba25ac8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fbad9dc1e6fef17269b949d872b1f58ffaba7e151fa7673b86c684563c35d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39791
x-xss-protection
0
server
cafe
etag
10411242319929322329
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D43C
6 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=67535841&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
498e70d10508acefa3670ef3a1de3a9b252fede49222f69ec64d5b8ec66f5653

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixelSync
pixel.sitescout.com/dmp/ Frame 90AA
0
191 B
Image
General
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7ed9cdc1beb8ef27
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 90AA
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D7ed9cdc1beb8ef27%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
gg3bs3ceaquh1lgb5h42qdt2kqn6f3ps
ptag
a.audrte.com/ Frame 90AA
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
543e9f02671e13d4e6fc561d24865c9c91019a7a3c82a9fd6224c8bc5bb3d577

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 90AA
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 17 Jun 2027 05:00:28 GMT
um
u-ams02.e-planning.net/ Frame 90AA
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7ed9cdc1beb8ef27%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7ed9cdc1beb8ef27&uid=8890989073348379753
42 B
103 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7ed9cdc1beb8ef27&uid=8890989073348379753
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ded579bb-655e-4f21-9ddb-6e7c979a4eaa
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7ed9cdc1beb8ef27&uid=8890989073348379753
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame CDAA
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41601
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Sat, 18 Jun 2022 16:33:49 GMT
usync.html
eus.rubiconproject.com/ Frame 3BB2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Jun 2022 05:00:28 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 18 Jun 2022 05:00:28 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2F19
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=94624
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 19 Jun 2022 07:17:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 57BC
1 KB
988 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 943F
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 57EA
322 B
657 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb5fad81b9af9a0fa3f5574dbc0294f8babc522f2f44f31ec9ef54f983ca557

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
71d17624eaa901e7-ZRH
content-encoding
br
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
c.html
cdn.admixer.net/scripts3/46506/ Frame 1719
738 B
419 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc32
loader2.js
scripts.go2net.com.ua/scripts3/
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-06-15T15:31:05+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Wed, 18 May 2022 15:36:34 GMT
khaos.jpg
token.rubiconproject.com/ Frame CDAA
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/jpg
dsp.aspx
ads.go2net.com.ua/
5 KB
2 KB
Script
General
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=5093867744358000&cpv=d92c641e-85a9-457d-c452-7331480cfe13&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22957e1afd-f17b-346a-f087-ef2966dc72ce%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22d78a3683-5edd-e7df-b3a4-8a75c9582048%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
ce39bcc2263a3cd16e47ae1527b8d7ee5bb65b46252999a238dd63ca29cebca6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
1887
X-Xss-Protection
0
mw
mwzeom.zeotap.com/ Frame 57EA
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=7a0daae8-7d41-4a79-678f-99aadd767b0a&zdid=1361
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=7a0daae8-7d41-4a79-678f-99aadd767b0a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d17626ec3401e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=7a0daae8-7d41-4a79-678f-99aadd767b0a&zdid=1361
date
Sat, 18 Jun 2022 05:00:28 GMT
cross-origin-resource-policy
cross-origin
content-length
0
usync.js
eus.rubiconproject.com/ Frame 3BB2
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41601
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Sat, 18 Jun 2022 16:33:49 GMT
csync
sync.console.adtarget.com.tr/ Frame CD6A
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5771192511099334769
0
406 B
Document
General
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5771192511099334769
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 18 Jun 2022 05:00:28 GMT
Etag
f46b4e9de06a6769
Server
VertaMedia 1.0

Redirect headers

content-length
0
content-type
text/plain
date
Sat, 18 Jun 2022 05:00:28 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5771192511099334769
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 5C46
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=f46b4e9de06a6769
0
403 B
Image
General
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=f46b4e9de06a6769
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
f46b4e9de06a6769
Content-Length
0

Redirect headers

Location
https://sync.console.adtarget.com.tr/csync?t=a&ep=318342&extuid=f46b4e9de06a6769
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
f46b4e9de06a6769
Content-Length
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame 87D0
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e9ebaee81871691ba0ae4ea0d1d6d8f375bf61106c4bb03e70daf7179ec0032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122729
x-xss-protection
0
server
cafe
etag
6897824556669791418
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 22E3
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=94624
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 19 Jun 2022 07:17:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F5E0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Jun 2022 05:00:28 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 18 Jun 2022 05:00:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
csync
sync.spotim.market/ Frame 9028
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=8890989073348379753
0
386 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=8890989073348379753
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 18 Jun 2022 05:00:28 GMT
Etag
589f7a4a25a5e1a0
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
191b490e-00ff-40ae-839e-c9fadc56a626
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Jun 2022 05:00:28 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=8890989073348379753
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
csync
sync.adtelligent.com/ Frame 8E8D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yq1b7CMSAqsT5-pQYqA69QAA%26301
0
399 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yq1b7CMSAqsT5-pQYqA69QAA%26301
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
589f7a4a25a5e1a0
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=Yq1b7CMSAqsT5-pQYqA69QAA%26301
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
278
Expires
Sat, 18 Jun 2022 05:00:28 GMT
csync
sync.spotim.market/ Frame 8E8D
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=
43 B
321 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
589f7a4a25a5e1a0
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:27 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
gpu0sp9i7kpp1c3lj60cp6vj5cbidq10
csync
sync.adtelligent.com/ Frame 8E8D
43 B
323 B
Image
General
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
VertaMedia 1.0
Etag
589f7a4a25a5e1a0
Content-Length
43
Content-Type
image/gif
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 3AE4
47 KB
15 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 18:41:54 GMT
content-encoding
gzip
etag
W/"a31a707739fd82541fa40e577dbbfede"
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
37115
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
D5D9q3l9Z-aeXpAVTkbloD9ecynugnVQWlX_as3cKi72QVZKalY-VA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame A9C6
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"601b131c-27c"
expires
Thu, 17 Jun 2027 05:00:28 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame 563A
43 B
463 B
Document
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AA7CRTmkhoAqAcvF
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 18 Jun 2022 05:00:28 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
khaos.jpg
token.rubiconproject.com/ Frame 3BB2
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/jpg
GS.d
js.cookieless-data.com/ Frame A9C6
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1655528428496
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
media.min.js
a4p.adpartner.pro/apstc/ Frame ADD9
15 KB
4 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 62AE
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sat, 18 Jun 2022 05:00:29 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 792B
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=2&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
6878cc39c6cc495ccec724032941f9b04f0ca1652d6d6913719e3bede04b00f8

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:28 GMT
server
nginx
c.html
cdn.admixer.net/scripts3/46506/ Frame 9FB6
738 B
396 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc32
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CDAA
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame F5E0
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41601
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Sat, 18 Jun 2022 16:33:49 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 90AA
47 KB
15 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 18:41:54 GMT
content-encoding
gzip
etag
W/"a31a707739fd82541fa40e577dbbfede"
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
37115
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
MnC_JJ3Bbsz1cIaw4rqRMkFuLjn83ux-ZupOUnscDVWljgZ1I-ENOw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 7FF4
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"601b131c-27c"
expires
Thu, 17 Jun 2027 05:00:28 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame 485A
0
387 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AA7CRTmkhoAqAcvF
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 18 Jun 2022 05:00:28 GMT
Etag
abba870bb23fba7e
Server
VertaMedia 1.0
media
a4p.adpartner.pro/ Frame 792B
3 KB
1 KB
XHR
General
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=2&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
de4270e83db860b53ffa4adf95e9dbdd6392a3813fb54cb13fe258fdd714e338

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=2&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame 67ED
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e6a0c64b4a7981aa23428a74a873d07e312a7999336272d049e2b28cd37c92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122729
x-xss-protection
0
server
cafe
etag
17497724915816398187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:28 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/ Frame F46C
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
31480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 20:15:48 GMT
etag
8616628553774171045
expires
Fri, 01 Jul 2022 20:15:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame F5E0
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/jpg
GS.d
js.cookieless-data.com/ Frame 7FF4
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1655528428758
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame F6CA
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e6a0c64b4a7981aa23428a74a873d07e312a7999336272d049e2b28cd37c92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122729
x-xss-protection
0
server
cafe
etag
17497724915816398187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:28 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 87D0
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 87D0
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A8B4
73 KB
26 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c891b4573deb77134d5e06ea8da8e89ca0000a0c2f7c97ca1b17f8279b84d428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
26429
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6A51
56 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dce3317e4e31854ac210f5546d82dbb98ab17676cf96f920a4231cacfdd43ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
23763
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
media
a4p.adpartner.pro/ Frame F8DB
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/
42 B
510 B
Image
General
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=eaef3e8ad51b439f8299d617ffecd440&redir=[RED]
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cm-notify
creativecdn.com/
42 B
243 B
Image
General
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT, Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=eaef3e8ad51b439f8299d617ffecd440&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30%26us...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=0205e699-1718-52a9-b1ab-9cc6d306c72d&ssp=admixer&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://inv-nets.admixer.net/bs/cm.aspx?id=c5992057-d116-475f-a56f-fd26a216474a&gdpr=&consent=&gdpr_pd=
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=c5992057-d116-475f-a56f-fd26a216474a&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=c5992057-d116-475f-a56f-fd26a216474a&gdpr=&consent=&gdpr_pd=
Date
Sat, 18 Jun 2022 05:00:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pic.gif
pa.tns-ua.com/bug/
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0
content-type
image/gif
expires
-1
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 99D8
2 KB
993 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=5093867744358000&cpv=d92c641e-85a9-457d-c452-7331480cfe13&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22957e1afd-f17b-346a-f087-ef2966dc72ce%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22d78a3683-5edd-e7df-b3a4-8a75c9582048%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
a47acc0b92a6ea61ab43eb578d2ff72eff98efae7c038e0169317f887207170b

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
expires
Sat, 18 Jun 2022 05:00:28 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-601
/
onetag-sys.com/usync/ Frame E1A9
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=5093867744358000&cpv=d92c641e-85a9-457d-c452-7331480cfe13&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22957e1afd-f17b-346a-f087-ef2966dc72ce%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22d78a3683-5edd-e7df-b3a4-8a75c9582048%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ev_view.aspx
ads.go2net.com.ua/
43 B
300 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=25894354-48f4-49d7-9845-6c032b755889&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9cb8997e-6ba4-46db-b560-2d4bb741a898&inst=ADS-EU-6&ts=637911252286761048&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
pixel
ap.lijit.com/
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:28 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync.html
s.console.adtarget.com.tr/
63 B
63 B
Image
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
sfaf25.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=eaef3e8ad51b439f8299d617ffecd440
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame 3BE7
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e9ebaee81871691ba0ae4ea0d1d6d8f375bf61106c4bb03e70daf7179ec0032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122729
x-xss-protection
0
server
cafe
etag
6897824556669791418
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:28 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 67ED
219 B
647 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
c3f1a25bb7eb1868d1d49d105b6258c216e98621508b0232f0da4990a3bbad19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 67ED
107 B
165 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 67ED
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3DAC
87 KB
32 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6bbc3e3680c3f70fc45eb6da89c56eb004819c74c43e612a88bb16c443a4afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
32995
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 67ED
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b406f9836e39bcde1407fb83870e3dd8bf4ec3a7138667a896f9d0550623ead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10586
x-xss-protection
0
sync.php
pixel.rubiconproject.com/exchange/ Frame F5E0
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
pixelSync
pixel.sitescout.com/dmp/ Frame 99D8
0
191 B
Image
General
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D7ed9cdc1beb8ef27
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
prebid
rtb.openx.net/sync/ Frame 99D8
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D7ed9cdc1beb8ef27%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
t2mf0q2nqgfes5n8uik4p9lkkk9hq2hh
ptag
a.audrte.com/ Frame 99D8
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
543e9f02671e13d4e6fc561d24865c9c91019a7a3c82a9fd6224c8bc5bb3d577

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:28 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 99D8
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Thu, 17 Jun 2027 05:00:28 GMT
um
u-ams02.e-planning.net/ Frame 99D8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D7ed9cdc1beb8ef27%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7ed9cdc1beb8ef27&uid=8890989073348379753
42 B
103 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7ed9cdc1beb8ef27&uid=8890989073348379753
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:28 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
39522145-229d-40de-901d-6028842159ac
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=7ed9cdc1beb8ef27&uid=8890989073348379753
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 0D1D
668 B
585 B
Document
General
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fd866b1b8-d7fa-484c-9492-34710e4ce109%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI4LCJzaG93X2lkIjoiZDg2NmIxYjgtZDdmYS00ODRjLTk0OTItMzQ3MTBlNGNlMTA5IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D7b799a9cda764d53aabd8acecbbf5261&showId=d866b1b8-d7fa-484c-9492-34710e4ce109&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame 61B1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 18 Jun 2022 05:00:28 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 18 Jun 2022 05:00:28 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DC64
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=94624
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 19 Jun 2022 07:17:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 9157
1 KB
988 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 293E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame E130
322 B
665 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafe1c6c712bcc6b09de2739ffaff263b8c40efc85177850ec348eeca8f7c985

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
71d17628fd8f01e7-ZRH
content-encoding
br
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
if
a4p.adpartner.pro/tracker/ Frame EB86
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522d866b1b8-d7fa-484c-9492-34710e4ce109%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d866b1b8-d7fa-484c-9492-34710e4ce109%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:28 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame E929
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522d866b1b8-d7fa-484c-9492-34710e4ce109%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d866b1b8-d7fa-484c-9492-34710e4ce109%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:28 GMT
expires
0
pragma
no-cache
server
nginx
cookie.js
partner.googleadservices.com/gampad/ Frame F6CA
219 B
270 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
10ace273fe1b5fd75ff60b49ac8538aaa7146b6657aefe6b6b7caea2e145143c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame F6CA
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F6CA
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D055
20 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97f32e91299bde607792073c91ef8126fed3cad7fd85fac03fd7ec491925c778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10733
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F6CA
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1a15b8570e28e22cb06091c917bec0b136a46100f856dba51b96b34b52f0fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10504
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 3BE7
219 B
268 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
973eae95fe89b961d73d4c9bbda445bb635a1f612344a3a856ddf7b14ada3a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 3BE7
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3BE7
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2919
20 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01be294156c8acb3762d3790f451b165b9cd4d1123ed7ec7c060aecb5c345a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10846
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3BE7
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89fd4af64417c1e293ed1eacc3059b01562fa8257c797fc0139fe8563f724195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10767
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0D1D
117 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fd866b1b8-d7fa-484c-9492-34710e4ce109%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI4LCJzaG93X2lkIjoiZDg2NmIxYjgtZDdmYS00ODRjLTk0OTItMzQ3MTBlNGNlMTA5IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D7b799a9cda764d53aabd8acecbbf5261&showId=d866b1b8-d7fa-484c-9492-34710e4ce109&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fbad9dc1e6fef17269b949d872b1f58ffaba7e151fa7673b86c684563c35d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39791
x-xss-protection
0
server
cafe
etag
10411242319929322329
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:29 GMT
media.min.js
a4p.adpartner.pro/apstc/ Frame F8DB
15 KB
4 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 8B2E
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sat, 18 Jun 2022 05:00:29 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame C06A
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=3&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
04f03301da92131889e42b6df23e9e33b0ba12e706ee463b32a22bdf7551856e

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:29 GMT
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F6CA
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 67ED
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
mw
mwzeom.zeotap.com/ Frame E130
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dd29c1...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=a3b68edf-ad91-475d-4ef5-f223083ddf49&zdid=1361
95 B
176 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=a3b68edf-ad91-475d-4ef5-f223083ddf49&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
71d1762a1e4501e7-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=a3b68edf-ad91-475d-4ef5-f223083ddf49&zdid=1361
date
Sat, 18 Jun 2022 05:00:29 GMT
cross-origin-resource-policy
cross-origin
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3BE7
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
usync.js
eus.rubiconproject.com/ Frame 61B1
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41600
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Sat, 18 Jun 2022 16:33:49 GMT
logcz.aspx
ads.go2net.com.ua/
0
220 B
Image
General
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=211243eb-11ba-464c-a0c6-ba847f55b0ad
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
ads.go2net.com.ua/
0
220 B
Image
General
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 99D8
47 KB
15 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 18:41:54 GMT
content-encoding
gzip
etag
W/"a31a707739fd82541fa40e577dbbfede"
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
37116
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
AMS50-C1
x-amz-cf-id
34hP8XSRGHl_UqunL55DJeHLyA8qebV12XqcUHc-AmjJ3HcYsHcdug==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 0855
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:28 GMT
etag
W/"601b131c-27c"
expires
Thu, 17 Jun 2027 05:00:28 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame 3A65
43 B
463 B
Document
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AA7CRTmkhoAqAcvF
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 18 Jun 2022 05:00:29 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame 0D1D
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e6a0c64b4a7981aa23428a74a873d07e312a7999336272d049e2b28cd37c92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122729
x-xss-protection
0
server
cafe
etag
17497724915816398187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:29 GMT
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
css
fonts.googleapis.com/ Frame A8B4
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 04:40:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 18 Jun 2022 05:00:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Jun 2022 05:00:29 GMT
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
media
a4p.adpartner.pro/ Frame C06A
3 KB
1 KB
XHR
General
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=3&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
0248d7c751e5cf041251a64fcb1bdc4da8ede013e07bb06efb3737389374c67b

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd&session_pageview=3&session_id=94d1eccc-af03-4a50-a207-7da9100d5cf5&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
4845383948256783868
tpc.googlesyndication.com/simgad/ Frame 6A51
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4845383948256783868?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnjaAPPUEDGjHYOo8_ChZLQUkESpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00a42a3f93c0d989a715e5e3625caa7102bd6e85ec6d6bbcf6d666c3c2ca1c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 20:31:41 GMT
x-content-type-options
nosniff
age
30528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6089
x-xss-protection
0
last-modified
Tue, 24 May 2022 23:32:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 17 Jun 2023 20:31:41 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 6A51
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:40:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 6A51
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:44:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6A51
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 6A51
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:55:07 GMT
l
www.google.com/ads/measurement/ Frame 6A51
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQz36tGsCwWDti6idR0YFx8rIvYk5xHTqBrGwDIikXY_eEYfks6hWRcTgPKyPbbANM7b78Tfp8GOgC0OqyILnRGw3wuA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 6A51
31 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 19:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12864
x-xss-protection
0
server
cafe
etag
4287797001720200766
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Jul 2022 19:23:10 GMT
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=15b9797d-9d3f-43e0-82d0-f1298c8b7f03&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9cb8997e-6ba4-46db-b560-2d4bb741a898&inst=ADS-EU-6&ts=637911252278027235&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=9&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=db79cf4a-3f78-4338-b6b3-a57ff9681b32&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9cb8997e-6ba4-46db-b560-2d4bb741a898&inst=ADS-EU-6&ts=637911252278027235&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
khaos.jpg
token.rubiconproject.com/ Frame 61B1
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/jpg
GS.d
js.cookieless-data.com/ Frame 0855
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1655528429139
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame A8B4
2 KB
983 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:48:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame A8B4
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:40:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame A8B4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:44:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A8B4
137 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame A8B4
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:55:07 GMT
l
www.google.com/ads/measurement/ Frame A8B4
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbAcQcqhwCxsq0GxQ-APpT7rB4z6-nVOMaArw7nQaLB9nU6x9Rjz0y3tWMYiy8TSSIhVmaeDzzVU7o1Rb9yUKACpvVVA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

6609dd9ea225b203b979e97d717528a7.js
www.gstatic.com/mysidia/ Frame A8B4
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 03:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 02:25:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 03:25:38 GMT
ev_view.aspx
ads.go2net.com.ua/
43 B
300 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=eaef3e8ad51b439f8299d617ffecd440&cet=9&zone=211243EB-11BA-464C-A0C6-BA847F55B0AD&rule=8031EB30-F8BC-4C42-B0CE-47540A4C2D9E&requestId=3ac5ecb9-818f-42e5-9b68-aa858bedd4e0&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9ed89d6f-f2ee-4d9a-957e-1e0f2b4c1b86&inst=ADS-EU-6&ts=637911252277521778&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 0D1D
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0D1D
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A0E0
603 B
65 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820316&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528429067&bpp=8&bdt=82&idt=109&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=5934688548278&frm=8&ife=1&pv=2&ga_vid=1321067920.1655528429&ga_sid=1655528429&ga_hid=261691692&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1373777333&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=2788399133417738&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.pjcuxn1nk4ma&fsb=1&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ptrack
a.audrte.com/ Frame 99D8
368 B
881 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.99&p=M1353665098&artime=2022-06-18T05:00:29.200Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
041b720a27ba9cd900698269aac9715cad486a2e6fd636c0f552b13db85dd618

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 99D8
155 B
629 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 18:41:55 GMT
via
1.1 0b3cd120321973f1462a42e82c43c1cc.cloudfront.net (CloudFront)
age
37115
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
x-amz-cf-id
u2tM2qx-xjbh4Cp9aUsT6wf1gGVUGGBUEdn0SuawJ2zzVyqWEi82MQ==
s
googleads.g.doubleclick.net/pagead/drt/ Frame B75E
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1066
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 04:42:43 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 40E9
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
26780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 21:34:09 GMT
expires
Sat, 17 Jun 2023 21:34:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E27B
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36a8da27761c6a7da49ef118a7fddebe35de19ba42686eb05cb25d47cd8bbecc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-myiX9CCYT6UB3bZRhcwbzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-myiX9CCYT6UB3bZRhcwbzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Sat, 18 Jun 2022 05:00:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame B75E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 05:00:29 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD0C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
26780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 21:34:09 GMT
expires
Sat, 17 Jun 2023 21:34:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D404
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1ea884399a98d6eb39dd9052e1b92f88bfe3570a2ccedba802c806dde93793e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TNWQWVDKVkLKdTl02XoqyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-TNWQWVDKVkLKdTl02XoqyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Sat, 18 Jun 2022 05:00:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 970B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
26780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 21:34:09 GMT
expires
Sat, 17 Jun 2023 21:34:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 992B
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a677c56a225d794f990a2bdb8176317e4a96c9a0e635ec1ee7ff286e91d889b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g5J31JM531h5bUPhD9FMmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-g5J31JM531h5bUPhD9FMmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Sat, 18 Jun 2022 05:00:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:29 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame F82E
668 B
585 B
Document
General
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fd71ffa45-195b-44a8-8427-c26a54bc3720%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI5LCJzaG93X2lkIjoiZDcxZmZhNDUtMTk1Yi00NGE4LTg0MjctYzI2YTU0YmMzNzIwIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc71fc3a8a2a98ab540d39a3e148fb64d&showId=d71ffa45-195b-44a8-8427-c26a54bc3720&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jun 2022 05:00:29 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
data
bcp.crwdcntrl.net/6/ Frame 99D8
20 B
312 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.26.110
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
if
a4p.adpartner.pro/tracker/ Frame A72C
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522d71ffa45-195b-44a8-8427-c26a54bc3720%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d71ffa45-195b-44a8-8427-c26a54bc3720%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 6FD1
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d9e06798-a675-44d2-8df8-20d92f975ccd%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522d71ffa45-195b-44a8-8427-c26a54bc3720%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522d71ffa45-195b-44a8-8427-c26a54bc3720%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
0
pragma
no-cache
server
nginx
p
a.audrte.com/ Frame 99D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=&google_gid=CAESEK9PHSPwcXzeZXGvBZSJwzk&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 99D8
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5771192511099334769
  • https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 99D8
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
css
fonts.googleapis.com/ Frame 3DAC
6 KB
672 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 04:21:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 18 Jun 2022 05:00:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Jun 2022 05:00:29 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 3DAC
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:48:44 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 3DAC
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:40:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 3DAC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:44:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3DAC
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 3DAC
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:55:07 GMT
l
www.google.com/ads/measurement/ Frame 3DAC
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCIhdagf_Lu3OwDTHXyo18VrqhqWhrlNZGXE1x9jLksC481VvRto2NwhCHVL3bDl5JGcKmU8RwfCQqQbitso9sU9T_ig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

6609dd9ea225b203b979e97d717528a7.js
www.gstatic.com/mysidia/ Frame 3DAC
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 03:25:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
178491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13085
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 02:25:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 03:25:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E27B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=2243736371601816&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ptrack
a.audrte.com/ Frame 90AA
368 B
880 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.99&p=M1353665098&artime=2022-06-18T05:00:29.399Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3081fdb997550e1b562838d4d04e31fb73a67749cda8dec8c58cf9381a91e955

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 90AA
155 B
629 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 18:41:55 GMT
via
1.1 0b3cd120321973f1462a42e82c43c1cc.cloudfront.net (CloudFront)
age
37115
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
x-amz-cf-id
vUj5ADSv9SKRms4a7O-gSKAbkgPI84OzJ3YHUi4ZACqralry_IGmig==
adview
googleads.g.doubleclick.net/pagead/ Frame 3DAC
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEkQy7FutYsOCPZWNjuwPr56WsAHuws26auChqMGbENzZHhABIKzk9ghgu4aAgNAKoAGKs56vKMgBCakC2UbBgmGBSz6oAwHIA8sEqgTQAU_QrQVXv4XLn9jiOdJ3-DWYLWauZExixaENWshq3GmzlbHW0unoiMiJyo48IVKEat8SEncaxLnq-9rKR5xf6VJ2CyVIUNXcIfghOFlce1kpXKT_WCQjMwRak8IUSuQbD2tsKYe6k4uwc3yPFGDPE4If2RM_uijaCzwTjd3CEiGmw-XN-D8X3436MQL2eZuQMB0Zqq79OlNBFg7FeuRWMHH5LmRXrcobNyic16MLw5GHatUJq-tm9FkZKZ4wjhyXrA0mViLOCJB5wF7ap8aasGHABKGx9PqEBKAGLoAHiuvujgOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCY4wbSCAkIgOGAEBABGB-ACgHICwG4E-QD2BMD0BUBgBcBshccChoIABIUcHViLTQ1NzcyNTQ0MzU1OTcxMDQYAA&sigh=TGNvq12LW-w&uach_m=[UACH]&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0D1D
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ddc22e9d23840a7b5d4f182317729bc3a78999d146651a19ee891e1524f82e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10623
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D055
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTcVFE2c_wO4NlZzF2aJt6e4dETEQCNMAU-zVJHhs3moR1xtNLlcWdEfpKY7MyB146hGSXGBWcsS4n5j2eRYqcvYUZeuNUQy4fYbnXXqewht_spkk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/1043867/63145646/dcm/ Frame D055
234 KB
71 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1043867/63145646/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.64.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-64-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1b599314de4de0c9b6328caf1b7a000264104d924783652feef6e3723cdf7a1a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame D055
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=56062548&pubId=1&chanId=52321546355&placementId=424690042&dealId=549644393847897261&adsafe_par&impId=ABAjH0hFtna62DbYbgwRkd0ebjJO&bidurl=http://zdorovia.com.ua/
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.64.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-64-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
899d15258aeeae0290bc6105c829ee74ea051be865c11c40f4d62a627d225f7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame D055
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:44:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D055
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame D055
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:55:07 GMT
l
www.google.com/ads/measurement/ Frame D055
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsmCOYHkNL1iw4XeFB37rCTXzfO0i3XROHJb7QWCVKVtQgCPF1SbLm7XW1VB7c5mBxvOxppF8ClWojiQKhLCgkqZy_yQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

downsize_200k_v1
tpc.googlesyndication.com/simgad/7873500028011805191/ Frame 3DAC
12 KB
12 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7873500028011805191/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67f2309f738daf8efbf8a4553ffaccad9a09af416d0928436c6eebcbb82a8b80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 18:53:32 GMT
x-content-type-options
nosniff
age
468417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12345
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 19:49:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 12 Jun 2023 18:53:32 GMT
truncated
/ Frame 3DAC
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F82E
117 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fd71ffa45-195b-44a8-8427-c26a54bc3720%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI5LCJzaG93X2lkIjoiZDcxZmZhNDUtMTk1Yi00NGE4LTg0MjctYzI2YTU0YmMzNzIwIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc71fc3a8a2a98ab540d39a3e148fb64d&showId=d71ffa45-195b-44a8-8427-c26a54bc3720&apuid=d9e06798-a675-44d2-8df8-20d92f975ccd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c034daef6117147838e13f45c7d42eb266865306f538f75f563f1e81ede8c0d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39791
x-xss-protection
0
server
cafe
etag
17784607986944881370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D404
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=3733430330646665&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 992B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=1127361340309303&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame A599
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGPqCwcoBMAE&v=APEucNUp-Dlo65vvxQFyTJ0FQgVBP6namWmw-Aql9V97CZMcQtWlbVp8VNTwTFJjP4SJuZZ-Vc3s8MzjFo6bz3CgJsLJe7T5_rJPzo6wYow0XYYjm-17h2qLf7X8snd6G0cQZGe2mDqI1PGTXp_yg79XPxlFPz6VK77T5xS77FwPuPfp7z15jeI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D055
27 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGIMamDUPQpCSDEeq67PVXCW2gtlyvMQQgQr4tBqEGwkD020oYUH2BEwXc3D_pEmCgKyiiViCVWHV2h-N0ToY71L77Jc1yT0a1pNmzlSW6O_FR7CgaFfXz5QoOvN7OmV0lKY-UZ1lRhIPptfcJmzsEizWOcg&cry=1&dbm_d=AKAmf-DgiN3iJxOlKd1_qOpwikhiuKf9dHgx-uTzN7LA_ieV_tbwcsFXdit8obJ6HMgfDDc0-Ckp55wCjyUfdMXatal42IMyNze1Cg_LYpwMyrGJoaVe44kWSZYYyQv50zL74SM02jfcwBKOclKJwGk278oVbd0ZTjNB4ZjmXGVbz-ZEF_hmZrfUMXBEPhuXNyjqp9RrnAlVgNY3tL63PBGg7nLYB5mxYDyLVWNOteTNoU6HkXvsvWuwRh2XkJHLlVughMDTOYwq0sJpKPyQxXogloKLnwTl9qP5aZFxIzhpM7EAsbBq-gkvSLg3WJZa_kbxpE0qGz4a90WaXgjjxKxSTAkOD6gTh1NCN_ZNDEBXZAJFmpzyD5oTDYNsaABshxPJVpSQ_std8m59VHleWAAoDFC90T2F2Ollb2jWbKZpO0FhFlD9lOieLNzYfLxMuA3fLwFKU-UsmfjW3XaV8Frbi1RhlYf3r7tZVte1gcGLyOz4KD016dM0uKnD4cKJXbviTBdgfPqP8_tJzNLIihA5zY6YswxdvwwOvLgeWUbnlfcCbcVgp4x8sp8z9uQsn19BZFkIS0ynMD1nJpEphSOBlcJ7QKhTlaQrH9UJ7ceUNRL5AzY-64mx_Nc4TtmG5AAiVJQhWc_ArnPlB-jPVn_eqV12nWauSza6c3gSFEo40lNXJcjLYtVfCvCQpHUJAi3TK7Kk6obkagWIJ8qhtJWQLR8U6oEsFC3Lap_3vGfhN8N2zodHK8nZxvP-NAF201mZ3fCAmNaB9WjofdGwM6XXDhakqZFFWRfupMUn39Js3hG3hwMLdnI0LDmBjOt_fzHgSIjPaBPIujM3AMS_fYdYCeoVuvNN-b84IouyksDwRX0wqJy7XwZHbA6zwCXl8e1-mCgS4XbYD8wVWpoJ4P8zfRsangH1ei-w7nBvIH9d1gOEEJwRLJen9pGVNcBxDPq6y_UJ2D7wVl9IHFqpQyMY28Q4lH0TkK9gPCpim4kmlLh9LAUrPxMBiHMjUSgJ1HKcODF2cE0vm3GqJvwYwFHz-Ck8ymQFlIB6EuhBEkT3T1aPLe7JhWzW8J7JeriH78HKUO0P7YTET0pGWUliW0_fs4VmYc0IOvGpfFZkERdbyzKEX4LcBYmuiBQbUdI5MPJy3V45KjG8WInMZAHd95TcBNg8VVPbwZMNwAlFCs5LVgAh3oFNpfA42I8Lpf4Ttl_qsHyBpTlujwYareQ80MA1sWxz5dKzaDJGUJwR3-yHXadfZP9StFvZGAqLr1uBrnsb6_-hNNOB2Wt5HiYkegyItQecKZkFZRUGKbhwKWaBxxKB75xKw1iomLKSjcFkVwQZuPuQd96CkQIn6TrGiF3nMp1hNi_z8G6dQcPnHF2cEWBuAS2RtTebJICAof0wN1ZvdAyEQ2mSzOjdJActpVlqI50G5rdUrxkRPj7poCp4b-4DOwAceDanVbDMonorQ2H1csFXCNfmpDa1iHyxiCKOQqut3ABfdhjsiC1Yfit_vh5_QwNSkQvoYJfUlB-eGRJCIzRa1TbRL8ttnZdYFt76arZl8jmr64WXp8E9VpP3LUQLTHsKa7JmSVMzzScZwEhfinuF0i3kNxjpGWlYCDcpPAotA8rSk0rDWWxMir6gV2OebBPJyJu8n38TsDOFgngwo2QJalaHsjvkEa-zFCvTi1cKjWls3XcLyT5_e2kBZDRwUbhmJMFyei1_FDAuulQEmshdN2owkKwwNYS5ACRKlO-gWUNGxOlq-AgLXcmcoqfCgf6kPmtxTdCykxNXQBXJZ4T0hhjsQ_G-TUKEJWADJMbrIWrYJOjXLoFtVAVFiXjLMF3r5zREPG8SJSZisiRKIA2IOrKcnP6wALEk_oJ7oiQr90SZIdeo6BPuejyggvHkpDobH91bjYxU-L-KMxCUKvcJ9YTgMYe3DH_R5HKpbDnwEAL6sLUi7IqZvXDU62SsIe6n18cngUTvW4udvzvNYiVkOFm8Mp4EL6CTVk5qa2V72cZNu9uId5z5jra4f3aM-Bib6r76FfNVO95TEbpTFZQTsJah4jhxkHd5CAjUhAh284l1xss6lKC9fPlhjFOck1NA7kjoXvzzSrfZm-fuzxFxPGaMwEP1Tviyd66HO4vPZMj5dTTQxX4s0rs06C4BLJqGjTdK54AiC0NtbYBdQI60VbMZO0_xWK12punYo_F3qX8wq0byoHb63jlucoiKn92AHWt7hFgnlYxGKVYBn9IcvxOjZzoBO3UMSCaKFxiO-KEMpFxK-ciz-YQ5vs3-2QDH4GbGRKqHuSpd5lNGD0sVlLIXZdYkoEGP8ZthrCcfApSEOZVcyG_DSHX_5cyPEeGb5vIl-19E3P5z28S8m7D5gS6s5VrXSppOou5wfT_bEQ5Swxk_H95lnga3xicdvi44Ym6dpbbPxcsPdsxDtZhuvZevGsnsW5KPSy8QqsKl7r16zDOvik-XQc0PaTNwo-SB2EKaLft_--M6PizDCJzgPLlgz-0TdRhU9xmZoURFYUIWLqeoZjfSHmN0xcdPYvG4XdTY2oQa7o7HV02FlDtuP7-97UTt-b5aY5H2H_dCEfURvWQzzkv6h-OHo-JmMXSEXF36mNrB6t8JS2dhR4io2pPvo_O04tDVjqiu_Nl-YTWiHsD2-pay8uKo-jKwXA9ebvQWmxtcAcRIIGXr4gClrRrXxGA5n9o8ALR985m226wFtyi_P8fTeUepN9JE5pyFWwSPr6B-ugqd0aNqET3exH_VNReqOe73jTH6zrIcYkzbFYrmb7hY3nUXDLIh6CxCTOuDxGk6nJUx9Q-PTkkPQLui7xoBNxC8XpK2UJ6D7dCW1KpMABVcN6t8hsXuE8gd6BwhnN6lLyodG0DAufpsM46rnHy-n70J65UtMpPN9d9gEXgugElmGLZP2t7qY0aa3DpHvwRinVnuKmHRbK6Cif8F7kAU5cuLicbVgyS-ykXk57MuggL8Rn35sxb7fzzxYHo4HLBOb_bP5TeAzBROvWYvYbby1-wtSJccFLox-uw91oH70ope5eeqs3JXvkb-pBsTbi17FTWpysSLYX4SonbEfUobF4c5oOFAI0IRyRBAXw8NIEbZf-VjCQnK5EYIMu_Z66oOcic6Zaozl38v5dwk3VDTULx-m-FTczk5IwCwH0Xd4EJI8Ausj5sItI0281M&cid=CAASEuRohTW0Jl-Sw8nFVC_lKv6FBQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bca17b78a061d3cf3646f02a1190569af9a4c7f65a589825dd4ababd2b8a3312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16222
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0D1D
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 2C10
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2919
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOfVRVqi3o8rL10C72F076vizWnvwJr6fcK6vpqCsdPwnS6jj2FIlFq18Lf6hVx7H7feDsKQoHlrAPpux1FbjM8CnJfLKkemc9uW4KGyFCuR0OyQc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/1043867/63145720/dcm/ Frame 2919
234 KB
71 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1043867/63145720/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.64.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-64-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
318b465c266078e1fd5ee3a2abf43aa238f70bf53f6b4716f317f1035b606aa5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 2919
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=56062548&pubId=1&chanId=52321546355&placementId=424690541&dealId=549644393847897261&adsafe_par&impId=ABAjH0g57o1cskOXV5Ee1pqlEGIt&bidurl=http://zdorovia.com.ua/
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.64.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-64-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a2b25b3a0039520af25c01dd7f6369a7eb6f9290ca4f834ed16a5a7c7fd15340

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 2919
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:44:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2919
137 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 2919
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:55:07 GMT
l
www.google.com/ads/measurement/ Frame 2919
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSxT1bwA6HMyJ3HqZyyKfYGa4Vtf3kXWT7riulENrTejA4Vy5__41RzTJeqemafSvEVdgKiaGFacOEOWGxf6w8eLGlwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

data
bcp.crwdcntrl.net/6/ Frame 90AA
20 B
312 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.14.190
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
match
c1.adform.net/serving/cookie/ Frame 709D
35 B
467 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 430A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yq1b7AAJwvaGzAAo&gdpr=0&gdpr_consent=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yq1b7AAJwvaGzAAo&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 19:36:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 18 Jun 2022 05:00:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yq1b7AAJwvaGzAAo&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lcy19222-LCY
x-timer
S1655528430.531003,VS0,VE0
adx
match.prod.bidr.io/cookie-sync/ Frame D6EE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKalFrN0ZXcmdBQUJTMl9CbDZ5Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B
Document
General
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.170.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-170-21.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 16FC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3cb862ad-5bed-4300-ac8a-1fd20d146b14&gdpr=0&gdpr_consent=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3cb862ad-5bed-4300-ac8a-1fd20d146b14&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 18 Jun 2022 05:00:29 GMT
Expires
Sat, 18 Jun 2022 05:00:28 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4447 e18e916 master zrh-pixel-x30 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:3cb862ad-5bed-4300-ac8a-1fd20d146b14&gdpr=0&gdpr_consent=
bridge
cm.adgrx.com/ Frame 7498
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 18 Jun 2022 05:00:29 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-3
server
Cowboy
usersync.aspx
dis.criteo.com/dis/ Frame 879A
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Sat, 18 Jun 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
274496
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
141
match.deepintent.com/usersync/ Frame 4086
0
44 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
0
date
Sat, 18 Jun 2022 05:00:29 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 2FEF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=675823621855
0
225 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=675823621855
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=675823621855
Pug
simage2.pubmatic.com/AdServer/ Frame 31E2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5tBk1kwx1O2qzr5&gdpr=0&gdpr_consent=
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5tBk1kwx1O2qzr5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 18 Jun 2022 05:00:29 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5tBk1kwx1O2qzr5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-03a22fdbefd04bb5e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame 339A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
440 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
71d1762ebbf301eb-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 18 Jun 2022 05:00:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
71d1762d5b0901eb-ZRH
content-type
text/html
date
Sat, 18 Jun 2022 05:00:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
56
noop
px.owneriq.net/ Frame 2C44
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B
Document
General
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.45.32 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-45-32.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sat, 18 Jun 2022 05:00:29 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 18 Jun 2022 05:00:29 GMT
Location
https://px.owneriq.net/noop?ct=image%2Fgif
Server
AkamaiGHost
usersync
match.bnmla.com/ Frame 434B
0
114 B
Document
General
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame C9CB
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7ed9a0fd-ebef-4282-878f-df286dbac497
1 B
72 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7ed9a0fd-ebef-4282-878f-df286dbac497
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=7ed9a0fd-ebef-4282-878f-df286dbac497
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 510D
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71d1762cfdca0221-ZRH
content-length
0
date
Sat, 18 Jun 2022 05:00:29 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
cloudflare
Pug
simage2.pubmatic.com/AdServer/ Frame FF17
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d078bdd9-7494-4da0-9680-582879060e7f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d078bdd9-7494-4da0-9680-582879060e7f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sat, 18 Jun 2022 05:00:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=d078bdd9-7494-4da0-9680-582879060e7f&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID}
server
Kestrel
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 640A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2b02da0c-ac3e-4ea5-bf32-70f8c641a659-tuct9a6e16d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B
Document
General
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2b02da0c-ac3e-4ea5-bf32-70f8c641a659-tuct9a6e16d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Sat, 18 Jun 2022 05:00:29 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lcy19248-LCY
x-timer
S1655528430.694174,VS0,VE8

Redirect headers

accept-ranges
bytes
content-length
0
date
Sat, 18 Jun 2022 05:00:29 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=2b02da0c-ac3e-4ea5-bf32-70f8c641a659-tuct9a6e16d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6951-MXP
x-timer
S1655528430.552519,VS0,VE24
x-vcl-time-ms
24
um
u-ams02.e-planning.net/ Frame C464
42 B
103 B
Document
General
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=7e8db8008544cb3a&uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sat, 18 Jun 2022 05:00:29 GMT
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D43C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=94623
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sun, 19 Jun 2022 07:17:32 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame D43C
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cad062ad-5bed-4600-9a34-dc28e18bdc19
0
47 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cad062ad-5bed-4600-9a34-dc28e18bdc19
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cad062ad-5bed-4600-9a34-dc28e18bdc19
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 18 Jun 2022 05:00:28 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOCsErcc7ilZrLKa6HT4bIM&google_cver=1
42 B
376 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOCsErcc7ilZrLKa6HT4bIM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOCsErcc7ilZrLKa6HT4bIM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D43C
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 17 Jun 2022 05:00:29 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3699384941058415959&gdpr=0&gdpr_consent=&us_privacy=
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3699384941058415959&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3699384941058415959&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame D43C
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D43C
43 B
983 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/EB23AA9A-38DD-4D6D-A333-539FDFDFCF13?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:1396:457e:6f4c:9f77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AwBQ68ZE2uXZ8Aj8FgZeFmgU2okltEQ-~A&gdpr=0&gdpr_consent=
0
47 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AwBQ68ZE2uXZ8Aj8FgZeFmgU2okltEQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-AwBQ68ZE2uXZ8Aj8FgZeFmgU2okltEQ-~A&gdpr=0&gdpr_consent=
date
Sat, 18 Jun 2022 05:00:29 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9352bfff-eec3-11ec-8c0d-337669439089&gdpr=0&gdpr_consent=
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9352bfff-eec3-11ec-8c0d-337669439089&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 18:38:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9352bfff-eec3-11ec-8c0d-337669439089&gdpr=0&gdpr_consent=
Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
9352c000-eec3-11ec-8c0d-337669439089
Pug
image2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8890989073348379753&gdpr=0&gdpr_consent=
42 B
316 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8890989073348379753&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:29 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
06949dcd-adb3-4520-8ab6-b81083631571
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8890989073348379753&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame D43C
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D43C
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c5992057-d116-475f-a56f-fd26a216474a&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=ff903a9a-97d4-4f9e-b0cc-669591a9b4e2&expires=1&user_group=5&ssp=pubmatic&bsw_param=c5992057-d116-475f-a56f-fd26a216474a
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c5992057-d116-475f-a56f-fd26a216474a&gdpr=&gdpr_consent=&gdpr_pd=
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c5992057-d116-475f-a56f-fd26a216474a&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c5992057-d116-475f-a56f-fd26a216474a&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 18 Jun 2022 05:00:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=U0PoR1AT7EdIE7ASVkakFFFEvhBIQbAbBhPK8QkP
42 B
299 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=U0PoR1AT7EdIE7ASVkakFFFEvhBIQbAbBhPK8QkP
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=U0PoR1AT7EdIE7ASVkakFFFEvhBIQbAbBhPK8QkP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F1A5DCA6_C629DF7&r=https://pmp.mxptint.net/sn.ashx?ak=1
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F1A5DCA6_C629DF7&r=https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F1A5DCA6_C629DF7&r=https://pmp.mxptint.net/sn.ashx?ak=1
Date
Sat, 18 Jun 2022 05:00:29 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
300
Strict-Transport-Security
max-age=-338515230; includeSubDomains
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5771192511099334769
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5771192511099334769
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5771192511099334769
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D43C
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8890989073348379753
0
74 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8890989073348379753
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:30 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aaed2b93-76d4-4b5f-94f8-60728a8f2780
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8890989073348379753
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CA36
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
56057
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 87D0
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fda904937d6614ea5e77748233c6694ad9387b66126b14b2a40aa0786e47d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10726
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame 87D0
13 KB
13 KB
Image
General
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_65172291402423224&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F1fe50076-f152-4d1e-aca4-ac081f359156%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D40607c47b2326bb29212f7580ba25ac8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
pixel
googleads.g.doubleclick.net/xbbe/ Frame EA73
640 B
316 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGO2GwcoBMAE&v=APEucNVpIwIV9irijv30r6DzmOi1UFIUqpxLnY4sWk0GIqii8buK92gLg-LYXADDDrWs6fo2kYTH10aC8lFN1Gvf2wA8Wmoa5eifH35qxCftFy6oP4jZ3jb-HyICkte9X8M_LgQwyizFz4uyxDNSzuJmgPhFS0fv42pnH7ZiSyC0Iwx0hzDapVw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2919
27 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI3rXZ4E97feHieNsrcKT6gL2LE-onZ_dct-dG39wc5EnmxTxmDQ2AoKAr7kT3RWAOIsAtKBlda8kBgKUoB-ifZ-cq3r28D9sdUf9ZWppoF71iYBHgEHipAAkbOY9GH3HhS88ZrQe1ABX2QB_JYZ_Yv9HksA&cry=1&dbm_d=AKAmf-D6w3ToBA6iAND6m4tOQNDlwlTbRd_Eqk4DfZh8Y5SWo1Lqxu7pT9lNRSkSmbrcSdAO_CizlrMfN2zlhhMT9CFTUkuEKy4LjJjPZX_ItbxzqhU-WmEYyatvkXvQcxLu1NM1XlI_Q6kPOYPfcSM2YZV7pBDLHA9NFZrWON4twTeab-Vi9eJyhDOLOBi3tH4tz0L3Clr7GtYH-BNPjs4b6foYp96eO9CGSlZyUsALsToaJkTJnY_bDQ9xteCYtGdlY1y8pm01iKfjVChyGnM64OS47y4REq7jQd3krsL0jTwRbVd2YLaHNb6azr55oer1DJhzX-DX59YT6gMJyz6mZlqd3sPepczT6xwh4QvIPsrKIZM52M8UCJ_SfYqXxxOP2nFBacQ1KPzN6Zcx6HB49C9X7EKth9jZnnp8m0X61BSnpHCLREmTiswgbXGxv-3HpwBiBqqm7CriPWJw1PD-teSweJpD-imbY5bLCTSm6KWhXkPXG83OcsosgsIZnho--F_1sVifEosAOOY7mnd4Q-OK9KdxLIMigcNGVcjOOVkS4TYJpwclVVY9Mh4A28ShBZlrSyPQoFHXg8DSVa6_Uw-QM9kfRtQlqdlkqUy0_EAYggCIwujJexVVg5kzY2_htp0dMkZ4rpOQ1CPsVbn_WE9D8gWT3xsnjL-NHHABmouI5cR9TI7ePBb9dJKOiOHbP6ufE8bzrI_xVz2CqeG6Vi-38BRKqKwK7wxNW32qhoCJYwgpXCT_sKFSboUqQRGX0HTZymaBg5dMzje4ecbNgyFKhGbBGOnqgf--nOf1lElEY2pklbALvG8yEm_eE5AuYtJUUCrGqfzS67bg5vHugazFEtKzUyEJUN53n9bok82Lbfsc9DmRpt9vS6HY-suNmeJdW5DY9Msdl_Mjn9Q7XvasPpTo5a-beF709cSHGKydoXUY7GNXeUzTWzQ-rHII0rFU3MjqbEWs0aAdTTgIbJfxG83PUigk42SJo6DFFjy1HIcNSWSy7oWbhuqaAEKWditSb9lw5N-AJnh-bDmNGnApePEXr0OI1iD_5bPiXTZVBGxUu12yl3kWcdkuD9YrXIAnFss5Qcux1GU7HoHqt5y4D2LueoxCxH8HQvwCTvz8hR20KaTarouKO2dmjmkaSAKouDfQf9SemfyVmwk0bTErgzBz6FIb-RsPzXrg4WxNRE2y5pC3hbVc3CG_O6maed2Yn7fQt36ZjUEoqK7D1FXgsYdilUnjFrDWlU8YaZcQ-e6f6885WQf9s228_P2tvgZY35u9I1wK9Y3GOLkAmxo4xQH3kPcyiQgihklSZsAw4ZfZq6DnIgEd_IE8I8lanPuNc2GTGipm5kvJ-nExUJlPpflkCfs7MQo3E_17CpjfjdoBbRMlCedY-58WSOZn2t0_YnNW_Z4tzp5JqtTVKp3wVfAUE5pMmOdatSX968eLczjVPcmpsuEP41Kxv9e_MRvOrpURkqLmrorDm9MmkXI8eh0RsFddmZ5owkZibNkR395pYb3LL8284iMRgH9yiHvlkyxR2upJO4fVBwYk2nVGFlJV8JyDTlREd88tAC-fFlnyrxKRA1sc1vsdixcOxX3PMoarQGKTeN_VL4RZHu6-iczo3eGrx3Ug3J2mcSpuT8t2bo8pY2-rD_IDVy-p00I-HE1rmx6I4qaxjHM3frZ0P0V7RAFjw2AWLfIoHmI4rfoIXLjGmi8VrB91PwnxQ8pVNEOKhQLOk7McnqZclir6BUsmmUQ1r9dBYXlwggyVo0EzGE2wtkzCAyxcEYXEpXRKJ_nasIAHPnToz2e-GSCWPvJ0HpdRWBl1dRUv3laZABT32MPZKJuQ3wHHwgRJuAK6Ifib0OcH1MizVfHcwNhnNV72m3hi2iGEWQenwEwZMipC-XM7GJDMFr91ZjfcXFF_JZUWqwowOlf0OLGrQfK8BerriU_I2urnN_1JKd-RiRTPKrOwpKJLdIjKWcgcGbIzy_4Syr2xaHRrEJEd4wQV0TIV5W-9giXsYKkmKt6_IecMdjjXVP27ysOo3uiUwv_S9LWvbWvQyMw5f5KnYJeYJZEzMurVOjCwE-deGKQqENEzLtzk1cGWpALdd9tLSZkRK0mCN7hCPbJULFpTPwyp5lcpjlt3Ei3CNHkYVJCDzdbL4vbf922w2ghz8IZQmHVhLDmfy5k3zyCcydeVE_ZWm0B3MiRIAexSzTfiyRicNeINv3ywUlRtNvAWxzlBe9aGjPXxO5miEcsvFm4Tz-DmxI-IK_4-OpugkPps8-qUTglJFiBDc8jRT_4jGYSv1v4O3WjBd-Y3Scc66kzu8jEetM1RlbKURRE8N_8g1puFhn2gy82MwbHndmzR1XEEkeVa5S6KIr79loARabR285OGIfVEt9hPgDSmOtSTSJXWs1iJc17248g7ykNnjuFCRCcdhSB0euecIW61PTOt3WOc3BWyFWG8GiofBST3o3oc8UTKqgaqjbPlc53C0ip0otWfB8QEMsP9h1LyhForGGAe1EQQxoi8Zsnc7yksW5jdcPJfcpfGCpKhqM3XjmCtHeWuMtxllDL3OsXeNjxvuoh2BVYJXuvHfRsDg_GYRNNviiBLnB88n9la2NoT68L4oumdAUKvf9D9Bnpf0TjLMjJy3FfLaedyuYB-YlwrvtBP3C2U1hFT9grBtJciOdI80LwGOQ0YR4cX4mZep-lhpUs9bdGKJlRvh72Zr3f0vhcKWggYVRvlV7WHZftSOGPHura17VXTCo2Oh-RFCSQLZt4qpbl8QESGayR3Ud8B4_ezgxCPDGgpuEHceS9iHiNFS76U7R05g0fEpjpxN1nQ3VQRzt8FbG7OCb2hiVGbhbg7_WIyPDdvHEaoG_Y36ZE9kmQzHsymjegZ_pJ5EhAO2ZN4TvPv5oluRIwtCO3HpekcSasmhAOqpSGhkjcu8PGI9HnyA8gHb_s8zyGqR25SRWCOyLEtzek0wP6d_0Dz50Yv24VKn34uUnxclqiRnxhpNC26Qk7KmhoTPqhBuB8v6L2a5sluLyWx5Ofe1qnEp0Eo1vyrg-WU5eth0rPVhql_ycv5zxMzduFQbO1hBDI7bmmILrw74KTWm6WHSwHg0r9Omd_0OdFpcoDp-ww8zB7llUf4HMbf2t_Y66g72t_t-a_jP-ILgKa4Sa6q5-zj4aSsPc0--Ko&cid=CAASEuRoMM1V4-13zEwU-UiO5PyYfQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d17374880c2515db062a5ecdc88c4fdab00fb1387d0286ecf79c2586b44ff759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/15604670061673021688/ Frame A8B4
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15604670061673021688/2076313506083323656
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cb2c41996cfb9e06eba6db293774f4245d45f82356e7827dc14ca7782781ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 00:09:41 GMT
x-content-type-options
nosniff
age
535848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38594
x-xss-protection
0
last-modified
Tue, 10 May 2022 10:11:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 12 Jun 2023 00:09:41 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6155713055928753886/ Frame A8B4
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6155713055928753886/downsize_200k_v1?w=100&h=100
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9512d278447b44b098b5fe881370420b8b041939444a591b5eafd1e6e071f5b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 21:32:22 GMT
x-content-type-options
nosniff
age
113287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1891
x-xss-protection
0
last-modified
Mon, 25 Jan 2021 09:37:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Jun 2023 21:32:22 GMT
truncated
/ Frame A8B4
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A8B4
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b7111762386df8ae32f24b77c4c06dff3a93ced7c881107844042a4d680c698

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A8B4
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
332087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 08:45:42 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A8B4
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 16:39:45 GMT
x-content-type-options
nosniff
age
390044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 16:39:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A8B4
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
381154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 19:07:55 GMT
truncated
/ Frame 6A51
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8392aa4e41dd8b5e6379fd5350e7921f0a41b03ce25dae5e822b276e2a93be9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
ps.eyeota.net/ Frame 90AA
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 90AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=&google_gid=CAESEK9PHSPwcXzeZXGvBZSJwzk&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 90AA
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5771192511099334769
  • https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 00DF
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958788&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428434&bpp=2&bdt=246&idt=373&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6667918888907&frm=22&ife=1&pv=1&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.mwmmmrs0xcxp&fsb=1&xpc=cCne9E9rl4&p=https%3A//file.adpartner.pro&dtd=378
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 970B
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
rum
dsum-sec.casalemedia.com/ Frame A599
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwMxb7qnCs3KLHrcwB3Q9w&google_cver=1
43 B
781 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwMxb7qnCs3KLHrcwB3Q9w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGPqCwcoBMAE&v=APEucNUp-Dlo65vvxQFyTJ0FQgVBP6namWmw-Aql9V97CZMcQtWlbVp8VNTwTFJjP4SJuZZ-Vc3s8MzjFo6bz3CgJsLJe7T5_rJPzo6wYow0XYYjm-17h2qLf7X8snd6G0cQZGe2mDqI1PGTXp_yg79XPxlFPz6VK77T5xS77FwPuPfp7z15jeI
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 18 Jun 2022 05:00:29 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwMxb7qnCs3KLHrcwB3Q9w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A599
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yq1b7CMSAqsT5-pQYqA69QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwMxb7qnCs3KLHrcwB3Q9w&google_cver=1
43 B
781 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwMxb7qnCs3KLHrcwB3Q9w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGPqCwcoBMAE&v=APEucNUp-Dlo65vvxQFyTJ0FQgVBP6namWmw-Aql9V97CZMcQtWlbVp8VNTwTFJjP4SJuZZ-Vc3s8MzjFo6bz3CgJsLJe7T5_rJPzo6wYow0XYYjm-17h2qLf7X8snd6G0cQZGe2mDqI1PGTXp_yg79XPxlFPz6VK77T5xS77FwPuPfp7z15jeI
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 18 Jun 2022 05:00:30 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKwMxb7qnCs3KLHrcwB3Q9w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A599
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENGhJVTMhIXo89p22y3R1J8&google_cver=1
43 B
1018 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENGhJVTMhIXo89p22y3R1J8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGPqCwcoBMAE&v=APEucNUp-Dlo65vvxQFyTJ0FQgVBP6namWmw-Aql9V97CZMcQtWlbVp8VNTwTFJjP4SJuZZ-Vc3s8MzjFo6bz3CgJsLJe7T5_rJPzo6wYow0XYYjm-17h2qLf7X8snd6G0cQZGe2mDqI1PGTXp_yg79XPxlFPz6VK77T5xS77FwPuPfp7z15jeI
Protocol
HTTP/1.1
Server
37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:29 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9780b821-7030-4316-9bf4-449229d70772
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENGhJVTMhIXo89p22y3R1J8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A599
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg5MDk4OTA3MzM0ODM3OTc1Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg5MDk4OTA3MzM0ODM3OTc1Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGPqCwcoBMAE&v=APEucNUp-Dlo65vvxQFyTJ0FQgVBP6namWmw-Aql9V97CZMcQtWlbVp8VNTwTFJjP4SJuZZ-Vc3s8MzjFo6bz3CgJsLJe7T5_rJPzo6wYow0XYYjm-17h2qLf7X8snd6G0cQZGe2mDqI1PGTXp_yg79XPxlFPz6VK77T5xS77FwPuPfp7z15jeI
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:29 GMT
X-Proxy-Origin
217.138.196.99; 217.138.196.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
749e72e1-57b7-4a61-a33c-5763cef37297
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg5MDk4OTA3MzM0ODM3OTc1Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame BD0C
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame D055
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGIMamDUPQpCSDEeq67PVXCW2gtlyvMQQgQr4tBqEGwkD020oYUH2BEwXc3D_pEmCgKyiiViCVWHV2h-N0ToY71L77Jc1yT0a1pNmzlSW6O_FR7CgaFfXz5QoOvN7OmV0lKY-UZ1lRhIPptfcJmzsEizWOcg&cry=1&dbm_d=AKAmf-DgiN3iJxOlKd1_qOpwikhiuKf9dHgx-uTzN7LA_ieV_tbwcsFXdit8obJ6HMgfDDc0-Ckp55wCjyUfdMXatal42IMyNze1Cg_LYpwMyrGJoaVe44kWSZYYyQv50zL74SM02jfcwBKOclKJwGk278oVbd0ZTjNB4ZjmXGVbz-ZEF_hmZrfUMXBEPhuXNyjqp9RrnAlVgNY3tL63PBGg7nLYB5mxYDyLVWNOteTNoU6HkXvsvWuwRh2XkJHLlVughMDTOYwq0sJpKPyQxXogloKLnwTl9qP5aZFxIzhpM7EAsbBq-gkvSLg3WJZa_kbxpE0qGz4a90WaXgjjxKxSTAkOD6gTh1NCN_ZNDEBXZAJFmpzyD5oTDYNsaABshxPJVpSQ_std8m59VHleWAAoDFC90T2F2Ollb2jWbKZpO0FhFlD9lOieLNzYfLxMuA3fLwFKU-UsmfjW3XaV8Frbi1RhlYf3r7tZVte1gcGLyOz4KD016dM0uKnD4cKJXbviTBdgfPqP8_tJzNLIihA5zY6YswxdvwwOvLgeWUbnlfcCbcVgp4x8sp8z9uQsn19BZFkIS0ynMD1nJpEphSOBlcJ7QKhTlaQrH9UJ7ceUNRL5AzY-64mx_Nc4TtmG5AAiVJQhWc_ArnPlB-jPVn_eqV12nWauSza6c3gSFEo40lNXJcjLYtVfCvCQpHUJAi3TK7Kk6obkagWIJ8qhtJWQLR8U6oEsFC3Lap_3vGfhN8N2zodHK8nZxvP-NAF201mZ3fCAmNaB9WjofdGwM6XXDhakqZFFWRfupMUn39Js3hG3hwMLdnI0LDmBjOt_fzHgSIjPaBPIujM3AMS_fYdYCeoVuvNN-b84IouyksDwRX0wqJy7XwZHbA6zwCXl8e1-mCgS4XbYD8wVWpoJ4P8zfRsangH1ei-w7nBvIH9d1gOEEJwRLJen9pGVNcBxDPq6y_UJ2D7wVl9IHFqpQyMY28Q4lH0TkK9gPCpim4kmlLh9LAUrPxMBiHMjUSgJ1HKcODF2cE0vm3GqJvwYwFHz-Ck8ymQFlIB6EuhBEkT3T1aPLe7JhWzW8J7JeriH78HKUO0P7YTET0pGWUliW0_fs4VmYc0IOvGpfFZkERdbyzKEX4LcBYmuiBQbUdI5MPJy3V45KjG8WInMZAHd95TcBNg8VVPbwZMNwAlFCs5LVgAh3oFNpfA42I8Lpf4Ttl_qsHyBpTlujwYareQ80MA1sWxz5dKzaDJGUJwR3-yHXadfZP9StFvZGAqLr1uBrnsb6_-hNNOB2Wt5HiYkegyItQecKZkFZRUGKbhwKWaBxxKB75xKw1iomLKSjcFkVwQZuPuQd96CkQIn6TrGiF3nMp1hNi_z8G6dQcPnHF2cEWBuAS2RtTebJICAof0wN1ZvdAyEQ2mSzOjdJActpVlqI50G5rdUrxkRPj7poCp4b-4DOwAceDanVbDMonorQ2H1csFXCNfmpDa1iHyxiCKOQqut3ABfdhjsiC1Yfit_vh5_QwNSkQvoYJfUlB-eGRJCIzRa1TbRL8ttnZdYFt76arZl8jmr64WXp8E9VpP3LUQLTHsKa7JmSVMzzScZwEhfinuF0i3kNxjpGWlYCDcpPAotA8rSk0rDWWxMir6gV2OebBPJyJu8n38TsDOFgngwo2QJalaHsjvkEa-zFCvTi1cKjWls3XcLyT5_e2kBZDRwUbhmJMFyei1_FDAuulQEmshdN2owkKwwNYS5ACRKlO-gWUNGxOlq-AgLXcmcoqfCgf6kPmtxTdCykxNXQBXJZ4T0hhjsQ_G-TUKEJWADJMbrIWrYJOjXLoFtVAVFiXjLMF3r5zREPG8SJSZisiRKIA2IOrKcnP6wALEk_oJ7oiQr90SZIdeo6BPuejyggvHkpDobH91bjYxU-L-KMxCUKvcJ9YTgMYe3DH_R5HKpbDnwEAL6sLUi7IqZvXDU62SsIe6n18cngUTvW4udvzvNYiVkOFm8Mp4EL6CTVk5qa2V72cZNu9uId5z5jra4f3aM-Bib6r76FfNVO95TEbpTFZQTsJah4jhxkHd5CAjUhAh284l1xss6lKC9fPlhjFOck1NA7kjoXvzzSrfZm-fuzxFxPGaMwEP1Tviyd66HO4vPZMj5dTTQxX4s0rs06C4BLJqGjTdK54AiC0NtbYBdQI60VbMZO0_xWK12punYo_F3qX8wq0byoHb63jlucoiKn92AHWt7hFgnlYxGKVYBn9IcvxOjZzoBO3UMSCaKFxiO-KEMpFxK-ciz-YQ5vs3-2QDH4GbGRKqHuSpd5lNGD0sVlLIXZdYkoEGP8ZthrCcfApSEOZVcyG_DSHX_5cyPEeGb5vIl-19E3P5z28S8m7D5gS6s5VrXSppOou5wfT_bEQ5Swxk_H95lnga3xicdvi44Ym6dpbbPxcsPdsxDtZhuvZevGsnsW5KPSy8QqsKl7r16zDOvik-XQc0PaTNwo-SB2EKaLft_--M6PizDCJzgPLlgz-0TdRhU9xmZoURFYUIWLqeoZjfSHmN0xcdPYvG4XdTY2oQa7o7HV02FlDtuP7-97UTt-b5aY5H2H_dCEfURvWQzzkv6h-OHo-JmMXSEXF36mNrB6t8JS2dhR4io2pPvo_O04tDVjqiu_Nl-YTWiHsD2-pay8uKo-jKwXA9ebvQWmxtcAcRIIGXr4gClrRrXxGA5n9o8ALR985m226wFtyi_P8fTeUepN9JE5pyFWwSPr6B-ugqd0aNqET3exH_VNReqOe73jTH6zrIcYkzbFYrmb7hY3nUXDLIh6CxCTOuDxGk6nJUx9Q-PTkkPQLui7xoBNxC8XpK2UJ6D7dCW1KpMABVcN6t8hsXuE8gd6BwhnN6lLyodG0DAufpsM46rnHy-n70J65UtMpPN9d9gEXgugElmGLZP2t7qY0aa3DpHvwRinVnuKmHRbK6Cif8F7kAU5cuLicbVgyS-ykXk57MuggL8Rn35sxb7fzzxYHo4HLBOb_bP5TeAzBROvWYvYbby1-wtSJccFLox-uw91oH70ope5eeqs3JXvkb-pBsTbi17FTWpysSLYX4SonbEfUobF4c5oOFAI0IRyRBAXw8NIEbZf-VjCQnK5EYIMu_Z66oOcic6Zaozl38v5dwk3VDTULx-m-FTczk5IwCwH0Xd4EJI8Ausj5sItI0281M&cid=CAASEuRohTW0Jl-Sw8nFVC_lKv6FBQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:54:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D055
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGIMamDUPQpCSDEeq67PVXCW2gtlyvMQQgQr4tBqEGwkD020oYUH2BEwXc3D_pEmCgKyiiViCVWHV2h-N0ToY71L77Jc1yT0a1pNmzlSW6O_FR7CgaFfXz5QoOvN7OmV0lKY-UZ1lRhIPptfcJmzsEizWOcg&cry=1&dbm_d=AKAmf-DgiN3iJxOlKd1_qOpwikhiuKf9dHgx-uTzN7LA_ieV_tbwcsFXdit8obJ6HMgfDDc0-Ckp55wCjyUfdMXatal42IMyNze1Cg_LYpwMyrGJoaVe44kWSZYYyQv50zL74SM02jfcwBKOclKJwGk278oVbd0ZTjNB4ZjmXGVbz-ZEF_hmZrfUMXBEPhuXNyjqp9RrnAlVgNY3tL63PBGg7nLYB5mxYDyLVWNOteTNoU6HkXvsvWuwRh2XkJHLlVughMDTOYwq0sJpKPyQxXogloKLnwTl9qP5aZFxIzhpM7EAsbBq-gkvSLg3WJZa_kbxpE0qGz4a90WaXgjjxKxSTAkOD6gTh1NCN_ZNDEBXZAJFmpzyD5oTDYNsaABshxPJVpSQ_std8m59VHleWAAoDFC90T2F2Ollb2jWbKZpO0FhFlD9lOieLNzYfLxMuA3fLwFKU-UsmfjW3XaV8Frbi1RhlYf3r7tZVte1gcGLyOz4KD016dM0uKnD4cKJXbviTBdgfPqP8_tJzNLIihA5zY6YswxdvwwOvLgeWUbnlfcCbcVgp4x8sp8z9uQsn19BZFkIS0ynMD1nJpEphSOBlcJ7QKhTlaQrH9UJ7ceUNRL5AzY-64mx_Nc4TtmG5AAiVJQhWc_ArnPlB-jPVn_eqV12nWauSza6c3gSFEo40lNXJcjLYtVfCvCQpHUJAi3TK7Kk6obkagWIJ8qhtJWQLR8U6oEsFC3Lap_3vGfhN8N2zodHK8nZxvP-NAF201mZ3fCAmNaB9WjofdGwM6XXDhakqZFFWRfupMUn39Js3hG3hwMLdnI0LDmBjOt_fzHgSIjPaBPIujM3AMS_fYdYCeoVuvNN-b84IouyksDwRX0wqJy7XwZHbA6zwCXl8e1-mCgS4XbYD8wVWpoJ4P8zfRsangH1ei-w7nBvIH9d1gOEEJwRLJen9pGVNcBxDPq6y_UJ2D7wVl9IHFqpQyMY28Q4lH0TkK9gPCpim4kmlLh9LAUrPxMBiHMjUSgJ1HKcODF2cE0vm3GqJvwYwFHz-Ck8ymQFlIB6EuhBEkT3T1aPLe7JhWzW8J7JeriH78HKUO0P7YTET0pGWUliW0_fs4VmYc0IOvGpfFZkERdbyzKEX4LcBYmuiBQbUdI5MPJy3V45KjG8WInMZAHd95TcBNg8VVPbwZMNwAlFCs5LVgAh3oFNpfA42I8Lpf4Ttl_qsHyBpTlujwYareQ80MA1sWxz5dKzaDJGUJwR3-yHXadfZP9StFvZGAqLr1uBrnsb6_-hNNOB2Wt5HiYkegyItQecKZkFZRUGKbhwKWaBxxKB75xKw1iomLKSjcFkVwQZuPuQd96CkQIn6TrGiF3nMp1hNi_z8G6dQcPnHF2cEWBuAS2RtTebJICAof0wN1ZvdAyEQ2mSzOjdJActpVlqI50G5rdUrxkRPj7poCp4b-4DOwAceDanVbDMonorQ2H1csFXCNfmpDa1iHyxiCKOQqut3ABfdhjsiC1Yfit_vh5_QwNSkQvoYJfUlB-eGRJCIzRa1TbRL8ttnZdYFt76arZl8jmr64WXp8E9VpP3LUQLTHsKa7JmSVMzzScZwEhfinuF0i3kNxjpGWlYCDcpPAotA8rSk0rDWWxMir6gV2OebBPJyJu8n38TsDOFgngwo2QJalaHsjvkEa-zFCvTi1cKjWls3XcLyT5_e2kBZDRwUbhmJMFyei1_FDAuulQEmshdN2owkKwwNYS5ACRKlO-gWUNGxOlq-AgLXcmcoqfCgf6kPmtxTdCykxNXQBXJZ4T0hhjsQ_G-TUKEJWADJMbrIWrYJOjXLoFtVAVFiXjLMF3r5zREPG8SJSZisiRKIA2IOrKcnP6wALEk_oJ7oiQr90SZIdeo6BPuejyggvHkpDobH91bjYxU-L-KMxCUKvcJ9YTgMYe3DH_R5HKpbDnwEAL6sLUi7IqZvXDU62SsIe6n18cngUTvW4udvzvNYiVkOFm8Mp4EL6CTVk5qa2V72cZNu9uId5z5jra4f3aM-Bib6r76FfNVO95TEbpTFZQTsJah4jhxkHd5CAjUhAh284l1xss6lKC9fPlhjFOck1NA7kjoXvzzSrfZm-fuzxFxPGaMwEP1Tviyd66HO4vPZMj5dTTQxX4s0rs06C4BLJqGjTdK54AiC0NtbYBdQI60VbMZO0_xWK12punYo_F3qX8wq0byoHb63jlucoiKn92AHWt7hFgnlYxGKVYBn9IcvxOjZzoBO3UMSCaKFxiO-KEMpFxK-ciz-YQ5vs3-2QDH4GbGRKqHuSpd5lNGD0sVlLIXZdYkoEGP8ZthrCcfApSEOZVcyG_DSHX_5cyPEeGb5vIl-19E3P5z28S8m7D5gS6s5VrXSppOou5wfT_bEQ5Swxk_H95lnga3xicdvi44Ym6dpbbPxcsPdsxDtZhuvZevGsnsW5KPSy8QqsKl7r16zDOvik-XQc0PaTNwo-SB2EKaLft_--M6PizDCJzgPLlgz-0TdRhU9xmZoURFYUIWLqeoZjfSHmN0xcdPYvG4XdTY2oQa7o7HV02FlDtuP7-97UTt-b5aY5H2H_dCEfURvWQzzkv6h-OHo-JmMXSEXF36mNrB6t8JS2dhR4io2pPvo_O04tDVjqiu_Nl-YTWiHsD2-pay8uKo-jKwXA9ebvQWmxtcAcRIIGXr4gClrRrXxGA5n9o8ALR985m226wFtyi_P8fTeUepN9JE5pyFWwSPr6B-ugqd0aNqET3exH_VNReqOe73jTH6zrIcYkzbFYrmb7hY3nUXDLIh6CxCTOuDxGk6nJUx9Q-PTkkPQLui7xoBNxC8XpK2UJ6D7dCW1KpMABVcN6t8hsXuE8gd6BwhnN6lLyodG0DAufpsM46rnHy-n70J65UtMpPN9d9gEXgugElmGLZP2t7qY0aa3DpHvwRinVnuKmHRbK6Cif8F7kAU5cuLicbVgyS-ykXk57MuggL8Rn35sxb7fzzxYHo4HLBOb_bP5TeAzBROvWYvYbby1-wtSJccFLox-uw91oH70ope5eeqs3JXvkb-pBsTbi17FTWpysSLYX4SonbEfUobF4c5oOFAI0IRyRBAXw8NIEbZf-VjCQnK5EYIMu_Z66oOcic6Zaozl38v5dwk3VDTULx-m-FTczk5IwCwH0Xd4EJI8Ausj5sItI0281M&cid=CAASEuRohTW0Jl-Sw8nFVC_lKv6FBQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 13:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 13:31:50 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ Frame F82E
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e9ebaee81871691ba0ae4ea0d1d6d8f375bf61106c4bb03e70daf7179ec0032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122729
x-xss-protection
0
server
cafe
etag
6897824556669791418
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 05:00:29 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 40E9
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3874
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 87D0
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A73C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
26780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 21:34:09 GMT
expires
Sat, 17 Jun 2023 21:34:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 16EC
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
99eb6feb78c4ee3e06191b8f3c7e6ae11f64259d2c13cc5278b6ff011e81e6e4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--guoCYqR-eSVDCoTRJr8ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce--guoCYqR-eSVDCoTRJr8ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Sat, 18 Jun 2022 05:00:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 3DAC
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f9ad127c49eeaf97da6e47928b0f38fdb897cf9531abb9acc167e4406c0fb8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame EA73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECNWFSoTcTOcpzxzTTqyJW0&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECNWFSoTcTOcpzxzTTqyJW0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGO2GwcoBMAE&v=APEucNVpIwIV9irijv30r6DzmOi1UFIUqpxLnY4sWk0GIqii8buK92gLg-LYXADDDrWs6fo2kYTH10aC8lFN1Gvf2wA8Wmoa5eifH35qxCftFy6oP4jZ3jb-HyICkte9X8M_LgQwyizFz4uyxDNSzuJmgPhFS0fv42pnH7ZiSyC0Iwx0hzDapVw
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECNWFSoTcTOcpzxzTTqyJW0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame EA73
43 B
306 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGO2GwcoBMAE&v=APEucNVpIwIV9irijv30r6DzmOi1UFIUqpxLnY4sWk0GIqii8buK92gLg-LYXADDDrWs6fo2kYTH10aC8lFN1Gvf2wA8Wmoa5eifH35qxCftFy6oP4jZ3jb-HyICkte9X8M_LgQwyizFz4uyxDNSzuJmgPhFS0fv42pnH7ZiSyC0Iwx0hzDapVw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame EA73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFNFjYUZYVwSshKJDJ8_GzQ&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFNFjYUZYVwSshKJDJ8_GzQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGO2GwcoBMAE&v=APEucNVpIwIV9irijv30r6DzmOi1UFIUqpxLnY4sWk0GIqii8buK92gLg-LYXADDDrWs6fo2kYTH10aC8lFN1Gvf2wA8Wmoa5eifH35qxCftFy6oP4jZ3jb-HyICkte9X8M_LgQwyizFz4uyxDNSzuJmgPhFS0fv42pnH7ZiSyC0Iwx0hzDapVw
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 18 Jun 2022 05:00:30 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFNFjYUZYVwSshKJDJ8_GzQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame EA73
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGO2GwcoBMAE&v=APEucNVpIwIV9irijv30r6DzmOi1UFIUqpxLnY4sWk0GIqii8buK92gLg-LYXADDDrWs6fo2kYTH10aC8lFN1Gvf2wA8Wmoa5eifH35qxCftFy6oP4jZ3jb-HyICkte9X8M_LgQwyizFz4uyxDNSzuJmgPhFS0fv42pnH7ZiSyC0Iwx0hzDapVw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 18 Jun 2022 05:00:30 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3DAC
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
332087
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 08:45:42 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3DAC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 16:39:45 GMT
x-content-type-options
nosniff
age
390044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 16:39:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 2919
27 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI3rXZ4E97feHieNsrcKT6gL2LE-onZ_dct-dG39wc5EnmxTxmDQ2AoKAr7kT3RWAOIsAtKBlda8kBgKUoB-ifZ-cq3r28D9sdUf9ZWppoF71iYBHgEHipAAkbOY9GH3HhS88ZrQe1ABX2QB_JYZ_Yv9HksA&cry=1&dbm_d=AKAmf-D6w3ToBA6iAND6m4tOQNDlwlTbRd_Eqk4DfZh8Y5SWo1Lqxu7pT9lNRSkSmbrcSdAO_CizlrMfN2zlhhMT9CFTUkuEKy4LjJjPZX_ItbxzqhU-WmEYyatvkXvQcxLu1NM1XlI_Q6kPOYPfcSM2YZV7pBDLHA9NFZrWON4twTeab-Vi9eJyhDOLOBi3tH4tz0L3Clr7GtYH-BNPjs4b6foYp96eO9CGSlZyUsALsToaJkTJnY_bDQ9xteCYtGdlY1y8pm01iKfjVChyGnM64OS47y4REq7jQd3krsL0jTwRbVd2YLaHNb6azr55oer1DJhzX-DX59YT6gMJyz6mZlqd3sPepczT6xwh4QvIPsrKIZM52M8UCJ_SfYqXxxOP2nFBacQ1KPzN6Zcx6HB49C9X7EKth9jZnnp8m0X61BSnpHCLREmTiswgbXGxv-3HpwBiBqqm7CriPWJw1PD-teSweJpD-imbY5bLCTSm6KWhXkPXG83OcsosgsIZnho--F_1sVifEosAOOY7mnd4Q-OK9KdxLIMigcNGVcjOOVkS4TYJpwclVVY9Mh4A28ShBZlrSyPQoFHXg8DSVa6_Uw-QM9kfRtQlqdlkqUy0_EAYggCIwujJexVVg5kzY2_htp0dMkZ4rpOQ1CPsVbn_WE9D8gWT3xsnjL-NHHABmouI5cR9TI7ePBb9dJKOiOHbP6ufE8bzrI_xVz2CqeG6Vi-38BRKqKwK7wxNW32qhoCJYwgpXCT_sKFSboUqQRGX0HTZymaBg5dMzje4ecbNgyFKhGbBGOnqgf--nOf1lElEY2pklbALvG8yEm_eE5AuYtJUUCrGqfzS67bg5vHugazFEtKzUyEJUN53n9bok82Lbfsc9DmRpt9vS6HY-suNmeJdW5DY9Msdl_Mjn9Q7XvasPpTo5a-beF709cSHGKydoXUY7GNXeUzTWzQ-rHII0rFU3MjqbEWs0aAdTTgIbJfxG83PUigk42SJo6DFFjy1HIcNSWSy7oWbhuqaAEKWditSb9lw5N-AJnh-bDmNGnApePEXr0OI1iD_5bPiXTZVBGxUu12yl3kWcdkuD9YrXIAnFss5Qcux1GU7HoHqt5y4D2LueoxCxH8HQvwCTvz8hR20KaTarouKO2dmjmkaSAKouDfQf9SemfyVmwk0bTErgzBz6FIb-RsPzXrg4WxNRE2y5pC3hbVc3CG_O6maed2Yn7fQt36ZjUEoqK7D1FXgsYdilUnjFrDWlU8YaZcQ-e6f6885WQf9s228_P2tvgZY35u9I1wK9Y3GOLkAmxo4xQH3kPcyiQgihklSZsAw4ZfZq6DnIgEd_IE8I8lanPuNc2GTGipm5kvJ-nExUJlPpflkCfs7MQo3E_17CpjfjdoBbRMlCedY-58WSOZn2t0_YnNW_Z4tzp5JqtTVKp3wVfAUE5pMmOdatSX968eLczjVPcmpsuEP41Kxv9e_MRvOrpURkqLmrorDm9MmkXI8eh0RsFddmZ5owkZibNkR395pYb3LL8284iMRgH9yiHvlkyxR2upJO4fVBwYk2nVGFlJV8JyDTlREd88tAC-fFlnyrxKRA1sc1vsdixcOxX3PMoarQGKTeN_VL4RZHu6-iczo3eGrx3Ug3J2mcSpuT8t2bo8pY2-rD_IDVy-p00I-HE1rmx6I4qaxjHM3frZ0P0V7RAFjw2AWLfIoHmI4rfoIXLjGmi8VrB91PwnxQ8pVNEOKhQLOk7McnqZclir6BUsmmUQ1r9dBYXlwggyVo0EzGE2wtkzCAyxcEYXEpXRKJ_nasIAHPnToz2e-GSCWPvJ0HpdRWBl1dRUv3laZABT32MPZKJuQ3wHHwgRJuAK6Ifib0OcH1MizVfHcwNhnNV72m3hi2iGEWQenwEwZMipC-XM7GJDMFr91ZjfcXFF_JZUWqwowOlf0OLGrQfK8BerriU_I2urnN_1JKd-RiRTPKrOwpKJLdIjKWcgcGbIzy_4Syr2xaHRrEJEd4wQV0TIV5W-9giXsYKkmKt6_IecMdjjXVP27ysOo3uiUwv_S9LWvbWvQyMw5f5KnYJeYJZEzMurVOjCwE-deGKQqENEzLtzk1cGWpALdd9tLSZkRK0mCN7hCPbJULFpTPwyp5lcpjlt3Ei3CNHkYVJCDzdbL4vbf922w2ghz8IZQmHVhLDmfy5k3zyCcydeVE_ZWm0B3MiRIAexSzTfiyRicNeINv3ywUlRtNvAWxzlBe9aGjPXxO5miEcsvFm4Tz-DmxI-IK_4-OpugkPps8-qUTglJFiBDc8jRT_4jGYSv1v4O3WjBd-Y3Scc66kzu8jEetM1RlbKURRE8N_8g1puFhn2gy82MwbHndmzR1XEEkeVa5S6KIr79loARabR285OGIfVEt9hPgDSmOtSTSJXWs1iJc17248g7ykNnjuFCRCcdhSB0euecIW61PTOt3WOc3BWyFWG8GiofBST3o3oc8UTKqgaqjbPlc53C0ip0otWfB8QEMsP9h1LyhForGGAe1EQQxoi8Zsnc7yksW5jdcPJfcpfGCpKhqM3XjmCtHeWuMtxllDL3OsXeNjxvuoh2BVYJXuvHfRsDg_GYRNNviiBLnB88n9la2NoT68L4oumdAUKvf9D9Bnpf0TjLMjJy3FfLaedyuYB-YlwrvtBP3C2U1hFT9grBtJciOdI80LwGOQ0YR4cX4mZep-lhpUs9bdGKJlRvh72Zr3f0vhcKWggYVRvlV7WHZftSOGPHura17VXTCo2Oh-RFCSQLZt4qpbl8QESGayR3Ud8B4_ezgxCPDGgpuEHceS9iHiNFS76U7R05g0fEpjpxN1nQ3VQRzt8FbG7OCb2hiVGbhbg7_WIyPDdvHEaoG_Y36ZE9kmQzHsymjegZ_pJ5EhAO2ZN4TvPv5oluRIwtCO3HpekcSasmhAOqpSGhkjcu8PGI9HnyA8gHb_s8zyGqR25SRWCOyLEtzek0wP6d_0Dz50Yv24VKn34uUnxclqiRnxhpNC26Qk7KmhoTPqhBuB8v6L2a5sluLyWx5Ofe1qnEp0Eo1vyrg-WU5eth0rPVhql_ycv5zxMzduFQbO1hBDI7bmmILrw74KTWm6WHSwHg0r9Omd_0OdFpcoDp-ww8zB7llUf4HMbf2t_Y66g72t_t-a_jP-ILgKa4Sa6q5-zj4aSsPc0--Ko&cid=CAASEuRoMM1V4-13zEwU-UiO5PyYfQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:54:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2919
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI3rXZ4E97feHieNsrcKT6gL2LE-onZ_dct-dG39wc5EnmxTxmDQ2AoKAr7kT3RWAOIsAtKBlda8kBgKUoB-ifZ-cq3r28D9sdUf9ZWppoF71iYBHgEHipAAkbOY9GH3HhS88ZrQe1ABX2QB_JYZ_Yv9HksA&cry=1&dbm_d=AKAmf-D6w3ToBA6iAND6m4tOQNDlwlTbRd_Eqk4DfZh8Y5SWo1Lqxu7pT9lNRSkSmbrcSdAO_CizlrMfN2zlhhMT9CFTUkuEKy4LjJjPZX_ItbxzqhU-WmEYyatvkXvQcxLu1NM1XlI_Q6kPOYPfcSM2YZV7pBDLHA9NFZrWON4twTeab-Vi9eJyhDOLOBi3tH4tz0L3Clr7GtYH-BNPjs4b6foYp96eO9CGSlZyUsALsToaJkTJnY_bDQ9xteCYtGdlY1y8pm01iKfjVChyGnM64OS47y4REq7jQd3krsL0jTwRbVd2YLaHNb6azr55oer1DJhzX-DX59YT6gMJyz6mZlqd3sPepczT6xwh4QvIPsrKIZM52M8UCJ_SfYqXxxOP2nFBacQ1KPzN6Zcx6HB49C9X7EKth9jZnnp8m0X61BSnpHCLREmTiswgbXGxv-3HpwBiBqqm7CriPWJw1PD-teSweJpD-imbY5bLCTSm6KWhXkPXG83OcsosgsIZnho--F_1sVifEosAOOY7mnd4Q-OK9KdxLIMigcNGVcjOOVkS4TYJpwclVVY9Mh4A28ShBZlrSyPQoFHXg8DSVa6_Uw-QM9kfRtQlqdlkqUy0_EAYggCIwujJexVVg5kzY2_htp0dMkZ4rpOQ1CPsVbn_WE9D8gWT3xsnjL-NHHABmouI5cR9TI7ePBb9dJKOiOHbP6ufE8bzrI_xVz2CqeG6Vi-38BRKqKwK7wxNW32qhoCJYwgpXCT_sKFSboUqQRGX0HTZymaBg5dMzje4ecbNgyFKhGbBGOnqgf--nOf1lElEY2pklbALvG8yEm_eE5AuYtJUUCrGqfzS67bg5vHugazFEtKzUyEJUN53n9bok82Lbfsc9DmRpt9vS6HY-suNmeJdW5DY9Msdl_Mjn9Q7XvasPpTo5a-beF709cSHGKydoXUY7GNXeUzTWzQ-rHII0rFU3MjqbEWs0aAdTTgIbJfxG83PUigk42SJo6DFFjy1HIcNSWSy7oWbhuqaAEKWditSb9lw5N-AJnh-bDmNGnApePEXr0OI1iD_5bPiXTZVBGxUu12yl3kWcdkuD9YrXIAnFss5Qcux1GU7HoHqt5y4D2LueoxCxH8HQvwCTvz8hR20KaTarouKO2dmjmkaSAKouDfQf9SemfyVmwk0bTErgzBz6FIb-RsPzXrg4WxNRE2y5pC3hbVc3CG_O6maed2Yn7fQt36ZjUEoqK7D1FXgsYdilUnjFrDWlU8YaZcQ-e6f6885WQf9s228_P2tvgZY35u9I1wK9Y3GOLkAmxo4xQH3kPcyiQgihklSZsAw4ZfZq6DnIgEd_IE8I8lanPuNc2GTGipm5kvJ-nExUJlPpflkCfs7MQo3E_17CpjfjdoBbRMlCedY-58WSOZn2t0_YnNW_Z4tzp5JqtTVKp3wVfAUE5pMmOdatSX968eLczjVPcmpsuEP41Kxv9e_MRvOrpURkqLmrorDm9MmkXI8eh0RsFddmZ5owkZibNkR395pYb3LL8284iMRgH9yiHvlkyxR2upJO4fVBwYk2nVGFlJV8JyDTlREd88tAC-fFlnyrxKRA1sc1vsdixcOxX3PMoarQGKTeN_VL4RZHu6-iczo3eGrx3Ug3J2mcSpuT8t2bo8pY2-rD_IDVy-p00I-HE1rmx6I4qaxjHM3frZ0P0V7RAFjw2AWLfIoHmI4rfoIXLjGmi8VrB91PwnxQ8pVNEOKhQLOk7McnqZclir6BUsmmUQ1r9dBYXlwggyVo0EzGE2wtkzCAyxcEYXEpXRKJ_nasIAHPnToz2e-GSCWPvJ0HpdRWBl1dRUv3laZABT32MPZKJuQ3wHHwgRJuAK6Ifib0OcH1MizVfHcwNhnNV72m3hi2iGEWQenwEwZMipC-XM7GJDMFr91ZjfcXFF_JZUWqwowOlf0OLGrQfK8BerriU_I2urnN_1JKd-RiRTPKrOwpKJLdIjKWcgcGbIzy_4Syr2xaHRrEJEd4wQV0TIV5W-9giXsYKkmKt6_IecMdjjXVP27ysOo3uiUwv_S9LWvbWvQyMw5f5KnYJeYJZEzMurVOjCwE-deGKQqENEzLtzk1cGWpALdd9tLSZkRK0mCN7hCPbJULFpTPwyp5lcpjlt3Ei3CNHkYVJCDzdbL4vbf922w2ghz8IZQmHVhLDmfy5k3zyCcydeVE_ZWm0B3MiRIAexSzTfiyRicNeINv3ywUlRtNvAWxzlBe9aGjPXxO5miEcsvFm4Tz-DmxI-IK_4-OpugkPps8-qUTglJFiBDc8jRT_4jGYSv1v4O3WjBd-Y3Scc66kzu8jEetM1RlbKURRE8N_8g1puFhn2gy82MwbHndmzR1XEEkeVa5S6KIr79loARabR285OGIfVEt9hPgDSmOtSTSJXWs1iJc17248g7ykNnjuFCRCcdhSB0euecIW61PTOt3WOc3BWyFWG8GiofBST3o3oc8UTKqgaqjbPlc53C0ip0otWfB8QEMsP9h1LyhForGGAe1EQQxoi8Zsnc7yksW5jdcPJfcpfGCpKhqM3XjmCtHeWuMtxllDL3OsXeNjxvuoh2BVYJXuvHfRsDg_GYRNNviiBLnB88n9la2NoT68L4oumdAUKvf9D9Bnpf0TjLMjJy3FfLaedyuYB-YlwrvtBP3C2U1hFT9grBtJciOdI80LwGOQ0YR4cX4mZep-lhpUs9bdGKJlRvh72Zr3f0vhcKWggYVRvlV7WHZftSOGPHura17VXTCo2Oh-RFCSQLZt4qpbl8QESGayR3Ud8B4_ezgxCPDGgpuEHceS9iHiNFS76U7R05g0fEpjpxN1nQ3VQRzt8FbG7OCb2hiVGbhbg7_WIyPDdvHEaoG_Y36ZE9kmQzHsymjegZ_pJ5EhAO2ZN4TvPv5oluRIwtCO3HpekcSasmhAOqpSGhkjcu8PGI9HnyA8gHb_s8zyGqR25SRWCOyLEtzek0wP6d_0Dz50Yv24VKn34uUnxclqiRnxhpNC26Qk7KmhoTPqhBuB8v6L2a5sluLyWx5Ofe1qnEp0Eo1vyrg-WU5eth0rPVhql_ycv5zxMzduFQbO1hBDI7bmmILrw74KTWm6WHSwHg0r9Omd_0OdFpcoDp-ww8zB7llUf4HMbf2t_Y66g72t_t-a_jP-ILgKa4Sa6q5-zj4aSsPc0--Ko&cid=CAASEuRoMM1V4-13zEwU-UiO5PyYfQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 13:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55719
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 13:31:50 GMT
pixel
cm.g.doubleclick.net/ Frame CA36
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEL2IU848UqD5NFKeIRoxZA&google_cver=1&google_push=ARnp8GBVvcCVl7t6_ykDsgvWGeoTajIaMjrJJsw0_VI5UWbjpb1qOjuYCp...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBVvcCVl7t6_ykDsgvWGeoTajIaMjrJJsw0_VI5UWbjpb1qOjuYCpK-PeLWwYOhPrDLCk7HDHcz_bEf6qwWj6RozmisXWLpQQ&google_hm=cWB3Gezbld...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBVvcCVl7t6_ykDsgvWGeoTajIaMjrJJsw0_VI5UWbjpb1qOjuYCpK-PeLWwYOhPrDLCk7HDHcz_bEf6qwWj6RozmisXWLpQQ&google_hm=cWB3GezbldNgejps3toxHw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBVvcCVl7t6_ykDsgvWGeoTajIaMjrJJsw0_VI5UWbjpb1qOjuYCpK-PeLWwYOhPrDLCk7HDHcz_bEf6qwWj6RozmisXWLpQQ&google_hm=cWB3GezbldNgejps3toxHw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CA36
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GC9wZBHQ9f5DjHrLosddUkb6CivAlRYMMlaspgoRarUUKWmJal-mRwSp4F9tq2ocUlpfV_6IA9jZ3JiSdItAcDHwrVCJ5-NNQ&google_gid=CAESEEC7a-WO7SzFdDt440aUdks&g...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO23tZUGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUm5wOEdDOXdaQkhROWY1RGpIckxvc2RkVWtiNkNpdkFsUllNTWxhc3Bnb1JhclVVS1dtSmFsLW1Sd1NwNEY5dHEyb2NVbHBmVl82SUE5alozSmlTZE...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwakNNb1oxRlV0RUkyaE53dEhMUmh5LTYxQWRNaTFzdkVJSVFnZkcweEVVQQ==&google_push
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwakNNb1oxRlV0RUkyaE53dEhMUmh5LTYxQWRNaTFzdkVJSVFnZkcweEVVQQ==&google_push
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 18 Jun 2022 05:00:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwakNNb1oxRlV0RUkyaE53dEhMUmh5LTYxQWRNaTFzdkVJSVFnZkcweEVVQQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
odr.mookie1.com/t/v2/ Frame CA36
43 B
61 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELItBDqQgQ3uFdmsO9LQd8Q&google_push=ARnp8GApa59SYPvMemqg9X95DF7VpcTX_sEQ0oo2SD7fCOVfRcL9ijq6wqx8XN9vpKlwkDXdrI_FWiYOPXEZZ4dt1K7ynJmSXuFimQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame CA36
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDv3JtesT1ZKkDPtgwFIg84&google_cver=1&google_push=ARnp8GDIiEyHvb_w4ZcLpfh_0ZZ5BIQ0FO2eBLLlM0gwciTmWwxSYh1_TIUp6J8ISnokTvjfsuLfCPoIRgMP-ZlmAqT3wSaC5NCoWw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
b7nv3el8vinkqg4150nhjgcrp9r3ku71
pixel
cm.g.doubleclick.net/ Frame CA36
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDdHIABHzEqFvXgg33_k-310kt616xzHbmi_Ao4PATjpLPdwTtd-IGG86s6z0vIAGzfaUgpgb5jInJl2eWj55tCy1EJkG_Faw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDdHIABHzEqFvXgg33_k-310kt616xzHbmi_Ao4PATjpLPdwTtd-IGG86s6z0vIAGzfaUgpgb5jInJl2eWj55tCy1EJkG_Faw
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame CA36
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN8073sYJ9vzJI-HUx7jr-o&google_cver=1&google_push=ARnp8GB2QFwfSIfDPQz_rXulkIek64l2JHtMLcgIugyhRLaCpWtzEY-MxEBygfE_vUG0ltnEG8G...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZSVlktNy1NNE5P&google_push=ARnp8GB2QFwfSIfDPQz_rXulkIek64l2JHtMLcgIugyhRLaCpWtzEY-MxEBygfE_vUG0ltnEG8Gd8qslxJcvDVy7PK9uLXvNHqTc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZSVlktNy1NNE5P&google_push=ARnp8GB2QFwfSIfDPQz_rXulkIek64l2JHtMLcgIugyhRLaCpWtzEY-MxEBygfE_vUG0ltnEG8Gd8qslxJcvDVy7PK9uLXvNHqTc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZSVlktNy1NNE5P&google_push=ARnp8GB2QFwfSIfDPQz_rXulkIek64l2JHtMLcgIugyhRLaCpWtzEY-MxEBygfE_vUG0ltnEG8Gd8qslxJcvDVy7PK9uLXvNHqTc
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame CA36
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_push=ARnp8GCVOWbgx3e1qUdPJBPPhWIwWmWvIXnGDwBf04XmYWoE5ZkQSZQ6nhG6Uzfs3fjdRceE0z2a5YHrNyQbIWCdTA...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_push=ARnp8GCVOWbgx3e1qUdPJBPPhWIwWmWvIXnGDwBf04XmYWoE5ZkQSZQ6nhG6Uzfs3fjdRceE0z2a5YHrNyQbIWCdTAJIcKmbixFk&google_cver=1&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_push=ARnp8GCVOWbgx3e1qUdPJBPPhWIwWmWvIXnGDwBf04XmYWoE5ZkQSZQ6nhG6Uzfs3fjdRceE0z2a5YHrNyQbIWCdTAJIcKmbixFk&google_cver=1&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Sat, 18 Jun 2022 05:00:29 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CA36
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1aDBYaIZNF76PCSoxvC0ifEWE6DIBF6JrDugzBnfP9OmvhqImutJbR46Uv0XHg_0OXIza
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dcmads.js
www.googletagservices.com/dcm/ Frame D055
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145646/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_t...
  • https://www.googletagservices.com/dcm/dcmads.js
23 KB
9 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2b1348622fc97e3f0f6e0272b5707fd75af7bd22e5996b6337c233b94cca504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8772
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 18:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:08:20 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:29 GMT
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 5305
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
10594947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
zyutRnjThpFKU3mEUPg6MqetgG8YO-TlTWrcCbxQ92p9xxgxIplxTA==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 80DF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
26780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 21:34:09 GMT
expires
Sat, 17 Jun 2023 21:34:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C800
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9043a9e2e52540b62b0cf26876c12deaa90f9a823e3c086289ad60da9acffe92
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XUVtxO4JfJqCIsgEwat6Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-XUVtxO4JfJqCIsgEwat6Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:29 GMT
expires
Sat, 18 Jun 2022 05:00:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
logcz.aspx
ads.go2net.com.ua/
0
220 B
Image
General
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 18 Jun 2022 05:00:30 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame F82E
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F82E
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4F03
603 B
65 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823869&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528429606&bpp=12&bdt=206&idt=406&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=4774550765480&frm=8&ife=1&pv=2&ga_vid=1561587913.1655528430&ga_sid=1655528430&ga_hid=1812444650&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3853590412&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31067769%2C42531605%2C42531608%2C31065825&oid=2&pvsid=2096387545079407&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ax1dj21qbied&fsb=1&dtd=420
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxX2V,pingTime:-3,time:215,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B210~0%5D,as:%5B210~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxX33,pingTime:-6,time:223,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:223,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B218~0%5D,as:%5B218~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FE78
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
248730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jun 2022 07:55:00 GMT
expires
Thu, 15 Jun 2023 07:55:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 399F
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxX49,pingTime:-2,time:291,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:472,mdZ:780,beA:928,beZ:929,mfA:931,cmA:932,inA:932,inZ:935,prA:935,prZ:958,si:964,poA:965,poZ:981,cmZ:981,mfZ:981,loA:1151,loZ:1154,ltA:1219,ltZ:1219%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:291,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B286~0%5D,as:%5B286~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:255,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dcmads.js
www.googletagservices.com/dcm/ Frame 2919
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145720/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_t...
  • https://www.googletagservices.com/dcm/dcmads.js
23 KB
9 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2b1348622fc97e3f0f6e0272b5707fd75af7bd22e5996b6337c233b94cca504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8772
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 18:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:08:20 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 7E6E
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
10594947
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
2uTRw2YzoU8H5cR_-OxbgQjSfEDU0dd9N5UKawl9lJj-ZFdYm2rP-w==
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxX5w,pingTime:-3,time:83,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t95azQk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxX5z,pingTime:-6,time:85,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:85,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t95azQk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FD78
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
248730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jun 2022 07:55:00 GMT
expires
Thu, 15 Jun 2023 07:55:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 16EC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=2788399133417738&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

impl_v89.js
www.googletagservices.com/dcm/ Frame D055
54 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v89.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145646/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417943%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1655528428%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1655528428772%26bpp%3D2%26bdt%3D695%26idt%3D167%26shv%3Dr20220615%26mjsv%3Dm202206140101%26ptt%3D9%26saldr%3Daa%26correlator%3D2138816995503%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1386756890.1655528427%26ga_sid%3D1655528427%26ga_hid%3D1122636691%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44763827%252C31065741%252C31068031%26oid%3D2%26pvsid%3D3733430330646665%26tmod%3D1053751258%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.bndv2ojkvd0y%26fsb%3D1%26dtd%3D173&adsafe_type=d&adsafe_jsinfo=,id:165b283a-4bfa-1471-43d9-ee2ecaae944e,c:fRxX01,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-t985h,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:35,oid:931a243b-eec3-11ec-bc69-520ed5c1185b,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c074fe7caed85285ceec6f5a877867b78a4af8f1ef0b0adc9a2200da2112d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 11:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21503
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 10:59:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Jun 2023 11:05:57 GMT
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxX67,pingTime:-2,time:119,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:525,mdZ:749,beA:1192,beZ:1193,mfA:1194,cmA:1195,inA:1196,inZ:1198,prA:1198,prZ:1216,si:1223,poA:1224,poZ:1244,cmZ:1244,mfZ:1244,loA:1277,loZ:1283,ltA:1311,ltZ:1311%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:119,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B114~0%5D,as:%5B114~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.1043867-63145646%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:87,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame A73C
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C800
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=2373915998708392&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/getconfig/ Frame F82E
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fa54724a400db40d8399022a241b22fdf7cd972799ae5024c7c630b70956c75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10632
x-xss-protection
0
ptrack
a.audrte.com/ Frame 3AE4
368 B
881 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.99&p=M1353665098&artime=2022-06-18T05:00:30.377Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f47ddb901a9b694f3c501d3ab5842478b838f473c6b707c8ae5436735ef5ef14

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 3AE4
155 B
630 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-112.ams50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Jun 2022 18:41:55 GMT
via
1.1 0b3cd120321973f1462a42e82c43c1cc.cloudfront.net (CloudFront)
age
37116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
AMS50-C1
accept-ranges
bytes
x-amz-cf-id
lhHsvEHZrmvZDOqfTEI6OAj-uVffuevISx0C1WHTSbW3EFfUs0jqcw==
generate_204
tpc.googlesyndication.com/ Frame 970B
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?f92J5w
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame FE78
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
generate_204
tpc.googlesyndication.com/ Frame BD0C
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?kfkpKw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
B27487152.335944547;dc_ver=89.262;sz=728x90;u_sd=1;dc_adk=3062569614;ord=3fnnr9;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPKdY7FutYsT7PIHu3gOMlZCYBaPSuLVq26WIlYAQ...
ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/ Frame D055
51 KB
25 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.335944547;dc_ver=89.262;sz=728x90;u_sd=1;dc_adk=3062569614;ord=3fnnr9;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPKdY7FutYsT7PIHu3gOMlZCYBaPSuLVq26WIlYAQ9P63uIMpEAEgrOT2CGC7hoCA0AqgAfiv_ssCyAEJqQLlrbSuSYG0PqgDAaoE6AFP0LpOk6RXg0HBlc-8vZQg7rTP8Sex4CjpIoB9ehjWyPmEXMX1ahbM_2ekzRiFdsHbPBmz_M1pWCaeFp3n3PXdrlA-Gds2WeBWFTUyCEG5itATIrFia3ovNdksTcdpBpORQ1LHOoRhxs56bFWI2k4CO-3A87g3akll1iMDut8VfNc5gC83x4pISYw-p14tGooLtInPtdvQ4j6j85Q17mPXgsvmlnwf7l8HfNqruDDaDO4724nT4BjBUQJjG8qZRgNilJNOxLbjyvp_XncTFFZNn7rvSbXxpkQTJIeRLVMbUE-gmVPfTrkEwAS_tYCf4wPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOOqMMP0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRohTW0Jl-Sw8nFVC_lKv6FBQ%26sig%3DAOD64_2CfQzG6nuEn9-MWqDpmBVDTLJHjQ%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-BayVWURVvK0WzyGmaHfgmYCxzAf80PPbRthKfS2-Rcr8ShRm1ejSbUQZZcE8p7UQ_ni_6F25Weq-AoNOeiKMMfvYpHrz48Cpp5AxRopOadp6ms0e3zCqCgsPpOe_mc9uI85k4UIL6igqAuA3FaPTOf-n8_xw%26cry%3D1%26dbm_d%3DAKAmf-AKR8ZfJm_8TYJuMYgOYGYs6spm9n8RuPjGzGr2PFMVRI9gVTCwlujCjvOevFIMObjGXWNidLG5sn3SjxcoJ7rpTaG8TfGjcrpbOZNfVtqAF9f4sIMu0pKxmlLdmDUd4NUatlKBNrRGGD5i_4TmhW35EgK-JnfzY6cAkVF5dZVdUDxcks8vkpdL9Kxa_OZ_7K25TIHWvCyb1zoDEmQzzyFJqjrr6fghL6lO7Gtc9Yua5WtvyTNTsy_MZAbQfGjoxiPQd09I4pBiWwO53LIOWo2DHRyuUiccoylE4vmtuNQwcvjPZYKMvGAd5HV2gO0I-dDvq3WCjsYhQddyQHnfP9vikYcpaA6EDwED5rV7THb71uFgTvdtmrL7XmhQ0kOcNVTWxhx47hvjHzRzkGIicyRb8JnxMCZGZ383NJ_LgzL2aP1uVxLG4K3-gy0dpVRWXYv-Po3oK5z6qiFMgiYiYYoT3JoVTx23V-w0YH-mTjnDjTvEkeQ%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=Xf4!J*25tu;stc=1;sttr=129;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
8749f0e5d877970a6e18f0f54255eaa8556203435950b181f4c6bcb7fab6f5f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25750
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v89.js
www.googletagservices.com/dcm/ Frame 2919
54 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v89.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145720/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D250%26slotname%3D6208660382%26adk%3D2159672584%26adf%3D2751417948%26pi%3Dt.ma~as.6208660382%26w%3D300%26lmt%3D1655528428%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1655528428852%26bpp%3D2%26bdt%3D717%26idt%3D105%26shv%3Dr20220615%26mjsv%3Dm202206140101%26ptt%3D9%26saldr%3Daa%26correlator%3D2138816995503%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1386756890.1655528427%26ga_sid%3D1655528427%26ga_hid%3D1697581068%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D970%26ady%3D933%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1564989781%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31067769%252C42531605%26oid%3D2%26pvsid%3D2243736371601816%26tmod%3D1326392155%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.yibyr0cbvb9r%26fsb%3D1%26dtd%3D122&adsafe_type=d&adsafe_jsinfo=,id:d48ddb93-4e33-5167-1b65-b6445bf05481,c:fRxX4G,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-qshkx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t95azQk+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:30,oid:931a249a-eec3-11ec-b2bd-86a0353e4bdb,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c074fe7caed85285ceec6f5a877867b78a4af8f1ef0b0adc9a2200da2112d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 11:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21503
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 10:59:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Jun 2023 11:05:57 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame 80DF
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
generate_204
tpc.googlesyndication.com/ Frame 40E9
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ujvb-w
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F82E
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 05:00:30 GMT
data
bcp.crwdcntrl.net/6/ Frame 3AE4
20 B
312 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.23.123
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame FD78
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
B27487152.336230209;dc_ver=89.262;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3430571816;ord=l6e1dv;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j-f7VutYqxWj8HfA7KCoIA...
ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/ Frame 2919
51 KB
26 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230209;dc_ver=89.262;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3430571816;ord=l6e1dv;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j-f7VutYqxWj8HfA7KCoIAJo9K4tWrrsoiVgBD0_re4gykQASCs5PYIYLuGgIDQCqAB-K_-ywLIAQmpAuWttK5JgbQ-qAMBqgTpAU_QnDyCotVvkmCIOKPtIGXAhwsXequV8w4lLu-QOxWrM333UkaMXOFsNtxtV_2v3Ua9PFM8cyP5wjN9pOJs69GUPe698SHcnKXIrlt5pXUHlGCPY2KJ3QR7WwtjH35ZIkCgEZDNS8QQnDtEQYNGKLYpn3HT9f5pIHzad9wIZvsch-ek9o8a_EfvfWHSC69_Dp995KQBkNoIjw6v9b2dzeRrpdYnmorZLQYrmHPUwf2Qp0AYVfR1rvoFwD9dwEd8RKEtGS8YRSs1Td7AyPM8niEWtBZiAZ2MMYi8nJY6cHD7xtcp8PBcaufVwAS_tYCf4wPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOOqMMP0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoMM1V4-13zEwU-UiO5PyYfQ%26sig%3DAOD64_0hIqTCztuDlMDTljdrxl-tz6GvDQ%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-Bx6neZOL7iUwVtSejBFBryQD8Iq9IEi2Sa5V1JDHt8YnseHwPmUugBxObZRAH0SXz7qqgEs-74QsrsaO4jD2ANpCfv0qfBwDNhrEK9eKleV1zTvxQQgZw_qCfJgA9GhmyMhY__QIIdgRl0xYKda6NFEWUFmA%26cry%3D1%26dbm_d%3DAKAmf-CgNJ3XAb9T_NYCjEBLSo4QNez6DXi3KEKhs-6dFx0v8kd8T7B4HphCE5q4cD6P3bowB7L4i82yRGYGWOtmnBVBqWZNF19j8Gs5SDAQPyGA02_bv14tYJJTclbvctR4tmI5_fG1Oo0muLEK_Ua8S3FYTmU9UsrIcLA0Tdnsz2L0lBbdCiGZ-2M-zwHEWtv6VzYromnNzrr11THAIAyMtgjhLAKYm13NL3YsHS-3J9y5f8blCTTkziYgazcSTeg_a2GLFx0H_BahYS0z3b-7pj-j_9kBuntEosixvHqsTCugqXDGUzYkK61IVL6JPd4GRTSnrn-Y0huF4-luyYnW1L0vsnJvLQx-gR-sOzxxZGyaRaOL5Y9Az412eKO7EHW_nc3X9OysqburPFmAeWeHjlhlajvQm-VqENstVAlwA6JZVr-tb32O88o2ELAN-a_E5H7JHO0TsanFu7o-MzcPUY9t_O_pRbA8I3LLl7T5n8fphKgRwr4%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=Xf4!J*25tu;stc=1;sttr=85;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
116ecf73c63439f961f84e512b10db82b11998362367b48c5daed9672e002c12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25847
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
a.audrte.com/ Frame 3AE4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=&google_gid=CAESEK9PHSPwcXzeZXGvBZSJwzk&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 3AE4
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
match
ps.eyeota.net/ Frame 3AE4
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5771192511099334769
  • https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=41hbWGgowElQm2avfzXj83L0A&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6A51
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurDCMCz-uvGFqeOL8_qeHfZl3u-8NpO2zf56GJV4evukR4wqmjmgxnsafjjLhj1GHL4WiGF4wqR-omz_8EQEuwTUA6uzIGMGqhzC69hOK52-xbwg&sai=AMfl-YTM7oujVln9Gv3Z4cSpU4TR3bvTKYodUI-aizKlbKsBcHJ5QmUNO0bj0ZuN0AUhFRxO7hf7TYw3j2fdsm21tURfl2I5qptlIF0&sig=Cg0ArKJSzHn9M5BV5dWIEAE&cid=CAASF-RodCuQzC7rEGF4FHdzcfFecslFTqdN&id=lidar2&mcvt=1032&p=0,0,600,160&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1974494150&rs=2&la=0&cr=0&vs=4&r=v&rst=1655528428813&rpt=614&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A8B4
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSrJn7FutYof_NMjV1fAPxZ2puAyUqsO_avixx8iwEMCNtwEQASDizvAoYLuGgIDQCqAB-fHckAPIAQmpAtlGwYJhgUs-qAMBqgTVA0_QlyM3HLK_bmjtCKMyHzDZmOq6YIkioE6CNnkdCfnrosR3V58xRZ14YPFkdailfPQ-khRT4L_6cr9GDAabXG4RUuxoNoUTsYDH_CukI9_WO8ZmWqjHFrTd7YUpY4wLqWMkIweOX_vXx2QQloWvoKT9K6IPg_Liuo5dg8ztUWT-hXC-v1NykkIhMCzI9rVj5iy-1VHRM0bPTqXjwmjHHEIv_mthytiRw5w8Kppw9TdpjHUlyU5kUTwoEVUmPf5wD3bjrd-XPKdjYdV9IsQpz3f0fiAb18ih9DopCz6WasGA3gxWCN5JDUq0V3ry6PO6JO7-F0CU7yBTTa859twZpB3-EtVcmCRRQ-gqf0daaerjsQcYCK5kOhB-HcnbnDHXLKSus-BwckKaASB00GgnqSTPOdUM4Ncbq95K8uMZOCJwi-_reM6C1dkP9KMmmayHVsEH9v_pWXex7gTIzzoD-yrR2LWcWIPUJ1VKZ_Mg4CADz4HLcdpFNr1jQ1yWKA8_Ox_eXkdh_YGzsQAjKsMBCrxRzuZFaeUWRdmcHPs3xUBJEmwMRJ6jnRJH0MJjjB6e5QkmVUXlk94tMgrRfsFGEWFx54hVU9KQckSMSyMExz21cY1dtxrABMqHwuyFBKAGLoAH742jb6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAsQlCcVsmHOq0ZIAKA5gLAcgLAYAMAbgMAbgT5APYEwPQFQGYFgH4FgGAFwE&sigh=ou0ulgHnOgE&vt=1&template_id=484&uach_m=[UACH]
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112131&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_65172291402423224%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F1fe50076-f152-4d1e-aca4-ac081f359156%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU1NTI4NDI3LCJzaG93X2lkIjoiMWZlNTAwNzYtZjE1Mi00ZDFlLWFjYTQtYWMwODFmMzU5MTU2IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDllMDY3OTgtYTY3NS00NGQyLThkZjgtMjBkOTJmOTc1Y2NkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D40607c47b2326bb29212f7580ba25ac8&wgl=1&dt=1655528428415&bpp=12&bdt=227&idt=367&shv=r20220615&mjsv=m202206140101&ptt=5&saldr=sa&correlator=6667918888907&frm=22&ife=1&pv=2&ga_vid=2008690810.1655528429&ga_sid=1655528429&ga_hid=984351066&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=837418589&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763827%2C44761044%2C42531607%2C31062930&oid=2&pvsid=2373915998708392&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.y50jc5o7z9km&fsb=1&xpc=8NQYExGXHG&p=https%3A//file.adpartner.pro&dtd=386
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 18 Jun 2022 05:00:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A8B4
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFs70BXH5UfkuSQFJW_JBBFcwNwVOAAK_kIdFlBN5j1Gx3K5S6_48aG-13pHxakmquj9PBTO2h3_5husKpBL3z4mmrof_1pK9_8rtbkckrOq5DZ9-I_SVRk5tvf_cQQs0nv8u9Hw&sai=AMfl-YQFcQFaKhJuuOlKjz2devR1Hp5e1UmLuuj2U5tRjk7xv2QP9pgw-GJ4SeXCxNaFml2lofhTn6lmcKPwu2Zn9YwUPdR7AwC1A_g&sig=Cg0ArKJSzB0HCVTLLTeuEAE&cid=CAASF-RoQiVvpITjLvpBW9oiHHh5X8yx8OzN&id=lidar2&mcvt=1034&p=0,0,600,160&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1620915178&rs=2&la=0&cr=0&vs=4&r=v&pay=1&rst=1655528428802&rpt=680&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5D5
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
26781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 21:34:09 GMT
expires
Sat, 17 Jun 2023 21:34:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A974
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1f355917975294d469cc0cc61fba71e7130332b31d32ffc9c1f7885fa536da4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e-pPtifCC-cOoCcKA6ENkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-e-pPtifCC-cOoCcKA6ENkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 05:00:30 GMT
expires
Sat, 18 Jun 2022 05:00:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxXbo,pingTime:-10,time:740,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1655528430613%7C%7C5414318c7f98dcd2b1e29b24948e08c9%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C92f59b57293822d2bface194c6ad9987%7C%7Cfafeb43cc386d9d0508ab1b59bba5396%7C%7Cf136417b5940b880938d271814923720%7C%7Cf77d12704eaddc6a4bc14e7dbc6479fd%7C%7C1e2421fe8109e761a8b4da04a20a637d%7C%7C1629390669,im:%7Bimprf:%7Bttecl:853,ecd:256,tsecr:105%7D%7D%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame 2919
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230209;dc_ver=89.262;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3430571816;ord=l6e1dv;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j-f7VutYqxWj8HfA7KCoIAJo9K4tWrrsoiVgBD0_re4gykQASCs5PYIYLuGgIDQCqAB-K_-ywLIAQmpAuWttK5JgbQ-qAMBqgTpAU_QnDyCotVvkmCIOKPtIGXAhwsXequV8w4lLu-QOxWrM333UkaMXOFsNtxtV_2v3Ua9PFM8cyP5wjN9pOJs69GUPe698SHcnKXIrlt5pXUHlGCPY2KJ3QR7WwtjH35ZIkCgEZDNS8QQnDtEQYNGKLYpn3HT9f5pIHzad9wIZvsch-ek9o8a_EfvfWHSC69_Dp995KQBkNoIjw6v9b2dzeRrpdYnmorZLQYrmHPUwf2Qp0AYVfR1rvoFwD9dwEd8RKEtGS8YRSs1Td7AyPM8niEWtBZiAZ2MMYi8nJY6cHD7xtcp8PBcaufVwAS_tYCf4wPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOOqMMP0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoMM1V4-13zEwU-UiO5PyYfQ%26sig%3DAOD64_0hIqTCztuDlMDTljdrxl-tz6GvDQ%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-Bx6neZOL7iUwVtSejBFBryQD8Iq9IEi2Sa5V1JDHt8YnseHwPmUugBxObZRAH0SXz7qqgEs-74QsrsaO4jD2ANpCfv0qfBwDNhrEK9eKleV1zTvxQQgZw_qCfJgA9GhmyMhY__QIIdgRl0xYKda6NFEWUFmA%26cry%3D1%26dbm_d%3DAKAmf-CgNJ3XAb9T_NYCjEBLSo4QNez6DXi3KEKhs-6dFx0v8kd8T7B4HphCE5q4cD6P3bowB7L4i82yRGYGWOtmnBVBqWZNF19j8Gs5SDAQPyGA02_bv14tYJJTclbvctR4tmI5_fG1Oo0muLEK_Ua8S3FYTmU9UsrIcLA0Tdnsz2L0lBbdCiGZ-2M-zwHEWtv6VzYromnNzrr11THAIAyMtgjhLAKYm13NL3YsHS-3J9y5f8blCTTkziYgazcSTeg_a2GLFx0H_BahYS0z3b-7pj-j_9kBuntEosixvHqsTCugqXDGUzYkK61IVL6JPd4GRTSnrn-Y0huF4-luyYnW1L0vsnJvLQx-gR-sOzxxZGyaRaOL5Y9Az412eKO7EHW_nc3X9OysqburPFmAeWeHjlhlajvQm-VqENstVAlwA6JZVr-tb32O88o2ELAN-a_E5H7JHO0TsanFu7o-MzcPUY9t_O_pRbA8I3LLl7T5n8fphKgRwr4%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=Xf4!J*25tu;stc=1;sttr=85;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:49:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2919
0
575 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv625zJWTpp73en6NLICQ6lTHhpwr4KJ4uuZiZWyN2_Hdn-I0hxunNRG7Ckn2jjZCzfOZzEUAjMLNlY30HeoIR3R5h24BjLGuk5nQNy4CfnS-AlJFouv8sOwMwmDUk_CMXPnLF-JiqTVBvkCmXw2PWwbUhrs3TBAYs&sig=Cg0ArKJSzAk8uV8ZRWbYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220615.31264&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230209;dc_ver=89.262;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3430571816;ord=l6e1dv;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j-f7VutYqxWj8HfA7KCoIAJo9K4tWrrsoiVgBD0_re4gykQASCs5PYIYLuGgIDQCqAB-K_-ywLIAQmpAuWttK5JgbQ-qAMBqgTpAU_QnDyCotVvkmCIOKPtIGXAhwsXequV8w4lLu-QOxWrM333UkaMXOFsNtxtV_2v3Ua9PFM8cyP5wjN9pOJs69GUPe698SHcnKXIrlt5pXUHlGCPY2KJ3QR7WwtjH35ZIkCgEZDNS8QQnDtEQYNGKLYpn3HT9f5pIHzad9wIZvsch-ek9o8a_EfvfWHSC69_Dp995KQBkNoIjw6v9b2dzeRrpdYnmorZLQYrmHPUwf2Qp0AYVfR1rvoFwD9dwEd8RKEtGS8YRSs1Td7AyPM8niEWtBZiAZ2MMYi8nJY6cHD7xtcp8PBcaufVwAS_tYCf4wPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOOqMMP0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoMM1V4-13zEwU-UiO5PyYfQ%26sig%3DAOD64_0hIqTCztuDlMDTljdrxl-tz6GvDQ%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-Bx6neZOL7iUwVtSejBFBryQD8Iq9IEi2Sa5V1JDHt8YnseHwPmUugBxObZRAH0SXz7qqgEs-74QsrsaO4jD2ANpCfv0qfBwDNhrEK9eKleV1zTvxQQgZw_qCfJgA9GhmyMhY__QIIdgRl0xYKda6NFEWUFmA%26cry%3D1%26dbm_d%3DAKAmf-CgNJ3XAb9T_NYCjEBLSo4QNez6DXi3KEKhs-6dFx0v8kd8T7B4HphCE5q4cD6P3bowB7L4i82yRGYGWOtmnBVBqWZNF19j8Gs5SDAQPyGA02_bv14tYJJTclbvctR4tmI5_fG1Oo0muLEK_Ua8S3FYTmU9UsrIcLA0Tdnsz2L0lBbdCiGZ-2M-zwHEWtv6VzYromnNzrr11THAIAyMtgjhLAKYm13NL3YsHS-3J9y5f8blCTTkziYgazcSTeg_a2GLFx0H_BahYS0z3b-7pj-j_9kBuntEosixvHqsTCugqXDGUzYkK61IVL6JPd4GRTSnrn-Y0huF4-luyYnW1L0vsnJvLQx-gR-sOzxxZGyaRaOL5Y9Az412eKO7EHW_nc3X9OysqburPFmAeWeHjlhlajvQm-VqENstVAlwA6JZVr-tb32O88o2ELAN-a_E5H7JHO0TsanFu7o-MzcPUY9t_O_pRbA8I3LLl7T5n8fphKgRwr4%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=Xf4!J*25tu;stc=1;sttr=85;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
NBrown_JDWilliams_Prospect_Staycation-Message2-300x250.jpg
s0.2mdn.net/5034109/ Frame 2919
72 KB
73 KB
Image
General
Full URL
https://s0.2mdn.net/5034109/NBrown_JDWilliams_Prospect_Staycation-Message2-300x250.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9d3e2ada8a87ba2d19833bdeff4fe6b465fe69f698458441e0e33cc6760a34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:15:07 GMT
x-content-type-options
nosniff
age
53123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74120
x-xss-protection
0
last-modified
Wed, 11 May 2022 12:42:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 14:15:07 GMT
/
d.agkn.com/pixel/2387/ Frame 2919
43 B
648 B
Image
General
Full URL
https://d.agkn.com/pixel/2387/?ct=UK&st=&city=0&dma=0&zp=M32&bw=4&che=3286425940&col=27487152,1108532,336230209,527976851,171667431
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.169.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-169-133.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:29 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxXcC,pingTime:-10,time:522,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1655528430689%7C%7C22ec0981ab8d98b2d488fcacd47ddb7e%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C0a6ad96bc718a88fc1ab8440428c74fa%7C%7C7663f2016d4667fc7fe8056aaf116a56%7C%7C2ed81fa6cc01681f1f09d1c713644f45%7C%7Cda45cf2df5a8951fdbdb3bc5315f4763%7C%7Cfd20550811b82ebd2f50ba204f588874%7C%7C1629390669,im:%7Bimprf:%7Bttecl:901,ecd:121,tsecr:81%7D%7D%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame D055
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.335944547;dc_ver=89.262;sz=728x90;u_sd=1;dc_adk=3062569614;ord=3fnnr9;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPKdY7FutYsT7PIHu3gOMlZCYBaPSuLVq26WIlYAQ9P63uIMpEAEgrOT2CGC7hoCA0AqgAfiv_ssCyAEJqQLlrbSuSYG0PqgDAaoE6AFP0LpOk6RXg0HBlc-8vZQg7rTP8Sex4CjpIoB9ehjWyPmEXMX1ahbM_2ekzRiFdsHbPBmz_M1pWCaeFp3n3PXdrlA-Gds2WeBWFTUyCEG5itATIrFia3ovNdksTcdpBpORQ1LHOoRhxs56bFWI2k4CO-3A87g3akll1iMDut8VfNc5gC83x4pISYw-p14tGooLtInPtdvQ4j6j85Q17mPXgsvmlnwf7l8HfNqruDDaDO4724nT4BjBUQJjG8qZRgNilJNOxLbjyvp_XncTFFZNn7rvSbXxpkQTJIeRLVMbUE-gmVPfTrkEwAS_tYCf4wPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOOqMMP0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRohTW0Jl-Sw8nFVC_lKv6FBQ%26sig%3DAOD64_2CfQzG6nuEn9-MWqDpmBVDTLJHjQ%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-BayVWURVvK0WzyGmaHfgmYCxzAf80PPbRthKfS2-Rcr8ShRm1ejSbUQZZcE8p7UQ_ni_6F25Weq-AoNOeiKMMfvYpHrz48Cpp5AxRopOadp6ms0e3zCqCgsPpOe_mc9uI85k4UIL6igqAuA3FaPTOf-n8_xw%26cry%3D1%26dbm_d%3DAKAmf-AKR8ZfJm_8TYJuMYgOYGYs6spm9n8RuPjGzGr2PFMVRI9gVTCwlujCjvOevFIMObjGXWNidLG5sn3SjxcoJ7rpTaG8TfGjcrpbOZNfVtqAF9f4sIMu0pKxmlLdmDUd4NUatlKBNrRGGD5i_4TmhW35EgK-JnfzY6cAkVF5dZVdUDxcks8vkpdL9Kxa_OZ_7K25TIHWvCyb1zoDEmQzzyFJqjrr6fghL6lO7Gtc9Yua5WtvyTNTsy_MZAbQfGjoxiPQd09I4pBiWwO53LIOWo2DHRyuUiccoylE4vmtuNQwcvjPZYKMvGAd5HV2gO0I-dDvq3WCjsYhQddyQHnfP9vikYcpaA6EDwED5rV7THb71uFgTvdtmrL7XmhQ0kOcNVTWxhx47hvjHzRzkGIicyRb8JnxMCZGZ383NJ_LgzL2aP1uVxLG4K3-gy0dpVRWXYv-Po3oK5z6qiFMgiYiYYoT3JoVTx23V-w0YH-mTjnDjTvEkeQ%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=Xf4!J*25tu;stc=1;sttr=129;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Jul 2022 04:49:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D055
0
63 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPDY-CjYd4mrHS93kbRtjYD_hL1nDXPQR-j0mTN7U8Vw01XWJe1ICo-oN0sCeP1maMJ5oW8GEsTni9Kl21DAwR3J3h-u4lNbhrlj44ag4NKbF5z40fbvbLsXIF7DL0KYia60kNiHWOPVKF60oRaR20&sig=Cg0ArKJSzGPJ0lGgaUNjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220615.00015&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.335944547;dc_ver=89.262;sz=728x90;u_sd=1;dc_adk=3062569614;ord=3fnnr9;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPKdY7FutYsT7PIHu3gOMlZCYBaPSuLVq26WIlYAQ9P63uIMpEAEgrOT2CGC7hoCA0AqgAfiv_ssCyAEJqQLlrbSuSYG0PqgDAaoE6AFP0LpOk6RXg0HBlc-8vZQg7rTP8Sex4CjpIoB9ehjWyPmEXMX1ahbM_2ekzRiFdsHbPBmz_M1pWCaeFp3n3PXdrlA-Gds2WeBWFTUyCEG5itATIrFia3ovNdksTcdpBpORQ1LHOoRhxs56bFWI2k4CO-3A87g3akll1iMDut8VfNc5gC83x4pISYw-p14tGooLtInPtdvQ4j6j85Q17mPXgsvmlnwf7l8HfNqruDDaDO4724nT4BjBUQJjG8qZRgNilJNOxLbjyvp_XncTFFZNn7rvSbXxpkQTJIeRLVMbUE-gmVPfTrkEwAS_tYCf4wPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOOqMMP0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRohTW0Jl-Sw8nFVC_lKv6FBQ%26sig%3DAOD64_2CfQzG6nuEn9-MWqDpmBVDTLJHjQ%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-BayVWURVvK0WzyGmaHfgmYCxzAf80PPbRthKfS2-Rcr8ShRm1ejSbUQZZcE8p7UQ_ni_6F25Weq-AoNOeiKMMfvYpHrz48Cpp5AxRopOadp6ms0e3zCqCgsPpOe_mc9uI85k4UIL6igqAuA3FaPTOf-n8_xw%26cry%3D1%26dbm_d%3DAKAmf-AKR8ZfJm_8TYJuMYgOYGYs6spm9n8RuPjGzGr2PFMVRI9gVTCwlujCjvOevFIMObjGXWNidLG5sn3SjxcoJ7rpTaG8TfGjcrpbOZNfVtqAF9f4sIMu0pKxmlLdmDUd4NUatlKBNrRGGD5i_4TmhW35EgK-JnfzY6cAkVF5dZVdUDxcks8vkpdL9Kxa_OZ_7K25TIHWvCyb1zoDEmQzzyFJqjrr6fghL6lO7Gtc9Yua5WtvyTNTsy_MZAbQfGjoxiPQd09I4pBiWwO53LIOWo2DHRyuUiccoylE4vmtuNQwcvjPZYKMvGAd5HV2gO0I-dDvq3WCjsYhQddyQHnfP9vikYcpaA6EDwED5rV7THb71uFgTvdtmrL7XmhQ0kOcNVTWxhx47hvjHzRzkGIicyRb8JnxMCZGZ383NJ_LgzL2aP1uVxLG4K3-gy0dpVRWXYv-Po3oK5z6qiFMgiYiYYoT3JoVTx23V-w0YH-mTjnDjTvEkeQ%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=Xf4!J*25tu;stc=1;sttr=129;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
NBrown_JDWilliams_Prospect_TimeTogether-Message1-728x90.gif
s0.2mdn.net/5034109/ Frame D055
22 KB
22 KB
Image
General
Full URL
https://s0.2mdn.net/5034109/NBrown_JDWilliams_Prospect_TimeTogether-Message1-728x90.gif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6219a44d9382b0a23279b6cbb37bb29326f0892fbd19bbe836f0ce642bd99ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 13:43:59 GMT
x-content-type-options
nosniff
age
54991
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22155
x-xss-protection
0
last-modified
Wed, 11 May 2022 12:46:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 Jun 2022 13:43:59 GMT
/
d.agkn.com/pixel/2387/ Frame D055
43 B
648 B
Image
General
Full URL
https://d.agkn.com/pixel/2387/?ct=UK&st=&city=0&dma=0&zp=M32&bw=4&che=2038223290&col=27487152,1108532,335944547,527978123,171669621
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.169.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-169-133.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A73C
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?imZrEA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B782
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
248730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jun 2022 07:55:00 GMT
expires
Thu, 15 Jun 2023 07:55:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.gr.19.8.319.js
static.adsafeprotected.com/ Frame 2919
192 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.319.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=56062548&pubId=1&chanId=52321546355&placementId=424690541&dealId=549644393847897261&adsafe_par&impId=ABAjH0g57o1cskOXV5Ee1pqlEGIt&bidurl=http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 15:42:27 GMT
content-encoding
gzip
age
393484
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 09 Jun 2022 18:01:50 GMT
server
AmazonS3
etag
W/"a1d669bc0776f421280ad4154b1ce523"
vary
Accept-Encoding
x-amz-version-id
mNA7gJwBAdrYqRYSnebG4JRwK6iKHdgs
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
pvv-Ve7Y8A8q5aV4EA3LFcZPoQJFecmONgdWcDoVCYdHlyE4C96MNA==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2701
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
56058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2919
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9538fee78ddf1caecfc4a79c15698666bf4389559e4d7b1e2ea7ec88ab21c075

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 96B6
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
248730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Jun 2022 07:55:00 GMT
expires
Thu, 15 Jun 2023 07:55:00 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.gr.19.8.319.js
static.adsafeprotected.com/ Frame D055
192 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.319.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=56062548&pubId=1&chanId=52321546355&placementId=424690042&dealId=549644393847897261&adsafe_par&impId=ABAjH0hFtna62DbYbgwRkd0ebjJO&bidurl=http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 15:42:27 GMT
content-encoding
gzip
age
393484
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 09 Jun 2022 18:01:50 GMT
server
AmazonS3
etag
W/"a1d669bc0776f421280ad4154b1ce523"
vary
Accept-Encoding
x-amz-version-id
mNA7gJwBAdrYqRYSnebG4JRwK6iKHdgs
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
AJQ0m04KqmgM0vlIljyMAVRPjx9e-AAzbLD-ZVnHmP7VfoouHpI5dQ==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DEF6
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
56058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 18 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D055
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
add382c20d26bd6af58529580a87192f0ae0262f850c8b841e03f88377a9b989

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 80DF
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?diOj9g
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame D055
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPDY-CjYd4mrHS93kbRtjYD_hL1nDXPQR-j0mTN7U8Vw01XWJe1ICo-oN0sCeP1maMJ5oW8GEsTni9Kl21DAwR3J3h-u4lNbhrlj44ag4NKbF5z40fbvbLsXIF7DL0KYia60kNiHWOPVKF60oRaR20&sig=Cg0ArKJSzGPJ0lGgaUNjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=183&vt=11&dtpt=183&dett=2&cstd=0&cisv=r20220615.00015&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.335944547;dc_ver=89.262;sz=728x90;u_sd=1;dc_adk=3062569614;ord=3fnnr9;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPKdY7FutYsT7PIHu3gOMlZCYBaPSuLVq26WIlYAQ9P63uIMpEAEgrOT2CGC7hoCA0AqgAfiv_ssCyAEJqQLlrbSuSYG0PqgDAaoE6AFP0LpOk6RXg0HBlc-8vZQg7rTP8Sex4CjpIoB9ehjWyPmEXMX1ahbM_2ekzRiFdsHbPBmz_M1pWCaeFp3n3PXdrlA-Gds2WeBWFTUyCEG5itATIrFia3ovNdksTcdpBpORQ1LHOoRhxs56bFWI2k4CO-3A87g3akll1iMDut8VfNc5gC83x4pISYw-p14tGooLtInPtdvQ4j6j85Q17mPXgsvmlnwf7l8HfNqruDDaDO4724nT4BjBUQJjG8qZRgNilJNOxLbjyvp_XncTFFZNn7rvSbXxpkQTJIeRLVMbUE-gmVPfTrkEwAS_tYCf4wPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOOqMMP0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRohTW0Jl-Sw8nFVC_lKv6FBQ%26sig%3DAOD64_2CfQzG6nuEn9-MWqDpmBVDTLJHjQ%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-BayVWURVvK0WzyGmaHfgmYCxzAf80PPbRthKfS2-Rcr8ShRm1ejSbUQZZcE8p7UQ_ni_6F25Weq-AoNOeiKMMfvYpHrz48Cpp5AxRopOadp6ms0e3zCqCgsPpOe_mc9uI85k4UIL6igqAuA3FaPTOf-n8_xw%26cry%3D1%26dbm_d%3DAKAmf-AKR8ZfJm_8TYJuMYgOYGYs6spm9n8RuPjGzGr2PFMVRI9gVTCwlujCjvOevFIMObjGXWNidLG5sn3SjxcoJ7rpTaG8TfGjcrpbOZNfVtqAF9f4sIMu0pKxmlLdmDUd4NUatlKBNrRGGD5i_4TmhW35EgK-JnfzY6cAkVF5dZVdUDxcks8vkpdL9Kxa_OZ_7K25TIHWvCyb1zoDEmQzzyFJqjrr6fghL6lO7Gtc9Yua5WtvyTNTsy_MZAbQfGjoxiPQd09I4pBiWwO53LIOWo2DHRyuUiccoylE4vmtuNQwcvjPZYKMvGAd5HV2gO0I-dDvq3WCjsYhQddyQHnfP9vikYcpaA6EDwED5rV7THb71uFgTvdtmrL7XmhQ0kOcNVTWxhx47hvjHzRzkGIicyRb8JnxMCZGZ383NJ_LgzL2aP1uVxLG4K3-gy0dpVRWXYv-Po3oK5z6qiFMgiYiYYoT3JoVTx23V-w0YH-mTjnDjTvEkeQ%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=Xf4!J*25tu;stc=1;sttr=129;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/pagead/ Frame A974
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=2096387545079407&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 2701
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEL2IU848UqD5NFKeIRoxZA&google_cver=1&google_push=ARnp8GC50vMviRdcyvoElHUaaOTp-0xnoTn3UcY3NKiFEUpywWMr-9s9MX...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GC50vMviRdcyvoElHUaaOTp-0xnoTn3UcY3NKiFEUpywWMr-9s9MXJH6l2emtFGRZacEwNYRaZdLOB35dNQ4v9DxNGyV5J5&google_hm=cWB3GezbldNg...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GC50vMviRdcyvoElHUaaOTp-0xnoTn3UcY3NKiFEUpywWMr-9s9MXJH6l2emtFGRZacEwNYRaZdLOB35dNQ4v9DxNGyV5J5&google_hm=cWB3GezbldNgejps3toxHw
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GC50vMviRdcyvoElHUaaOTp-0xnoTn3UcY3NKiFEUpywWMr-9s9MXJH6l2emtFGRZacEwNYRaZdLOB35dNQ4v9DxNGyV5J5&google_hm=cWB3GezbldNgejps3toxHw
pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2701
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEOXg93rnPAvk6pqR-WvI-gc&google_cver=1&google_push=ARnp8GCFHg4nKrT6DRXqXw7CrVlo0_ogtDMSGNcJ-EPk4zvKDGCAo0YyLg06SKPNahTFwuU_7QB1uxXC-wSe3nfnxTS5enkUIqNl
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCFHg4nKrT6DRXqXw7CrVlo0_ogtDMSGNcJ-EPk4zvKDGCAo0YyLg06SKPNahTFwuU_7QB1uxXC-wSe3nfnxTS5enkUIqNl&google_hm=Q0FFU0VPWGc5M3JuUEF2a...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCFHg4nKrT6DRXqXw7CrVlo0_ogtDMSGNcJ-EPk4zvKDGCAo0YyLg06SKPNahTFwuU_7QB1uxXC-wSe3nfnxTS5enkUIqNl&google_hm=Q0FFU0VPWGc5M3JuUEF2azZwcVItV3ZJLWdj
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GCFHg4nKrT6DRXqXw7CrVlo0_ogtDMSGNcJ-EPk4zvKDGCAo0YyLg06SKPNahTFwuU_7QB1uxXC-wSe3nfnxTS5enkUIqNl&google_hm=Q0FFU0VPWGc5M3JuUEF2azZwcVItV3ZJLWdj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2701
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCYqfSy...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GCYqfSy...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTgwNTAwMzEwMDA5NjU4NDM3MDU1Ng%3D%3D&google_push=ARnp8GCYqfSyU53-7FbEGpaWw1f-a4giahqcBiesSkr6w5J3bJkRvbQ3h96LicW1M14NB0...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTgwNTAwMzEwMDA5NjU4NDM3MDU1Ng%3D%3D&google_push=ARnp8GCYqfSyU53-7FbEGpaWw1f-a4giahqcBiesSkr6w5J3bJkRvbQ3h96LicW1M14NB0FqYfw9p9KpxVBxXxvd04KGGmZuZCc
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTgwNTAwMzEwMDA5NjU4NDM3MDU1Ng%3D%3D&google_push=ARnp8GCYqfSyU53-7FbEGpaWw1f-a4giahqcBiesSkr6w5J3bJkRvbQ3h96LicW1M14NB0FqYfw9p9KpxVBxXxvd04KGGmZuZCc
pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 18 Jun 2022 05:00:31 GMT
dds
rtb.openx.net/sync/ Frame 2701
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDv3JtesT1ZKkDPtgwFIg84&google_cver=1&google_push=ARnp8GCBkMDWvWshiEacyL0z5ZxD0cbhlXjw5Gjy0lAD_6bTxSth5pInv0xPYxBTS691Aa5g1g-2-yWDpnxlZDSZtXiQFeMmWrGf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
g31mnd1tt86dp4ps8khkgvuqvdlfp8t9
pixel
cm.g.doubleclick.net/ Frame 2701
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAS_juC422JgAcPRxtDhYhAnonIKzW7XzqABeZbo40JjwOZ9DAz3Bnzl9m1mJX8VAeJYLqhlWlgZY_yku9Q7qrzyrrTCP46
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAS_juC422JgAcPRxtDhYhAnonIKzW7XzqABeZbo40JjwOZ9DAz3Bnzl9m1mJX8VAeJYLqhlWlgZY_yku9Q7qrzyrrTCP46
date
Sat, 18 Jun 2022 05:00:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2701
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN8073sYJ9vzJI-HUx7jr-o&google_cver=1&google_push=ARnp8GCHLaQKgxcRU6NIJaPWjPz9WCzIyQFq5ApmIZBcllXgC6tVEHDOErXupa_-_Qf7zupiTXl...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZTUlktMUQtNUlQMQ==&google_push=ARnp8GCHLaQKgxcRU6NIJaPWjPz9WCzIyQFq5ApmIZBcllXgC6tVEHDOErXupa_-_Qf7zupiTXlwbp34tr0GRZc6SolhRGoJaL4w
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZTUlktMUQtNUlQMQ==&google_push=ARnp8GCHLaQKgxcRU6NIJaPWjPz9WCzIyQFq5ApmIZBcllXgC6tVEHDOErXupa_-_Qf7zupiTXlwbp34tr0GRZc6SolhRGoJaL4w
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZTUlktMUQtNUlQMQ==&google_push=ARnp8GCHLaQKgxcRU6NIJaPWjPz9WCzIyQFq5ApmIZBcllXgC6tVEHDOErXupa_-_Qf7zupiTXlwbp34tr0GRZc6SolhRGoJaL4w
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2701
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_cver=1&google_push=ARnp8GANKg1RQ1ut36ZJviI9yWHo0Jq9IjUcXT1Nlug6fluwUndhvVyn2A7OTtZlZFmdRc4Eklbp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_cver=1&google_push=ARnp8GANKg1RQ1ut36ZJviI9yWHo0Jq9IjUcXT1Nlug6fluwUndhvVyn2A7OTtZlZFmdRc4EklbpxhEPlSpYVWuc9FLyZ5ZDuiGt&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_cver=1&google_push=ARnp8GANKg1RQ1ut36ZJviI9yWHo0Jq9IjUcXT1Nlug6fluwUndhvVyn2A7OTtZlZFmdRc4EklbpxhEPlSpYVWuc9FLyZ5ZDuiGt&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Sat, 18 Jun 2022 05:00:31 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2701
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IThO8oG251a_AuR_rSfVtGFx5naHzKn3PvqVSnHewdfgLaA6V0kCDiVjjrHONOd1hjhAKr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 2919
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv625zJWTpp73en6NLICQ6lTHhpwr4KJ4uuZiZWyN2_Hdn-I0hxunNRG7Ckn2jjZCzfOZzEUAjMLNlY30HeoIR3R5h24BjLGuk5nQNy4CfnS-AlJFouv8sOwMwmDUk_CMXPnLF-JiqTVBvkCmXw2PWwbUhrs3TBAYs&sig=Cg0ArKJSzAk8uV8ZRWbYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=277&vt=11&dtpt=275&dett=2&cstd=0&cisv=r20220615.31264&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230209;dc_ver=89.262;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3430571816;ord=l6e1dv;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC5j-f7VutYqxWj8HfA7KCoIAJo9K4tWrrsoiVgBD0_re4gykQASCs5PYIYLuGgIDQCqAB-K_-ywLIAQmpAuWttK5JgbQ-qAMBqgTpAU_QnDyCotVvkmCIOKPtIGXAhwsXequV8w4lLu-QOxWrM333UkaMXOFsNtxtV_2v3Ua9PFM8cyP5wjN9pOJs69GUPe698SHcnKXIrlt5pXUHlGCPY2KJ3QR7WwtjH35ZIkCgEZDNS8QQnDtEQYNGKLYpn3HT9f5pIHzad9wIZvsch-ek9o8a_EfvfWHSC69_Dp995KQBkNoIjw6v9b2dzeRrpdYnmorZLQYrmHPUwf2Qp0AYVfR1rvoFwD9dwEd8RKEtGS8YRSs1Td7AyPM8niEWtBZiAZ2MMYi8nJY6cHD7xtcp8PBcaufVwAS_tYCf4wPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOOqMMP0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoMM1V4-13zEwU-UiO5PyYfQ%26sig%3DAOD64_0hIqTCztuDlMDTljdrxl-tz6GvDQ%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-Bx6neZOL7iUwVtSejBFBryQD8Iq9IEi2Sa5V1JDHt8YnseHwPmUugBxObZRAH0SXz7qqgEs-74QsrsaO4jD2ANpCfv0qfBwDNhrEK9eKleV1zTvxQQgZw_qCfJgA9GhmyMhY__QIIdgRl0xYKda6NFEWUFmA%26cry%3D1%26dbm_d%3DAKAmf-CgNJ3XAb9T_NYCjEBLSo4QNez6DXi3KEKhs-6dFx0v8kd8T7B4HphCE5q4cD6P3bowB7L4i82yRGYGWOtmnBVBqWZNF19j8Gs5SDAQPyGA02_bv14tYJJTclbvctR4tmI5_fG1Oo0muLEK_Ua8S3FYTmU9UsrIcLA0Tdnsz2L0lBbdCiGZ-2M-zwHEWtv6VzYromnNzrr11THAIAyMtgjhLAKYm13NL3YsHS-3J9y5f8blCTTkziYgazcSTeg_a2GLFx0H_BahYS0z3b-7pj-j_9kBuntEosixvHqsTCugqXDGUzYkK61IVL6JPd4GRTSnrn-Y0huF4-luyYnW1L0vsnJvLQx-gR-sOzxxZGyaRaOL5Y9Az412eKO7EHW_nc3X9OysqburPFmAeWeHjlhlajvQm-VqENstVAlwA6JZVr-tb32O88o2ELAN-a_E5H7JHO0TsanFu7o-MzcPUY9t_O_pRbA8I3LLl7T5n8fphKgRwr4%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=Xf4!J*25tu;stc=1;sttr=85;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sca.17.5.12.js
static.adsafeprotected.com/ Frame 1373
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=250&slotname=6208660382&adk=2159672584&adf=2751417948&pi=t.ma~as.6208660382&w=300&lmt=1655528428&psa=0&format=300x250&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428852&bpp=2&bdt=717&idt=105&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1697581068&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=933&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067769%2C42531605&oid=2&pvsid=2243736371601816&tmod=1326392155&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.yibyr0cbvb9r&fsb=1&dtd=122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
10594948
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
3aQztE7vGunZfR2av0sFRr69vE4APYet7-s-MNbSvy1_QGYBLm3Prg==
mon
pixel.adsafeprotected.com/ Frame 2919
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=22571342&campId=56062548&pubId=1&chanId=52321546355&placementId=424690541&dealId=549644393847897261&adsafe_par&impId=ABAjH0g57o1cskOXV5Ee1pqlEGIt&bidurl=http://zdorovia.com.ua/&adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D250%26slotname%3D6208660382%26adk%3D2159672584%26adf%3D2751417948%26pi%3Dt.ma~as.6208660382%26w%3D300%26lmt%3D1655528428%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1655528428852%26bpp%3D2%26bdt%3D717%26idt%3D105%26shv%3Dr20220615%26mjsv%3Dm202206140101%26ptt%3D9%26saldr%3Daa%26correlator%3D2138816995503%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1386756890.1655528427%26ga_sid%3D1655528427%26ga_hid%3D1697581068%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D970%26ady%3D933%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1564989781%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31067769%252C42531605%26oid%3D2%26pvsid%3D2243736371601816%26tmod%3D1326392155%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.yibyr0cbvb9r%26fsb%3D1%26dtd%3D122&adsafe_type=d&adsafe_jsinfo=,id:ffd79433-8493-47d3-771a-e688561285d6,c:fRxXh6,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-4stws,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:205,fm:t95azZB+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:225,oid:9320b391-eec3-11ec-a2b2-de0d0eda5711,v:19.8.319,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.64.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-64-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame E5D5
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 03:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
3876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 03:55:55 GMT
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame B782
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 21:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
26928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 21:31:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE78
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6ylm7VutYs2-HpLw3gOz0buoDAAAAAA4AeAEAg&bg=!enmleT3NAAbASn8N4Eo7ACkAdvg8Wl1AOaoLPoOleoDH8lzmFtf-7f4TVe-bBFz2VZ5Ul48-1XMqIwIAAAGQUgAAAANoAQcKALuNRdBzzQV7RbaYorJdlL2GDLL2b9Gerg6WbctpGXNQzcstGeU66sAE7VyzHdWldlOwZY_3ybfi6tqu-jqHBIeSIZ3CSvB7coK5eCiAnIgtV1fEdqSGdRVI36ZVh9kp-pdaUI8SUwWNFyKTgmqRd9xGPFa6XgfNQhTcexg906ij-vc3Hk1-PSMhWPdLNWDR03u2zAtn3sqTLcBekTqT-Fc_d5_OupZCucsFtdgXHK9pSXYKZ1-L3yrtYKgAmQLau0GY2s8JJaGDTy36eSoqFxf8Pv_WUMhHNjoefZyWJA--W5osCaWh3vAtanvCEd752Q_xJXk0HNVPvzV0gyFQ9AZIGEJrnAu5gPSZ3G9bg_9wU6mcEe7FrAxiqw28DDkeW4fSzZuw7D7ogZ0_3rvxcio3qDkuYImxjhsNsLOH8-YbVvNnMvQXpZr7T3MwjGFV3B_vTMixQ0FE19j4J3DGwNLUZOfsdSgvABIrirDmBmanPYcQdBcsnV9XROQd10q0HmLOL9W45qW0wtp-zjtb5YQ6Z0AiEW2iboZpA_kCCEdkKNW9qzh8zqZ0bHHRx1l1aA7dLX_zLKi3gQ9ANfyKFgTHbtoK0-lNymVe3hDLHoazNqOmP0elnht0L6tbn3w7c8lnx55psCLBPlX7rI_k5rIWUag9bV0oaM0aiLSXfNLijmxPeq9EG0HNjqGfvPi7RA6jr2_GI6G9ig9K-iVBh0Y2eczduFeg7_-XdHeFWdIxghvtjE2OOkhyAub2gsA0iyZmXjiWsHLTipQQ8BJF90wL52IxXDUCFS7DgPLzhOKpoVJgf1X8mBiJHpse2qmLBq5a3ea-GGLwQdJJJ5IeuYobsfImpMhU9MUOikR0rABolYKZy3DjZ-Jk_VEkWpG-vj3rUREBLKx-JYVy4je81SKEZ7kqGgT9FKuOO3tpVnG3cxMDsWURDdwGJeZy7T5OytBXfxFMgymnlK6oGrMAXfPBaRRyUS9ZYHEuGF_I8lP9B7RL8djNtAliGL35zT9pWVbxBvM91rYIIDkw85rY-77vu6QjjcnmqtLvc4EanKp4-T2bA9sGqY9zocmZhOE1o69cj89PBTKuxLY_a-Zm3eubL-ym_KR2I0DVnt-8FsB-5v4PrcXGfpZTij4Ybt-EZ_7sH3YkTFtBrWooHn4Br9EBWpjm2qAOrpS4DsG5ilKNl1FCspznXj1bGMMZtzePwWE6S_IlhaFktA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DEF6
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEL2IU848UqD5NFKeIRoxZA&google_cver=1&google_push=ARnp8GBPElA-cXlPTQSL6HrYHV1lVEmBQaSXgqMeXLVd-iETb9ryu4lJNj...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBPElA-cXlPTQSL6HrYHV1lVEmBQaSXgqMeXLVd-iETb9ryu4lJNjI4iAfimAO9C3HVpG1H2ioVdnpkTt3RAjZ7pGipdj4&google_hm=cWB3GezbldNge...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBPElA-cXlPTQSL6HrYHV1lVEmBQaSXgqMeXLVd-iETb9ryu4lJNjI4iAfimAO9C3HVpG1H2ioVdnpkTt3RAjZ7pGipdj4&google_hm=cWB3GezbldNgejps3toxHw
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GBPElA-cXlPTQSL6HrYHV1lVEmBQaSXgqMeXLVd-iETb9ryu4lJNjI4iAfimAO9C3HVpG1H2ioVdnpkTt3RAjZ7pGipdj4&google_hm=cWB3GezbldNgejps3toxHw
pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DEF6
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEOXg93rnPAvk6pqR-WvI-gc&google_cver=1&google_push=ARnp8GDkO67896uq-jBi9RQ9zSkV52IPmewqO_mux7c-rlRXqajw3uUMPKW3DkzVozq1T6DXpBUEvsuzmGFpKt9Gdgdrpf-qPMWn
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GDkO67896uq-jBi9RQ9zSkV52IPmewqO_mux7c-rlRXqajw3uUMPKW3DkzVozq1T6DXpBUEvsuzmGFpKt9Gdgdrpf-qPMWn&google_hm=Q0FFU0VPWGc5M3JuUEF2a...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GDkO67896uq-jBi9RQ9zSkV52IPmewqO_mux7c-rlRXqajw3uUMPKW3DkzVozq1T6DXpBUEvsuzmGFpKt9Gdgdrpf-qPMWn&google_hm=Q0FFU0VPWGc5M3JuUEF2azZwcVItV3ZJLWdj
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GDkO67896uq-jBi9RQ9zSkV52IPmewqO_mux7c-rlRXqajw3uUMPKW3DkzVozq1T6DXpBUEvsuzmGFpKt9Gdgdrpf-qPMWn&google_hm=Q0FFU0VPWGc5M3JuUEF2azZwcVItV3ZJLWdj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame DEF6
43 B
61 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESELItBDqQgQ3uFdmsO9LQd8Q&google_push=ARnp8GAQkB2rmiQjvrp9SmyZk6pVYvwzUS6Vq9Jwgh-bRNsybiuS__tTvYvkA67x3cC0SkMHMeq0P585GcCr_3-RwH_pRGS_vwys&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame DEF6
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDv3JtesT1ZKkDPtgwFIg84&google_cver=1&google_push=ARnp8GABuqOQr6C69BqWq7h9WwnIvLdh2CFkibKX_revmbZvivXZPD3BKc3x0icpdGV9NTsQ6kYzgusXarboZ9EJCgQ-U6gPuAPb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:30 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
j6vjenue27as8svkaf0hbhbamkdgdqem
pixel
cm.g.doubleclick.net/ Frame DEF6
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDbWY7OGWG6dm0BhZRHJnCiSUdZsCUTJ8W89cYxQwjFQ85vRigpMshVfH_0Kuxn-oyexNd3s1cEh089N6hVZ7pngpu8srUs
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6yOqmjjdTW2jM1Of39_PEw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDbWY7OGWG6dm0BhZRHJnCiSUdZsCUTJ8W89cYxQwjFQ85vRigpMshVfH_0Kuxn-oyexNd3s1cEh089N6hVZ7pngpu8srUs
date
Sat, 18 Jun 2022 05:00:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame DEF6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN8073sYJ9vzJI-HUx7jr-o&google_cver=1&google_push=ARnp8GA73_39kR2_my76s84lx4beuENpWOFrpSRoepPhogD0a0V_QxGtL0imjyji7nZRN0BvaMD...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZTVU8tUi1SNFc=&google_push=ARnp8GA73_39kR2_my76s84lx4beuENpWOFrpSRoepPhogD0a0V_QxGtL0imjyji7nZRN0BvaMD2QpG69n2xxi2xFX0xn3v830PG
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZTVU8tUi1SNFc=&google_push=ARnp8GA73_39kR2_my76s84lx4beuENpWOFrpSRoepPhogD0a0V_QxGtL0imjyji7nZRN0BvaMD2QpG69n2xxi2xFX0xn3v830PG
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRKRVZTVU8tUi1SNFc=&google_push=ARnp8GA73_39kR2_my76s84lx4beuENpWOFrpSRoepPhogD0a0V_QxGtL0imjyji7nZRN0BvaMD2QpG69n2xxi2xFX0xn3v830PG
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame DEF6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&google_push=ARnp8GBArOiq3JqF-Rbb7Y_lUwcfRJURsYjCq...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&google_push=ARnp8GBArOiq3JqF-Rbb7Y_lUwcfRJURsYjCqy-tS9knpA56l1wqHF4ELnWUYmtI0K6O9gDmN6tbfdS08WEMLVHSHpAijdHyvc9N
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 18 Jun 2022 05:00:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yq1b7CMSAqsT5_pQYqA69QAAAS0AAAIB&google_gid=CAESEMberAuDrJPbs6CPvkYn_Xc&google_cver=1&google_push=ARnp8GBArOiq3JqF-Rbb7Y_lUwcfRJURsYjCqy-tS9knpA56l1wqHF4ELnWUYmtI0K6O9gDmN6tbfdS08WEMLVHSHpAijdHyvc9N
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Sat, 18 Jun 2022 05:00:31 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DEF6
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0SM7WQEtoStg_BhMVFCNXKEPoO3eDiXimbS5QacNvE_K4r8KovAyn9zV9CmmZXn6GtkSH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sca.17.5.12.js
static.adsafeprotected.com/ Frame 38FF
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417943&pi=t.ma~as.7553037928&w=728&lmt=1655528428&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1655528428772&bpp=2&bdt=695&idt=167&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=1&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=1122636691&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763827%2C31065741%2C31068031&oid=2&pvsid=3733430330646665&tmod=1053751258&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.bndv2ojkvd0y&fsb=1&dtd=173
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
10594948
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
sIAf2ZVa6H7nL7vpQ-SOHaG2I8JM0LL6SFoulV4ZswP29reO9EfY6A==
mon
pixel.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=22571342&campId=56062548&pubId=1&chanId=52321546355&placementId=424690042&dealId=549644393847897261&adsafe_par&impId=ABAjH0hFtna62DbYbgwRkd0ebjJO&bidurl=http://zdorovia.com.ua/&adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417943%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1655528428%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1655528428772%26bpp%3D2%26bdt%3D695%26idt%3D167%26shv%3Dr20220615%26mjsv%3Dm202206140101%26ptt%3D9%26saldr%3Daa%26correlator%3D2138816995503%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1386756890.1655528427%26ga_sid%3D1655528427%26ga_hid%3D1122636691%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44763827%252C31065741%252C31068031%26oid%3D2%26pvsid%3D3733430330646665%26tmod%3D1053751258%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.bndv2ojkvd0y%26fsb%3D1%26dtd%3D173&adsafe_type=d&adsafe_jsinfo=,id:33a44f13-a92f-b5b1-910e-68f6709d7858,c:fRxXhX,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-fdh9v,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:211,fm:t95aA0q+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:227,oid:9320b401-eec3-11ec-b93a-4abd9d08e3f6,v:19.8.319,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.64.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-64-95.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxXi9,pingTime:-2.1,time:865,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:865,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B860~0%5D,as:%5B860~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:242,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.1043867-63145646%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.ffd79433-8493-47d3-771a-e688561285d6.71_10933%7C1i1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.qs.bi,sinceFw:87,readyFired:false%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXic,pingTime:0,time:293,type:pf,im:%7BpBlk:237%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:225%7D,%7Bpiv:100,vs:i,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:293,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t95azZB+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXie,pingTime:-3,time:295,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:225%7D,%7Bpiv:100,vs:i,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:295,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t95azZB+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXif,pingTime:-6,time:296,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:296,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~100%5D,as:%5B3~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t95azZB+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
pagead2.googlesyndication.com/bg/ Frame 96B6
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 21:31:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
26928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13859
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 21:31:43 GMT
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxXix,pingTime:-2.1,time:1183,type:a,im:%7Bpci:%7Btdr:1031%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:1161%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:22,o:1161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1156~0%5D,as:%5B1156~728.90%5D%7D%7D,%7Bsl:i,t:1161,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B22~100%5D,as:%5B22~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:305,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i1.1043867-63145720%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.33a44f13-a92f-b5b1-910e-68f6709d7858.40_10933%7C1d1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:255,readyFired:false%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxXiC,pingTime:-3,time:268,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:227%7D,%7Bpiv:0,vs:o,r:l,t:268%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:268,n:268,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~728.90%5D%7D%7D,%7Bsl:o,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t95azZB+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxXiD,pingTime:-6,time:269,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:269,n:268,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~728.90%5D%7D%7D,%7Bsl:o,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t95azZB+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXiL,pingTime:-2,time:328,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1767,beZ:1768,mfA:1972,cmA:1973,inA:1973,inZ:1976,prA:1976,prZ:1987,si:1993,poA:1993,bl:2005,poZ:2005,cmZ:2005,mfZ:2005,loA:2063,loZ:2065,ltA:2095,ltZ:2095,idA:2005,idZ:2058%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:225%7D,%7Bpiv:100,vs:i,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:328,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B36~100%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.d48ddb93-4e33-5167-1b65-b6445bf05481.38_1043867-63145720%7C1i1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:102,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxXiT,pingTime:-2,time:285,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1848,beZ:1849,mfA:2060,cmA:2060,inA:2060,inZ:2061,prA:2061,prZ:2074,si:2076,poA:2076,poZ:2083,cmZ:2083,mfZ:2083,loA:2118,loZ:2120,ltA:2133,ltZ:2133%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:728.90,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:227%7D,%7Bpiv:0,vs:o,r:l,t:268%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:285,n:268,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~728.90%5D%7D%7D,%7Bsl:o,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B17~0%5D,as:%5B17~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.165b283a-4bfa-1471-43d9-ee2ecaae944e.18_1043867-63145646%7C1d1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:57,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 67ED
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=1127361340309303&bg=!GBulG1_NAAbASn8N4Eo7ACkAdvg8WrvLt9WNRZUqPoG6Px9RMzxBQ6zroGbzX9GSz_4GIdRD68FjrQIAAAJlUgAAAAFoAQcKABw_1f3xkYNBQvJ1uG9odkaE9otMOebLzKcOfuQUmQK21lhG1NRkdVyAIgIh7H4y78cnKTT4KjfZtHpwQgpgCrFCTU4wYPDAIRfETS_zJ9Ph6jEQplNt5GfF9Bdye3DJw2NlBrRzJB4gf8_u6Eg4E1ZMgtDDgpAgkSmA6fQ6lOZrkR7CKIHL6LrnQcnqcnIAd1usNzvgQrcfq9ZcmfBsXm-CNkApQi17SMpUYvmZRn7ZMFUEWwo5gKbdL0tiz9m73L4Sfrd2zdTXFHgmfXjk5IuTjQvg4agke5QqVM-BYQubnawehCzD2BdannFrpTvzdLzlnNXxrnEqAlfTN-nwSAewEb-hhldQn6x6xRimL1ZTSj3B5LD0oR6owsH4P1Mi1WiIkad2Kp_hrTChpkbmaCqY3-_7MqroEkWUY7pfNgPfH-Px3-lKQ9RbSEQRdGHxifwQiYSXSiEHzfL_iMKSgAqlbZ2PPv8PIJ5R97foHMpeCPkx1r9pUuZRJQya635UIW20VpdVIdizVPtDQZSEL5pyhUVyuhUqurkqZ4JaGKw2b92vj7tQlQ989qN4DudLz4hMVvhKjsxpmXEUhbB6LreKLPtkrTk2q7ccLACEgp6hPZcQ_znibTBhpHR4GI-hkFze0IrvRCM3EOKICFx71Vrqb9mp8PJAeSaKt54nwkzJgvAq-lsSEzJNFUd-c_RC4pH7l9ncPDG4EaoVr0rpZbyh5Sm3SrlF4B4JqVu9rj2ws0iWq_zQ6js2PvPIUVu3TPcXypdnTX_VW1984cu4oFol0lAK1YfAlpcrAZm8jD9aXRb0Tj03ljAm13isAWpeyHvjdfiqgfOgXH3xSL_wYFuOkyDx7XMfJMuQkEKARDxwTwNppmZAqWkDh0DjbMXTiOydq1MYzt6immPupHCUO4VTalGiFESzsnTkYBOJxSlnpc2qjCStSc8aw6QucV83NW7T3LGmVQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame F6CA
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=3733430330646665&bg=!UVKlUhbNAAbASn8N4Eo7ACkAdvg8Wi08qIguxLu-esm78f_HXh6XUi768i3jb8-BFtjSqgygoL5KTgIAAAJaUgAAAAZoAQeZAr44x1LEkDXYvJtqf7AiIjE1UhzCf2ESdDKLwKoM8cj_9lUf3HMciqyv01QCbjLhfOkZ2h4VW5sIkG9RvAAugwU3ocHVSebdLRqavio1iTo34lBzP5olozF3shwERfcsvjtIie7yc_G63Am0M4_dbFhgCmyhL_x-rRGtqUmE6gLnd4pXy-wwrMsuLNwebC1vyB-84AaIFjOxqpMZWtBrY-p7lQDeu9Ro_9dAt4GKLQlUnw04WDq4g843HYeQmm18_o63UFbVhWiDCNHsnAkDkvgv-J5QjtfuOYYqkHO4-VE-V-TXioKxqRT4izqwRTcb_07anWj_zELVg2Ps1M0vGYG5sJByVGmY0qvN_QLfH2xdolxoBuLaZ0mDaMK9BpOnxx5M_NjzhAD3bZzyM0oP6Ph0esnf1HpFcYOAbyTGdXEBIerhoerOPK4p7B9djchC2Q0GBZ-luGSz23cPuGQHy0GG-gIKf1gx6o2IVgvXgX1glYeYxh_Zbjx1u9osUH9PLNLxAg6mqh6qYRFbeb_qAtZ_XC4_W_IcirZkYcI_gyOJF3_fCVoGGzu-orG8y0xPVqrDvWs14MFsVT_2ZL2tFsYV24Bw25ntiLmdf_zhXypwtu039kDFwWx2fvmyLKlFKICWLQOmEh4cLQn_52rkTwukqzcRD1-oB0GPMsZGvzy2lEFfGykkAgVT-Y5bwzyfU5ySmKqfqDYXTmnqxqa6-97GDucmFTrsGMMMJb3wFn2k_Jl05L3mzqvyalJhcToNJUUP_wJLjTopUIjTZ5PgB8WOgqXX5CHPFG2YkavCYxh_WnbmNQgSU2GIvNuTESVGcvfOnuUbBSMGLWCycH137y632KqnykaJxE_P3k123WR-2Yru15Ymv6xWGEDawtAg82cwg63IF5NgDoFCNiE6Kq7UB0qnkQ31OEJ4lhwTUrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxXj7,pingTime:0,time:299,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:227%7D,%7Bpiv:0,vs:o,r:l,t:268%7D,%7Bpiv:100,vs:i,r:,t:299%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:299,n:268,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~728.90%5D%7D%7D,%7Bsl:o,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~728.90%5D%7D%7D,%7Bsl:i,t:299,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.165b283a-4bfa-1471-43d9-ee2ecaae944e.18_1043867-63145646%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD78
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B13os7VutYqaCI4GcgQeX9pr4DQAAAAA4AeAEAg&bg=!3t2l3ZnNAAbASn8N4Eo7ACkAdvg8Wicf2dyUEcZa3OGIEIF0w0tlRoAijxSAJW8r6IQ9ppIeVILA1QIAAAHNUgAAAAFoAQcKAJ58tUGgURwL1Y1l7m6aXIxRngyy6MCAHCnz3D9rvPQqEuQQwss_C_1R4XrFMOwYJxo0KqBBgxcg_E5orXG-y9U79PFdX5odHOPimmbIbPqSIjXCeL7cb7Jd8htWsuHqhCpRTvymMZMgh7gAAlk_7v3X8zHcgLeHwCbZ7Z2rE8fjDfCukRwBDTdNCL7oJbuIHJQbGsdFSRZk8EEYzGJR1JkC1tWo7j6u8SjiPeswgPW5HAvD7C0W-QKrkPWMEvJ8GPKEQU7r5nKNnq1HfCdgwVJ0zQKFCPt4BRC_xr4b8XiLZA_yAhZNy7WLDQoqaF0InsjxD3fRqmBp7NjwiQfoFN_ldT-t3u62UYFXcMr5Ak1VltbUj7qbEaZ-nXhFxbEu4r1HVgoAMikYZEtlZ48OMataL7ctwnp-27W05Y49bnlt31ptVDjMF5Xp38AlVcyhL4lmHKVSZPmC2qaDcN9b0t0x-twxE1sWuwgdU3HIHSpS2w1HLUnwdoVOZtlToI78gsUFEYwconKSv_c5nj4xj3TpIBZjcia33BkgSQVa7ezlUX_4qilm8SqiEb-voW4zEbbzgEWUd4lxGKCd3CgqUAmbyKPmXolaruprjSclQjDM2lPoB3QdeGeiC_14pgfk7KngSts0A2Um5-zRIN-j_5HBLPh1010yvLPV6Mg859dtTlqIOI05tnO3sz2hZjrByvXjihKV-Bzq96v6nd_YYaJWjyCLOemXP2m2ZP5dCiwL0WCajaLSXnYFI2Nd5QK_5aVT_bz_rFTWL9kxIzk8oywufYntVE-VQ91t0d0tHx4vMFHb7nTsDZWEDf9qkylzAGMGVIijugPiyEH5ee3s-i8SVrJvC7JvESwaq3qQQ_m6L-nIIin5EjW85ji57hxfFd1V-g03u5jBMtzTph6pcvQVh61cF3qT77QfZh53j14owPYBEl-4MVVnjq1L-xJBWlcupNxk1cVx-y8F0oEIJyjVYlLORxHl6GDfV32Im_51y8Lol3FLp6ut4j5IeDJ65djgam_7Rx59jdQSqbCdtJ930JKZmzQPdzhneiFmNPHI1cKDlthRMUtkqjb24Etunc-KLO4rkm_E_8QJojsdjx3T6xAVFgZ51SyC8NF5wIXZVAC3L2xWvM0Jrklkka7GJujyLofZpXxT_HEvbA5RPSxC3-73kz_Kmw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3BE7
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=2243736371601816&bg=!MzClMHTNAAbASn8N4Eo7ACkAdvg8WuiQrbMNeq254EepgGOxeFlcAZ2zYoyC8HarONlKE4p1NHjSbgIAAAIiUgAAAAJoAQcKAMqIBoxO3D9H-T4RW8qDpAuBlbcH6wOnhXOPXZFs5VE1fQf0mbmnEac4VT7J_pnO6rMwe6H76As9Q28HsDgVg17qiQVpRSTvhxvsslKPspCefqYu6iktXm5Ct5DNosjuVLuVgPGq0iVevP1mYACi22PVstcAVW7aHAtKO0AjzOl58dxU7k-lY8pi5A2yUUvOn2qlKpRwioo1tV1dzB3knkP4RtFYbCSe1sIQsUexE8anl4SuxCfzTI1leBdSyW6RIJr5XLQ0tvI87YkvmQKq_Z59hpL5-TiIgtHzOiWtltX84TKoUzP44oIkfhNHgScjT_GXzLs7H-SW843_mUk40FwBMBCQByFgwMiJZRTdFxmJhKQFY5y6mwFqhkumWPxM-F8oak1vYxr9Bf5zXZHWPpEzNWRLt43LXr4fQWRVzHckw0_MzOPijFqg_RrdSnAkhCZHRPOTf4d40XDf_xPUrcXFXeOvzleEgiUjGlkHzGhgjgQduhEEjECeaSKCyc4DBJ7fxGpO2KKbAd-F_LBuRTSrldX19Baha-jQqHqXGXGnzU4ph9VOvhCdjiqabTqPL7nTh3fQM5uqY145-xBDxw3rBC03nPSrkoBKeF-JFCa-6-24eG6U7yUx2dXmcQCwWzujU03rf0p5Bh6ohcZaW2MjR_2LiJDPC8NM3W4ZpqlFYtQBRjNqX63WMJvrSpVP_StTUBmLQ8sbVc20gBUA61OeAe0fyFPgLav9fgU42oP6Rb9m8JP4lycC0omFxYmdwCFVZkNMEcLWr-NUtQwy9SiKtPyoSrU-7WKytCnjLk0o2Xp7sqJbbZOpKFFnu6PDpSzZ_ErlAcAqyMZccbmaOSSuolzVzXAgW4wjZeeLknn003mFG_lchicIrSpqEqF6oXhfDpnvOrXVD7MhL7WnHnu3gUOkkvvA26PVRySGQW8qHU_tIhP0LmvpxK8HpnEMGRsKL2rdixhfpzCxiSUKiNokkfbJZfiZ_dG-376_ThnEMKzm_cwiuiU3vpXDKb5UfXid9urcu_zzIx5ranks0gbgK4AKspmJS4gccL4y7yeSG76_d46rp7i4jqK_DE0rpmtmAT3lX1iRTIv_cqg1LQQr7APJtjg1beDXbpCBpUG_VeSwiY7bDmsrbAXBWzI5kOflg6nwo9TLasd3zZEZVtZ2nxb5YwgZBg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

adview
googleads.g.doubleclick.net/pagead/ Frame 3DAC
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjBmY7FutYsOCPZWNjuwPr56WsAHuws26auChqMGbENzZHhABIKzk9ghgu4aAgNAKoAGKs56vKMgBCakC2UbBgmGBSz6oAwGqBNABT9CtBVe_hcuf2OI50nf4NZgtZq5kTGLFoQ1ayGrcabOVsdbS6eiIyInKjjwhUoRq3xISdxrEuer72spHnF_pUnYLJUhQ1dwh-CE4WVx7WSlcpP9YJCMzBFqTwhRK5BsPa2wph7qTi7BzfI8UYM8Tgh_ZEz-6KNoLPBON3cISIabD5c34PxffjfoxAvZ5m5AwHRmqrv06U0EWDsV65FYwcfkuZFetyhs3KJzXowvDkYdq1Qmr62b0WRkpnjCOHJesDSZWIs4IkHnAXtqnxpqwYcAEobH0-oQEoAYugAeK6-6OA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJjjBtIICQiA4YAQEAEYH4AKAcgLAbgT5APYEwPQFQGAFwGyFxwKGggAEhRwdWItNDU3NzI1NDQzNTU5NzEwNBgA&sigh=d0mluHhhAnE&vt=1&template_id=484&uach_m=[UACH]
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417936&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1655528428&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1655528428648&bpp=4&bdt=560&idt=216&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&correlator=2138816995503&frm=23&ife=5&pv=2&ga_vid=1386756890.1655528427&ga_sid=1655528427&ga_hid=804712534&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=1127361340309303&tmod=1565653410&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.i61umhy9m5p6&fsb=1&dtd=231
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 18 Jun 2022 05:00:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3DAC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshucLqRXuqevJbyjpkMs0mp58qB9dEJcyh8Ulkte4ZFuOW2Rg2u2gx06B0drNs1NnHT4VGCRvXBnoLa4X6ulQQ3PMa_BHmIJWwC6Le1GI7AzuQDU_ADt1iZuo_h9I&sai=AMfl-YTOUVziU6e2EPfOU8gk4usdtv5IfPHg6BfG7N_Znu9NLeuVNBIJh_YGzeMujuoyi5axmTyISjrWODLcVL3i33Xs9aWX36uOhWQ&sig=Cg0ArKJSzO2wwyZ2xUxDEAE&cid=CAASF-Ro-RGQ_jXIJd27zvyVNjFGSrxsuw8_&id=lidar2&mcvt=1019&p=0,0,200,300&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=132049923&rs=2&la=0&cr=0&vs=4&r=v&pay=1&rst=1655528428880&rpt=1205&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E5D5
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?S54saA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C1DA
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89397692&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame B782
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZ8qU7lutYoudIM7K7_UPw9Cn2AsAAAAAOAHgBAI&bg=!trWltfHNAAbASn8N4Eo7ACkAdvg8Wtl6ljNtYZVyORr_mjAGkH5ajVTF24jfXC_d5CHMcLMdF5xIfAIAAADIUgAAAANoAQcKAMul5pI_7QMLK6ICEuWO0FxZJoaMhU-jm_oeYcti-pfbD-C2oEsFiZp23avgA8gcROJJ0mU9E_q-sItFOBGmchrL6S0ZiISaXDA6NZTDGbBJh-OO0xujBjbjH_hLsLeMaSbQdn68q7nLuWNXA7W3wJ81ANkhE3Z4VYf9lqnF46Yd4xbkZEU_zM425u3Szhb30wdIzEoev517qKOXMjczJiTXj-QnRCMSddNe4uUYjFX-3sBKSp6xUFw76OuPtC_4VV60ICoa-7ejiJHCppkCzlZEzdfgkADR4Y1Acx41jYG7LSJV20z6zsji36tNdd0AuX5BVeDMx5o179hfsyaZi1RQqu9-r5RwGMYTw1a7xVxEbh_EWczKF3jbUbBkKATwMkltbWjr2CZVZHLNJ0kHEhbcx-F5ZAZsFgMWc8H9OWXHHMP26wd1LpnePck3SekBXri3O6afufUQErwC4llLhSWZQ1gHFOrEGwh0GokHJbB62JzRa_jQvJ7qIHIuQ7iJNwRl7BpJ3P9XpOMV157SbTWfnOBK-C0oJKJiECAzrWCBTLoXRQSNjhR5OLhd2LYLIQYTT1MvB96QZNd9KKRalroO1z1xiA3Uv3rt-NlPKqY5aZy2X2hJkoDbjAJKG5-oAxdP7uOxrw1ewALClv3jYbX-s92a5x2GFitsJ_sM3pXH0tLnJRyuQP9_YoQZyzXiFgEFofhSHZix8d6GKao7GSxwjw8f6POPQBvKa_s4uWuoIWgLnbO7fjXkwkbdABNQ-msdKxUcXovjElkScxftNBI0ouX0BXTvrxexzaYfLfGMyygRhOn11Zsp2ZLj_Hb5Luw79gd3rNCEej4XoJrJprjzBKkcR-uqNrcSaNCqFlXup-NH3c5zwyaMg518oQ4cSeD2mWygCRscNJCzhnd_Srtxgf1Jtlnn6pzkfwL2Azio9g0rQus39gdIRmdB7RO9JBi7xCWOEMN70BubDljQIS48D2eVVFXdhbvrXQtQynrkI-UrWLnl2RQgkT-aMgsv7V8vm2Z6JQ6pbsFIhtg0EbrmEAaaZMqqlm8QIda968k5oHzRF9JzaV3OZ_pmhUgJeKVLptXVTd-vmMEj7LJlF9oua5YrPTqebjJ90p6iZ6NsP0DNLbF6GktdnmVxwfQ1R-60IdgSnmNacenWy8F_GgSuDPes1ZepkpmYQr1b3_9DbN0Px-9qwn1pwXTjMUU3vnbdU2QXCStXXY51HEI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXn9,time:600,type:e,im:%7BpWait:28%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:600,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B307~100%5D,as:%5B307~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:207,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.d48ddb93-4e33-5167-1b65-b6445bf05481.38_1043867-63145720%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 96B6
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXHv07lutYqiZIK249u8Pt8SXgAoAAAAAOAHgBAI&bg=!JSalJmLNAAbASn8N4Eo7ACkAdvg8WmyRQGNwnw9z_9s3O2w6iwnr5f2fZCjIII2U4PEAYIb9UYcqDQIAAACmUgAAAAJoAQcKAKpYeKe_v0y9oyHRWZpTsoYY3gi2_WpO79c6HS8iOkmt9kpVtJIzXl6Fzg6FB_tZh5HBwcNUoEitDSzNhRWZKbxvFGl8esgzmDkUL-X94GdQ7T8yWFzQHW3VKX0sH-C0WwE2JLlBFK4gbiiWzZx9wxjfp5xRgcy27PH65i3baTNN6LbroNmLGXtOZDtN05XiNMNimBDlswRgLUy0lvpQVbsI5C98e5fpaBLFo5kC0jlLoqFTP_B6Wv6ZKVOct_HzMzWyZroaFi7I50PMzM9SM50mGb2vdckwBwQ8t3_avHQNYdKR5T-4sPEFMLZh4fVHkuSVL7sppeNS5Ul6bgSn4MWgL4H0fFZnW2bCy07HDvQDNMFM4TvRzLcg4sIOpE-zTMl0Yyf2jxXUiC1hTVF_T00vib-j6-MUJ0vxWls_G4NaSYBWBDo-sAD3u-e2we2007lOc1KidS8GjWuT3EawKN2vlUIk1qsbe5k_NaXMuT4b4c0ptWR6H_j641o354i6Hj5BX8QpLI7wwgJGA_y6q7fgv8Z1Cj7INxWcVLWZCXfuxnEErI8DCVKDfV9ycF9uL714FBJProLv71mZKTBLys7H8zpTSRqkw_CA0l8YTyVdhcSQCMgxVsTuQTZmm_QmEAyKJApjld77e7RbfWKIHLWLFQ-MpSH3te_MtFP1HcYsydHzX66QfvQi3CPoYpaPVrUnoNlWv2qTo-O3ZQ-oUNFp-8TuH-eRYDcVCO-zTODCvqn6roBwbF_wxgIHnvya0q-3K8k-NIuVYVDtPVApvCSy_UqhD15ogHAWnxTbqjHVqDuPD16wLaRc9jCCpoioU6I-u-vXXkT-aoJo32en4_YggqvVVr-NcAU7ECpO4zDAUdoeOc8-lzbjLZe4ClvaTVXWQhZd1-mX_xLmik-_nm0JeevxKIxK9pCSf8mjib8KKmNhHpHI1tlgpGICgAxD5CyuPMGskM9dfsrdMvEA95CkPP5F4-B2qU-RXf3VtXCfv3rbB-pXKZNl2sZXtqnoan1G4uwrKhmcUsbKRMsEEXcZ4SlV5fMJqIUWamNprE__LYQjnRmopSKyb6u6hhP9w43TDFi-v9Z1pZO4TddvnnFm4ux7R8a97xHo-NpNqO2jtSf8EDMC6vT0dQK2DC0W5xCKv0-knPggXtTnTRfJPOdY-ih1gHsemdU1Dx4Zhu3j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxXni,time:1184,type:e,im:%7Bpci:%7Btdr:1023%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1184,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1179~0%5D,as:%5B1179~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:193,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.1043867-63145646%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.ffd79433-8493-47d3-771a-e688561285d6.71_10933%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXo1,pingTime:-10,time:654,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1655528431397%7C%7C453827d3a39fc17977a31fd629ee50f9%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C6cc80b5889708108910985ab250c4d1e%7C%7C77fc1a579982d2ed89c7988f3b027aea%7C%7C61def1b8814240498743b20df832e46d%7C%7Cf654dd05130edd787923c73c473e68b5%7C%7C6bf6e426a98c2671a1900b93e62329b2%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame 2F19
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87103682&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
82c5ada682ec68c6930789823a1006dd6bc50467a752b30132d30bb2751885dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1351
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxXor,pingTime:-10,time:629,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1655528431423%7C%7C4ccabd012daa1febe113ed08edc21799%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C0364e5d435b2344e108bf609fbe88bb9%7C%7C49ea35a056c8f527c5612aa9b34c4ad6%7C%7Ccb78255d230f3af4ab3a0c30065ec15d%7C%7C7a976c9b410fa81b4d2b6e78e95b23d1%7C%7C75ae058e6778848a5afb1151f8242a4a%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D1D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=2788399133417738&bg=!SkmlSQ3NAAbASn8N4Eo7ACkAdvg8Wv13pWsthwz2S0oqpqhlHh-tStIOhXyv-_n-QNi4LDfIv8ynLgIAAAGIUgAAAAJoAQcKACYRU_cUv3rzlRF-y6Mz4cPZwgL-dNbJU-B-dU9nusEsEzbnICTKbZkC1YmlVlZvSDkLStJPTalMsAujmSF_78iaIQbQuHaeNnPtDgS_DR1MHvH3vlC3sTAQ9FjDcnrVf91-kVhSoe6FTt7-ACiiXzTXEz_ePgzn9yr8H5DlhBgkCsh3WiWMpEAQNP9lLNpmBBcxDInIyXxmyX-l5alS7Lt_tKlbNxnOmhHiIAVF_yGcHWG7914ZWldI0K5FtaJ4EHbVIX2d6ejPIEeloXtQu9_xTf8GBfiL_Nsv20EArbmjjeyFbFTeNWbPEmQ1AopFFxY2zm6IFdLOVYZXAamqsXL5i33LrlFJ3APO___R1mkkHmMQUujrqE0QBq18hMwu5zT9Am88WU1701MSYKjNxmg9Quv3y6-gEST7mxMSrOxuWK0AAisSlP7cpiQhKxKNDgeu4zo_0dmJkQQxAzJcpyBB_yOFM-YPr5k2gIuiPHTHGV6xFPOmisfXQj1P2qf3MpCtCfmAEvodi1NVKsChtVkl6Cz1L3OAG0uSzdKZW9bNEV6NgL5_VjrxOrM0EWhsyV___8E3a4EDhTORvtJ9BOxR4kw2AL8X1PD5RnT2rZxspe60FnswTV4QfcyRPfjywBla-s82t-3yPI65JP4QjG7l4onNMN6pFXDpJHS_GcqEbV8Y9jyRDtHLSW8JpsHZ1P-qzq4cWg4bvPkHVvc982eAa4uUC6Jm4ZH1ZwJFyAk3MnreaDmVW5DCWn8Jnme7tKivBiUXQ9yB88SwKLzo-1LSRKhLh7lHYjbkQatxcEQ3qORJ4HoG2iZ0vfh7FLfaawBS5EtHxUr2LA64uzeHjo7aoJSMrNKtazL8wd3kkTNw_uOvlIKx-O5z3NIwehNQrDJQbk3NzHNpiiHVVCDO6px3Ct6MK9kaImuPDWh4-bS9TWPF0Ablmp6IgLMF5vzjSmMk7XYl_QCnHle_6b_m29o2X74z8Dr6pRYTp-DJiHH4Tjt9IQDZ-Gn_RA0NkID7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

SPug
simage4.pubmatic.com/AdServer/ Frame D43C
0
47 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7e8db8008544cb3a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ Frame 87D0
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=2373915998708392&bg=!y8ilyIzNAAbASn8N4Eo7ACkAdvg8Wgt_iCxkJ_4uI1e8c0RcZ-S7mcZZHTzbqyUih2Kt4WA0I1Qw3wIAAAGrUgAAAAJoAQeZAruUSenoqEwFdi-MQIFV1WJ3ZFRPNGujHOduNifmbJQ93ReLWWL1WHvehU-I0pEtU7W3lf96EDSqFeypllByGTPVK3Tf6I8vjV5oRcmWTjdQyV6MlETRs3rg97H4iZBptu7jmA_-p1zycUeDgDr0fiPJethQny2XjJU1QUrHmFTmhXgj7m7YPYYEzOixRQ_xV0c0Pv1dG1vz8hNK3lJ4KAw-TRTrye3A65iuowJsILXGLNZX1iswssJ47bHwW3tkGjl-mbvAGWVeAgghhPx6ndu4DEExfG0z_9wy0DjVl45ybrdk7jdjLLCRncbR_3puqgLZ_SVderanph_mo2_o-fxXtVGampTQoTHp05uKzcWvOqpcHjG_3SNIa9Zf5wmuA0_g4GxrAvwk02dOP5kVVBYEMFKbBwXZC74UWcL52Tch1Y5W6Dbd8xsj3mFMVU8SHFagayW0wY9ll8SmdDb-AdXFoFq3CP5nPgYh2KJx6vRd63_M9-Ojkb_5XXW0IVgs8VR1GsU3yvfBYyXniOeqvzODZ6UI33Z4vej_S8qTQBlap3PtzApi4PxCE_lbGkVrO2KR6oxffXSKtyzRz6HCRZoNLOK2ryfLus7bgw6MCBxcnEnbSBhSDJ8EnhGlXSyUdqYAwdn4EDHnFLtD2Q7N89CNO7G8Xcp3B_t3VqqXIAZzpg7DZyXAChCDSfhTtsJ9Xn5GQx83gW8hAwxjoaPxMYnsyE7IhbBfjzJFBUOvlzObPYdcOUsOh0yjjDJtvHJRcEQRppfcmV71hQ6pJxcEDOk_W2TAKp9B4nL0Ecs86eOjoBUGIKaMLTc3YDhksA8pNfPiQoqLF1Lf_7N-ySNuyslwpRRZdnt6IzqCLVJSejCD7GGU_4CcQf_onaesQ_6H6fx4gGQapba0ifatR1j4iI0xam1XbAGZqDVxo-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

PugMaster
image6.pubmatic.com/AdServer/ Frame 22E3
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28939524&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
82c5ada682ec68c6930789823a1006dd6bc50467a752b30132d30bb2751885dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1351
content-type
text/html; charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame FE72
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1655528431675
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6119977725
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6119977725
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:31 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 18 Jun 2022 05:00:31 GMT
etag
RX39d0b3bfb0fe49e79937f3a3bc4ada76003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6119977725
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 5A17
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Sat, 18 Jun 2022 05:00:31 GMT
expires
Fri, 17 Jun 2022 05:00:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 4A6E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HNu6hRnjQmdk4kVZmd_WhNmKxGM
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HNu6hRnjQmdk4kVZmd_WhNmKxGM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 19:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Jun 2022 05:00:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HNu6hRnjQmdk4kVZmd_WhNmKxGM
Pug
image2.pubmatic.com/AdServer/ Frame AD91
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=juG9l1HWCzWFEn8V8FutYg
42 B
307 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=juG9l1HWCzWFEn8V8FutYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Jun 2022 05:00:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:32 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=juG9l1HWCzWFEn8V8FutYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
um
u-ams02.e-planning.net/ Frame 0B29
42 B
103 B
Document
General
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=7ed9cdc1beb8ef27&uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sat, 18 Jun 2022 05:00:31 GMT
server
openresty
pixel
ps.eyeota.net/ Frame 2F19
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=13017b97dca19c34bbdb9ba112041a9f&gdpr=1
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=26cb9f1e1fee4f6d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=26cb9f1e1fee4f6d/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent}
  • https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgi...
  • https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=d2f410214eaec4f6
0
344 B
Image
General
Full URL
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=d2f410214eaec4f6
Protocol
HTTP/1.1
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:32 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=d2f410214eaec4f6
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 2F19
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&addseg=11,34,40
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&addseg=11,34,40
Protocol
H2
Server
104.36.113.68 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Sat, 18 Jun 2022 05:00:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&addseg=11,34,40
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 2F19
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:34 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:33 GMT
frontend-id
10
location
/pubmatic/1/info2?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 2F19
43 B
500 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.93.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-93-140.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 2F19
0
34 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.183.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-183-195.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:31 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 2F19
35 B
209 B
Image
General
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.233.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-233-6.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
generic
match.adsrvr.org/track/cmf/ Frame 22E3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 22E3
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&gdpr=
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&addseg=11,34,40
0
0
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&addseg=11,34,40
Protocol
H2
Server
104.36.113.68 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date
Sat, 18 Jun 2022 05:00:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&addseg=11,34,40
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 22E3
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:34 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:33 GMT
frontend-id
11
location
/pubmatic/1/info2?sType=sync&sExtCookieId=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 22E3
43 B
500 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.93.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-93-140.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
generic
match.adsrvr.org/track/cmf/ Frame AAD6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5017687871
70 B
264 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5017687871
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 18 Jun 2022 05:00:31 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sat, 18 Jun 2022 05:00:31 GMT
etag
RX39d0b3bfb0fe49e79937f3a3bc4ada76003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5017687871
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 981C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Sat, 18 Jun 2022 05:00:31 GMT
expires
Fri, 17 Jun 2022 05:00:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FCE35E6F61AC44CA9A27F932D3162AE4
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame EAE6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6Q-IBnnbSjdR9V9okZdWmdmKxGM
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6Q-IBnnbSjdR9V9okZdWmdmKxGM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 21:07:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Jun 2022 05:00:32 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=6Q-IBnnbSjdR9V9okZdWmdmKxGM
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 22E3
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.183.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-183-195.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:31 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 6EBE
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=FnaQv_xFBbex3tZn8FutYg
42 B
227 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=FnaQv_xFBbex3tZn8FutYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 18 Jun 2022 05:00:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 05:00:32 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=FnaQv_xFBbex3tZn8FutYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
d1ba4609
rtb.gumgum.com/getuid/ Frame 22E3
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.233.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-233-6.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
csync
sync.adtelligent.com/ Frame 4D6D
0
407 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sat, 18 Jun 2022 05:00:31 GMT
Etag
589f7a4a25a5e1a0
Server
VertaMedia 1.0
sodar
pagead2.googlesyndication.com/pagead/ Frame F82E
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=2096387545079407&bg=!QkGlQQXNAAbASn8N4Eo7ACkAdvg8WmVSJsPvRwypEdLal1kSBH2hOjf8iTBXxZCUUT1TPicyf9bBBgIAAADUUgAAAAFoAQcKADr6LOp7CSRTmcam-VKfgCI96PI8dpNIAry2U-61K3Z4cdISGrMWyz4CXQf7h1RQGJcsE1GOki_paXX4mQLU1TrclLHjGzm40bdvpixHLIcs7QRb971KCM2bi-2XZmqGEgHJETUE05oyrbRXFbcl18r7w-0RkI_scLtlOPhXHqeok_IW5vtBFeW6qi6RE6aHicmvhl_h4VoX_CM9XxC2yJZnTe0TqM__JNpGGVsAw--gpZixeQPQxUuPPsCew60dVKO6E95GkZ7THnsFP1O5M8TbQx8YdC60WqBbjLnxl7e1GgnLPtFNpAQRupwq6ATHKXtkCvMaL7qAs4-Mx3Ya0g9GzfZwLK3tf6-eW4VcUflNn2vgJGh8IBoUnz2fXhCdctNUiOHCJJ_UvUzJE3OzrX1Qofx3Yl2KS-blQR4U3b_0TtuMaBbuWL25rWJPwcAzt6GuT8yHt2EXeIYWhWaE0o5N6hxRVb7VB6EgwDYJfstKaCa9YYGBl2kg5nrwfkb6Si4RTK_yDr13p4ZRrL9r8_WVQl1JAUp1n07tMWxRlQU8FMYjhy7kpEiXA0MdRFE2Bdji-Gs4ARa5G-kfhyjB02KmaoAkq6RIMsdrP0KIzB5IOcBKZ83OFK00GjGXSz3gW_QFn8gS7tvGo5ipcadMz-2JfsFxIcXvRWlu8jyP64fLo-rXASlh1p7-eVu3fHlen7C_8V5CTYZ-vABHtrAD2iUzinEFhZsGMq1rQu5j-1W-cjA5CgdqbfK9EN7fdf4p4-be7MtLR4yHxglwCLacS19TUtUBcZXJeLg37MVWuG4xYL_Uh6nLnVStxwb4s9xA3BybBIpJCqhkmx8xknxqtFOX9cjnU0ehgisg_TuR6gl5Dx9b2TAwQEOYXCPSk8zVGY_tQtPijdtG_sI1yNNmpKQ2gCct1pEzKXJOQar-W-MLKSm3xIAYc1QXXQAwA0jNlpzvwhPEsyRoR70Br3gCb6fXjA-jA61OvgPc3GgcGmF4rTHmi1_3yK-58X1D1jliPxtGLm1UJyejMsYxmvg_oJ1HAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame D055
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstblRsm-8FGAYhclgYgj-yKSoj8pZzzn4eznwlECfnyrPswjWUB0IlQF2ugwWne3lgvC6Mao2lM0dV-EjXPpaavJlXrf7sCtg&sig=Cg0ArKJSzPW0K7mTDDVqEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3062569614&rs=6&la=0&cr=0&vs=4&r=v&rst=1655528428946&rpt=1951&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D055
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnpjx1W6LUfYi7pwozwjhkxjao51cgaEykEStwcMzJaVqaWAflCWTJ8HPfG9-K3dG_dQYg-CgD3QPGsrsen5DtYpaXcBA8HKTk2IAOMHQ15VkgTRrELRjZyVFNvxs&sai=AMfl-YQwGMPO-l1fZ-ULzqdafzJQoBNbCZNkYoTUW8ABvO2_y1LXqohY6-eBHMleftaCTHoW9zY2wI3xdXkszMNF8ZvKRSNVf7rgR9k&sig=Cg0ArKJSzHZPIZKBGyUwEAE&cid=CAASEuRohTW0Jl-Sw8nFVC_lKv6FBQ&id=lidar2&mcvt=1002&p=0,0,94,728&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=3481491427&rs=2&la=0&cr=0&vs=4&r=v&rst=1655528428946&rpt=1948&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2919
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJm56NKbTUXUG0BF6rP5ZflrrRiTKbUGbsrk1BIzioMnCKNOkxFioiJF0eHObDwwfXEID9SmMUFThMb8ePNsw400YbFDGU8g&sig=Cg0ArKJSzBhUylo-JfN1EAE&id=lidar2&mcvt=1004&p=0,0,250,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3430571816&rs=6&la=0&cr=0&vs=4&r=v&rst=1655528428976&rpt=1965&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2919
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsss7BAiI6hi20sG6T4dsY7XlsMgszG2HqUr8gf1bqgzQybPwMELSY2HdZzVwV1yG4gRrLkGQlHd3luhsibpXp_R5UoW8_oy-9O2tdYtMsPfOEQonrfMiKGT4AHwbek&sai=AMfl-YRCvu8SjMe9LQTiVU5Tg-fJmQNy-pmefIE2vMislKPek03F3sbHkc_HMGowgpTnqlL38Y9mKoI3yFs4WaHS4ro7t5YUU_rwvYI&sig=Cg0ArKJSzDpKsb-nA50tEAE&cid=CAASEuRoMM1V4-13zEwU-UiO5PyYfQ&id=lidar2&mcvt=1006&p=0,0,254,300&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2159672584&rs=2&la=0&cr=0&vs=4&r=v&rst=1655528428976&rpt=1962&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame DC64
312 B
550 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32020021&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d594086269da364755f21fab9e106268cedbf7d487ea35f67c0c36126d131b82

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
312
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXyq,pingTime:1,time:1299,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:225%7D,%7Bpiv:100,vs:i,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1299,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:187,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.d48ddb93-4e33-5167-1b65-b6445bf05481.38_1043867-63145720%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXyq,pingTime:1,time:1299,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:225%7D,%7Bpiv:100,vs:i,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1299,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:187,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.d48ddb93-4e33-5167-1b65-b6445bf05481.38_1043867-63145720%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxXyr,pingTime:1,time:1300,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:225%7D,%7Bpiv:100,vs:i,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1300,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:187,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.d48ddb93-4e33-5167-1b65-b6445bf05481.38_1043867-63145720%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxXyA,pingTime:1,time:2178,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:1161%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1017,o:1161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1156~0%5D,as:%5B1156~728.90%5D%7D%7D,%7Bsl:i,t:1161,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1017~100%5D,as:%5B1017~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:206,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i1.1043867-63145720%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.33a44f13-a92f-b5b1-910e-68f6709d7858.40_10933%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxXyB,pingTime:1,time:2179,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:1161%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1018,o:1161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1156~0%5D,as:%5B1156~728.90%5D%7D%7D,%7Bsl:i,t:1161,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:206,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i1.1043867-63145720%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.33a44f13-a92f-b5b1-910e-68f6709d7858.40_10933%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxXzl,pingTime:1,time:1305,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:227%7D,%7Bpiv:0,vs:o,r:l,t:268%7D,%7Bpiv:100,vs:i,r:,t:299%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1006,o:299,n:268,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~728.90%5D%7D%7D,%7Bsl:o,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~728.90%5D%7D%7D,%7Bsl:i,t:299,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1006~100%5D,as:%5B1006~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:186,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.165b283a-4bfa-1471-43d9-ee2ecaae944e.18_1043867-63145646%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxXzm,pingTime:1,time:1306,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:227%7D,%7Bpiv:0,vs:o,r:l,t:268%7D,%7Bpiv:100,vs:i,r:,t:299%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1007,o:299,n:268,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~728.90%5D%7D%7D,%7Bsl:o,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~728.90%5D%7D%7D,%7Bsl:i,t:299,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:186,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.165b283a-4bfa-1471-43d9-ee2ecaae944e.18_1043867-63145646%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxXzm,pingTime:1,time:1306,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:227%7D,%7Bpiv:0,vs:o,r:l,t:268%7D,%7Bpiv:100,vs:i,r:,t:299%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1007,o:299,n:268,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~728.90%5D%7D%7D,%7Bsl:o,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~728.90%5D%7D%7D,%7Bsl:i,t:299,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1007~100%5D,as:%5B1007~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:186,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.165b283a-4bfa-1471-43d9-ee2ecaae944e.18_1043867-63145646%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
um
u-ams02.e-planning.net/ Frame 5A37
42 B
103 B
Document
General
Full URL
https://u-ams02.e-planning.net/um?dc=a208d9366469aa64&fi=7ed9cdc1beb8ef27&uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Sat, 18 Jun 2022 05:00:32 GMT
server
openresty
/
io.narrative.io/ Frame DC64
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
  • https://io.narrative.io/?io.narrative.guid.v2=94c5b0e0-eec3-11ec-a9a5-06119d0d8b4f&companyId=673&id=pubmatic_id:EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
0
247 B
Image
General
Full URL
https://io.narrative.io/?io.narrative.guid.v2=94c5b0e0-eec3-11ec-a9a5-06119d0d8b4f&companyId=673&id=pubmatic_id:EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Protocol
HTTP/1.1
Server
52.208.25.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-25-247.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 05:00:32 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=94c5b0e0-eec3-11ec-a9a5-06119d0d8b4f&companyId=673&id=pubmatic_id:EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Date
Sat, 18 Jun 2022 05:00:32 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame DC64
49 B
279 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.14.190
content-type
image/gif
content-length
49
x-consent
absent
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxXN1,pingTime:1,time:2779,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:29%7D,%7Bpiv:100,vs:i,r:,t:1778%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1778,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1773~0,0~100%5D,as:%5B1773~300.250%5D%7D%7D,%7Bsl:i,t:1778,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.1043867-63145646%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.ffd79433-8493-47d3-771a-e688561285d6.71_10933%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:33 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxXN2,pingTime:1,time:2780,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:29%7D,%7Bpiv:100,vs:i,r:,t:1778%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1778,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1773~0,0~100%5D,as:%5B1773~300.250%5D%7D%7D,%7Bsl:i,t:1778,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.1043867-63145646%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.ffd79433-8493-47d3-771a-e688561285d6.71_10933%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:33 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
SPug
simage4.pubmatic.com/AdServer/ Frame 2F19
0
47 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D7ed9cdc1beb8ef27%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 22E3
0
47 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 05:00:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=ffd79433-8493-47d3-771a-e688561285d6&tv=%7Bc:fRxYAR,pingTime:5,time:5294,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:225%7D,%7Bpiv:100,vs:i,t:293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5295,o:0,n:293,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:224,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B86~1%5D,as:%5B86~300.250%5D%7D%7D,%7Bsl:i,t:293,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:183,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.d48ddb93-4e33-5167-1b65-b6445bf05481.38_1043867-63145720%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:36 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxYB6,pingTime:5,time:6178,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:1161%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5017,o:1161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1156~0%5D,as:%5B1156~728.90%5D%7D%7D,%7Bsl:i,t:1161,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5017~100%5D,as:%5B5017~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i1.1043867-63145720%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.33a44f13-a92f-b5b1-910e-68f6709d7858.40_10933%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:36 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=165b283a-4bfa-1471-43d9-ee2ecaae944e&tv=%7Bc:fRxYB7,pingTime:5,time:6179,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:34%7D,%7Bpiv:100,vs:i,r:,t:1161%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5018,o:1161,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:34,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1156~0%5D,as:%5B1156~728.90%5D%7D%7D,%7Bsl:i,t:1161,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5018~100%5D,as:%5B5018~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:183,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.1043867-63145646%7C1d11%7C1d21%7C1d3%7C1e1%7C1e21%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1g%7C1h%7C1i1.1043867-63145720%7C1i11%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.33a44f13-a92f-b5b1-910e-68f6709d7858.40_10933%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:36 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame D055
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=33a44f13-a92f-b5b1-910e-68f6709d7858&tv=%7Bc:fRxYBN,pingTime:5,time:5301,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:227%7D,%7Bpiv:0,vs:o,r:l,t:268%7D,%7Bpiv:100,vs:i,r:,t:299%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5002,o:299,n:268,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:227,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B56~1,0~0%5D,as:%5B56~728.90%5D%7D%7D,%7Bsl:o,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~728.90%5D%7D%7D,%7Bsl:i,t:299,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:184,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1*.10933%7C1d11%7C1d12%7C1d13%7C1d14%7C1d15%7C1d2%7C1d3%7C1e1%7C1e21%7C1e22%7C1e3%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1.10933%7C1i11%7C1i12%7C1i131%7C1i14%7C1i15%7C1i16%7C1i2%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1d1.165b283a-4bfa-1471-43d9-ee2ecaae944e.18_1043867-63145646%7C1d1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:36 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxYPx,pingTime:5,time:6779,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:29%7D,%7Bpiv:100,vs:i,r:,t:1778%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1778,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1773~0,0~100%5D,as:%5B1773~300.250%5D%7D%7D,%7Bsl:i,t:1778,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:184,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.1043867-63145646%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.ffd79433-8493-47d3-771a-e688561285d6.71_10933%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:37 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 2919
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=d48ddb93-4e33-5167-1b65-b6445bf05481&tv=%7Bc:fRxYPz,pingTime:5,time:6781,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:29%7D,%7Bpiv:100,vs:i,r:,t:1778%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5003,o:1778,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1773~0,0~100%5D,as:%5B1773~300.250%5D%7D%7D,%7Bsl:i,t:1778,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5003~100%5D,as:%5B5003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:184,fm:t95azLA+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C191%7C1921%7C1922%7C1923%7C1924%7C1925%7C1926%7C1927%7C1928%7C1929%7C192a%7C192b%7C192c%7C192d%7C192e%7C192f%7C192g%7C192h%7C193%7C194%7C195%7C196%7C197%7C1a1%7C1a21%7C1a3%7C1a4%7C1a5%7C1a61%7C1a62%7C1a63%7C1a64%7C1a65%7C1a66%7C1a67%7C1a7%7C1a81%7C1a82%7C1a83%7C1b1%7C1b2%7C1b31%7C1b32%7C1b33%7C1b4%7C1b5%7C1c1%7C1c2%7C1d1.1043867-63145646%7C1d11%7C1d12%7C1d13%7C1d21%7C1d3%7C1e1%7C1e21%7C1e22%7C1e31%7C1e4%7C1f11%7C1f21%7C1f22%7C1f3%7C1f4%7C1g%7C1h%7C1i1*.1043867-63145720%7C1i11%7C1i21%7C1i3%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1m6%7C1m7%7C1n,idMap:1i1.ffd79433-8493-47d3-771a-e688561285d6.71_10933%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.170.188 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-170-188.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 05:00:37 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.admixer.net
URL
http://cdn.admixer.net/scripts3/r/vast.js

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation undefined| returnExports function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| _gat object| gaGlobal object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding object| hb_dmx_res object| banner1550_65172291402423224 function| html2canvas function| _open object| ap_br_img number| k object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

155 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: eaef3e8ad51b439f8299d617ffecd440
.zdorovia.com.ua/ Name: ngTrackID
Value: 3227c2ad3a65b1a445177d4de6b29d89
.zdorovia.com.ua/ Name: PHPSESSID
Value: rffp2h0upjuj1c0qcdqf3vh884
zdorovia.com.ua/ Name: b
Value: b
.youtube.com/ Name: YSC
Value: SM9UsVPrc3M
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: -pn0aMR--nI
.zdorovia.com.ua/ Name: __utma
Value: 148597372.1386756890.1655528427.1655528427.1655528427.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1655528427.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1655528427
zdorovia.com.ua/ Name:
Value: store.test
zdorovia.com.ua/ Name: session_id
Value: 94d1eccc-af03-4a50-a207-7da9100d5cf5
zdorovia.com.ua/ Name: site_visited
Value: 1655614827.1
a4p.adpartner.pro/ Name: apuid
Value: d9e06798-a675-44d2-8df8-20d92f975ccd
a4p.adpartner.pro/ Name: apudmg
Value: 1
.yadro.ru/ Name: FTID
Value: 1YhLlh3BxK8L1YhLlh003MAx
.yadro.ru/ Name: VID
Value: 1caUIi1EWxeL1YhLlh003MBZ
.ads.go2net.com.ua/ Name: am-uid
Value: eaef3e8ad51b439f8299d617ffecd440
.admixer.net/ Name: am-uid
Value: eaef3e8ad51b439f8299d617ffecd440
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AA7CRTmkhoAqAcvF
.adform.net/ Name: C
Value: 1
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 0205e699-1718-52a9-b1ab-9cc6d306c72d
.betweendigital.com/ Name: ss
Value: 1
pa.tns-ua.com/ Name: uid
Value: Z56B3E6DAE674F78A0A0FC380DB57CEB
.adform.net/ Name: uid
Value: 5771192511099334769
.adnxs.com/ Name: uuid2
Value: 8890989073348379753
.lemmatechnologies.com/ Name: uid
Value: 9238933f-eec3-11ec-8728-801844df0ab8
.casalemedia.com/ Name: CMID
Value: Yq1b7CMSAqsT5-pQYqA69QAA
.casalemedia.com/ Name: CMPS
Value: 671
.zeotap.com/ Name: zc
Value: d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
.exchange.buzzoola.com/ Name: uuid
Value: 33291eef-aea6-4455-55a7-85882921079c
.openx.net/ Name: i
Value: b00faf1c-94e7-48f2-bf21-122eb396c63f|1655528428
.casalemedia.com/ Name: CMPRO
Value: 301
.creativecdn.com/ Name: u
Value: NGHHUe1AjHMuul7kFK0n
.creativecdn.com/ Name: ts
Value: 1655528428
.tapad.com/ Name: TapAd_TS
Value: 1655528428269
.tapad.com/ Name: TapAd_DID
Value: 0302529d-d3d6-4f39-bd6a-07115ec66a7f
.yahoo.com/ Name: A3
Value: d=AQABBOxbrWICEJhgGbq_K-fhD0jATuA978sFEgEBAQGtrmK3YgAAAAAA_eMAAA&S=AQAAAkOFg6c21pMithiR2tgQexc
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.bidswitch.net/ Name: c
Value: 1655528428
.bidswitch.net/ Name: tuuid_lu
Value: 1655528428
.bidswitch.net/ Name: tuuid
Value: c5992057-d116-475f-a56f-fd26a216474a
.demdex.net/ Name: demdex
Value: 22777325864304179063780404123747324637
.360yield.com/ Name: tuuid
Value: b4aa3df4-0a31-4bd3-b7fb-2433e7b3325c
.360yield.com/ Name: tuuid_lu
Value: 1655528428
.tidaltv.com/ Name: tidal_ttid
Value: 9fd7238f-dd73-4f9f-8b51-d3bd1ebcbf0d
.adfarm1.adition.com/ Name: UserID1
Value: 7110440455866742923
.dpm.demdex.net/ Name: dpm
Value: 22777325864304179063780404123747324637
.weborama.fr/ Name: AFFICHE_W
Value: rhcCDtioX4yu62
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjQ1sjK0MAIApj00MAkAAAA="
.doubleclick.net/ Name: IDE
Value: AHWqTUnMJC8sug-ml2N24bW7kJ4jzaorBMqgNFbWJSeFktTsaaAAQIc3MdsrSUDoWP8
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
zdorovia.com.ua/ Name: lapuid
Value: d9e06798-a675-44d2-8df8-20d92f975ccd
ads.avct.cloud/ Name: uuid
Value: aed88965-cc67-40f3-bbcc-51bbcc9b8863
.agkn.com/ Name: ab
Value: 0001%3A533JzPfk4KjsBHZYgIlVk2AGxwwo%2F6Xb
.krxd.net/ Name: _kuid_
Value: O5616bQX
.richaudience.com/ Name: avcid-zeo-uid
Value: d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yq1b7AAJwvaGzAAo
.betweendigital.com/ Name: ut
Value: Yq1b7AAOFXhZw1-6wq6U7rVchiRmPuQbxyv79w==
zdorovia.com.ua/ Name: session_pageview
Value: 1655528429.3
.zeotap.com/ Name: zsc
Value: %0E%9F%3A%9D%AF%FB%E2%211%97%C78%DA%B4%7F%3CHB%5D%BA%B2H%A3%80%F1%C0%955_%2B%84%B8%82%91F%D9%90%07t%C7oHvb_%10%05y%E5%CAb+%DB%21%14%ABo%E1%DF%D8n%FDZ%28%D53%ED%94%21%14%81%17%02%83%C9%08%87%B8%CC%8Co%94%80NF%EF%8A%80%3B%12%17%B6%E38%7F%7Cn%EB+%2F%1A%91%B4RXl%A9%3C%05%1F%F1%A5%A6%1D%27%CC%064%EAYbB%156%97%D3%26%DFZ%27%C7%D1%8E%AD%15%86%DEj%EE%BFq6%DD%D5%0A%1E%F4%3A%DF%BB%EB%94%A4m6X%02s1%DE%3B.%7D
.zdorovia.com.ua/ Name: __gads
Value: ID=5f9f211e498bb6ad-2269f9f8b4cd00b0:T=1655528429:RT=1655528429:S=ALNI_MYpld_99QHAlR8MmVH5nele_uBvWg
.adtelligent.com/ Name: a584890
Value: 8890989073348379753
.adtelligent.com/ Name: a319130
Value: 5b76564d-22ef-4297-b56f-11b820420fd9
.fwmrm.net/ Name: _uid
Value: "o1e38_7110440460153359950"
.adtelligent.com/ Name: a307558
Value: d9e06798-a675-44d2-8df8-20d92f975ccd
.adtelligent.com/ Name: a307971
Value: AA7CRTmkhoAqAcvF
.console.adtarget.com.tr/ Name: vmuid
Value: f46b4e9de06a6769
.console.adtarget.com.tr/ Name: a307457
Value: 5771192511099334769
.spotim.market/ Name: vmuid
Value: 589f7a4a25a5e1a0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adtelligent.com/ Name: vmuid
Value: 589f7a4a25a5e1a0
.adtelligent.com/ Name: a297253
Value: 8890989073348379753
.eyeota.net/ Name: SERVERID
Value: 22699~DM
.audrte.com/ Name: arcki2_ddp
Value: CAESEK9PHSPwcXzeZXGvBZSJwzk!20210804!1655528429494
.analytics.yahoo.com/ Name: IDSYNC
Value: "1985~25is:18z8~25is"
.admixer.co.kr/ Name: __auid
Value: 0f372de76c78591138aea8cdb071859c
.admixer.co.kr/ Name: __puid_103
Value: eaef3e8ad51b439f8299d617ffecd440
.admixer.co.kr/ Name: __id_utm
Value: 20220618
.admixer.co.kr/ Name: __id_inf_103
Value: 0_eaef3e8ad51b439f8299d617ffecd440
.adtelligent.com/ Name: a309255
Value: 5a7d1f8a-84ff-44ec-8e7b-1ad356ea374f
.acuityplatform.com/ Name: auid
Value: 675823621855
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQF0lcUGmmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUBdJXFBpo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.audrte.com/ Name: arcki2_adform
Value: 5771192511099334769!20210804!1655528429571
.audrte.com/ Name: arcki2_TTT
Value: 1655528429572!41hbWGgowElQm2avfzXj83L0A!H4sIAAAAAAAAAE2WPZItJwyFF0NMFQiBIHTgwOWyA9fbAAK0/yW8rydycqvnTl+Qjs6PynjS7j75ylu5he+8pO7sq53b25Wonpbd1UUlW30j69qS17aS21K/57x5n6XqRaLryaLbs75683pRst4RrZ7oHiu1ISPG1vze4ffNb/ZokW0sDrv7tiVpnLV13Z4tpuT2BieV4IkbCi/euleqodLlUs6mZvWx8hQK8+FL3hxqdSUfUuu6NXNkzzpW5N3rpLt37NJgRE0tXjSLk8uITk+x8hr75bvq6zrK5IAkZ0WUMrI956VeX97VOYlahvcS58x07pxezsjA8LKe2bJPChefK9rtS8ZKx3qV0iPH9UN3tvMcXvKYrUWoV1pJsdyecIluWRReJO8ljGX2em0Xa2+nPc/li5lfYYBA0Pn/GFmK9FkBoLSRODY8imbrNhmwWGZqQeFMgnL10p29Nu4DJwEJcG50N/loY/h8pZdLTYNxlTNLtrIUFjzP3l/P81hhkHbWnWm8d2GK5Q5sWTsQrXMt01x5/sotfgBzrl0Z8PULVfQ+EHeOMz1jadEaPUUdNqQw261BTVBhl6dZxvFbZO/VT9I632z35LGMcl8JqKIFUo1T1aU2lfT8jn0+0goQ6V08tblzlbNhpfp5kq6uGod24g5gX5DS2yj5oIRXZqeVlqwArQ/oq7dlLYOafdHdqJB6j/XNTitdFYW0ymy02slbxsyD8/u0e0vryWhfaS8v50M3iO4oNfvrTarNfm9Lf/37zx///f3nrywm31iLLlvprVrQJT/YjTnYZgSVnnep+/qzMudKSw7CQDn+kKSeNvK0Ax/L6Tq3+/RIr/tuCz3cZpz03s77nshFm1pvXZpEQvshi+usXV4qPvJ2Ln51zA9ZdHETp0If1P7jJa1Uqrtfz6bT9hyh9tKuIqUGkg00pvKj6wnivZbRqWkUSK3mp7SVR6NcdaWm0T3L6UdvRSKyksRcME0Z+4FAgpAmw8sTatudrSCr1HZ9Hug69jTuHF/hCMHpA/bfd7wnrz3kXqj62ZC+j69z0cfppS/DcaSlgwq2GOWMA5hXIJD5yi+uPkVgRSdgtsv9zKkFx6EavEi5GKsp1VptUtLYrrW9k9+kJux15d3g0+qGKRTHZjw1baMHXnOO/FzHFJt/pBwy39rYaaSIXQG25HeaoCFYsI68fGS72RyoXlKlodp6g4BoUOcntP79Zp+3AMTqGUk6nPmGgdp5STHJeT+cRhnT6b9Zw2vmPiIB4vPzGkeNuziziXK3Ki5JTkyQ8IqNMEuY3w+6nsAu3McD/HypcCz8gq+f7tuPg/C7PLXq0YCAfSfeYcSLMLJXmc0XS5geb46+ot5tAulet22QMpZRuOnXJ8xxAqp9/tb2Szgv1GDAxNRXkwk3ac3w9ONK6afjNZ1jVvM8/DHl3k72L1Zw+P3BsLxaoumJtPCaI9hIK9SMR+EqJRiPTfOb6AzLDvzPByfxPjbAS/jTjU7oyPCkiM87YJJKnpviX764roTz9eW5t09SWyE9apofH9fM0z+TfDvqKmOLfoUjE1PEaQxDAxME45aP7Vbtm2/pCQ5T+SGsjGxSb4CpkGaQEfC4K1NLCpVbB8yh8kUtfJv8neMwLVmk5ov0+QhJ3HN/G2vDg0Hcau4AsHjo+HLSAm8JR1xFPjCRKVngHFeu9zrqPD/X7Yd4iDVyQHWSzDpqLlw6e/D5mN370rACZpQPTIjsV2cmfXd4wY2/jLe1CO6e34Ig7aAr/5K3smvgcpUIaIiTReBiKIaGQNS+xMH4hIxf8x4bOzhp8vfnWsD3+RPVPUg1/QQBWUC0pElYVPyWDUjIUzaVvA22Uwa6G28e3P1MftiZ7ced3D7P20P5c4ocVhzWjf+5u5KNWDyv1nQkts+z4acNDII4npvR4wKG5B8Dewn5ermHCRIMIFy/7QBT2Y+g2fPhXY0E6KVM/1gz8W1WFhTLWuNl0SbUcC1pB9Z2cUYXFN3QH7I3EqDZfTXC3x3pnT32JX/7+nafR1bMfjDvsECUdROZ6VtPyu2c3z9Zt1axGlaERR0C1BrYX2FRWTgM/AtkzXOeJXbGYMmxs0Z/E8Va2Rh3fvdz23ifxFhO0ZLRJRtkm4l9yoghCg/WosbWx00E9yLGsRMnZV+6pHiwdbHMLNQBPwGDkGOc03oMZWlJ2CNBin32DT/apRxQ/DLz3kNM1D5q6m4VG+kfhPVjImceHLrUyxZ32DYMIz1GYIDe+9ZgxQ0pvPNSeUdM5bFopH1QMqsURo35k7OAcePlToBiRnChImv0hrJnrgDyqeNr7KCDFkvi1bavJEo5WCT7mPQvJti60b7gIteVE5BKJSYQ4Sehi0jIIqqjA/Ln8Ebc26veJD9eyLdtdoyUHY21hugRSNnPjG/kvwE1zQOiKQwAAA==
pool.admedo.com/ Name: tuuid
Value: 338f4f5f-a8e6-4695-9669-71dd34e1ec0a
pool.admedo.com/ Name: c
Value: 1655528429
pool.admedo.com/ Name: tuuid_lu
Value: 1655528429
.spotim.market/ Name: a323548
Value: 8890989073348379753
.simpli.fi/ Name: suid
Value: FCE35E6F61AC44CA9A27F932D3162AE4
.adtelligent.com/ Name: a289656
Value: b4aa3df4-0a31-4bd3-b7fb-2433e7b3325c
.adtelligent.com/ Name: a323546
Value: Yq1b7CMSAqsT5-pQYqA69QAA&301
.turn.com/ Name: uid
Value: 3699384941058415959
.adtelligent.com/ Name: p440467
Value: eaef3e8ad51b439f8299d617ffecd440
.w55c.net/ Name: wfivefivec
Value: 5tBk1kwx1O2qzr5
.nrich.ai/ Name: _nauid
Value: ff903a9a-97d4-4f9e-b0cc-669591a9b4e2
.w55c.net/ Name: matchpubmatic
Value: 5
.bidr.io/ Name: bito
Value: AAJjQk7FWrgAABS2_Bl6yg
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8890989073348379753&KRTB&23339-8890989073348379753
.quantserve.com/ Name: mc
Value: 62ad5bed-b9137-74573-098cb
.console.adtarget.com.tr/ Name: a318342
Value: f46b4e9de06a6769
.mathtag.com/ Name: uuid
Value: cad062ad-5bed-4600-9a34-dc28e18bdc19
ads.playground.xyz/ Name: connect.sid
Value: s%3A-IydzbutM1qduNaH9gJLSLYP2600JjnF.EKsS5g7RFMnLRGSL8u8x5sFlflp0E%2FMFuYwVjVOICuk
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?hwQwua!]tbPl1M>e)ZlrFUfJ+tGXxp6LaTY*Pn<$a:+#DiN[[l.IOLqaOyzM4BKsgz3If)y3KL9D3I?+dmE4/6
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEOCsErcc7ilZrLKa6HT4bIM&KRTB&22987-CAESEOCsErcc7ilZrLKa6HT4bIM&KRTB&23025-CAESEOCsErcc7ilZrLKa6HT4bIM&KRTB&23386-CAESEOCsErcc7ilZrLKa6HT4bIM
.quantserve.com/ Name: d
Value: EMoBDgG0JoEO-TA
.inmobi.com/ Name: idsp_c
Value: 7ed9a0fd-ebef-4282-878f-df286dbac497
.casalemedia.com/ Name: CMRUM3
Value: 2d62ad5bed2760
.ipredictive.com/ Name: cu
Value: 9352bfff-eec3-11ec-8c0d-337669439089|1655528429935
.tribalfusion.com/ Name: ANON_ID
Value: acnseFr2PKcFuYnRYa73ZcKxlZahZdLoOs5x8IaXk5nbfnWFSwyOcxH1i7htMn0GA4yfL5Zb6Zc3s7dPUQyG1mGgZa
.rlcdn.com/ Name: rlas3
Value: I2St69oynOxcO2klpIpr4YW4H2m8PpP7B1ufmSSZ5FI=
.rlcdn.com/ Name: pxrc
Value: CO63tZUGEgUI6AcQABIGCOndKhAA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-U0PoR1AT7EdIE7ASVkakFFFEvhBIQbAbBhPK8QkP&KRTB&19420-U0PoR1AT7EdIE7ASVkakFFFEvhBIQbAbBhPK8QkP&KRTB&22979-U0PoR1AT7EdIE7ASVkakFFFEvhBIQbAbBhPK8QkP
.mxptint.net/ Name: mxpim
Value: R1D530_F1A5DCA6_C629DF7.1.000000000000000062AD5BEE
.audrte.com/ Name: arcki2
Value: 41hbWGgowElQm2avfzXj83L0A!20210804!1655528430865
.agkn.com/ Name: u
Value: C|0GEAAAAAAKkAYbwAAAAACAQ13AQEAAQpAAAAAAAEABwAAAAABo2uw__8eAAAAAAAQ6jQAAAAAFAYbYwAAAAAKO3h1AAAAAB94TosA
.casalemedia.com/ Name: CMST
Value: Yq1b7GKtW+8A
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2022061805003100096584370556
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62ad5befd28f84ad
.addthis.com/ Name: ouid
Value: 62ad5bef0001c0c00bf72d6992df303db1e3955360044ea8dc3d
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220618
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.fiftyt.com/ Name: fifid
Value: 8f68a124-72e5-4a47-7495-5ea2aacc818a
.fiftyt.com/ Name: cs
Value: MTY1NTUyODQzMXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fF_cvaNhzSKxTHd8nUCdOoILWgGmfR5BGE8rY6OPcJ5B
.onaudience.com/ Name: cookie
Value: 26cb9f1e1fee4f6d
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: SyncRTB3
Value: 1656720000%3A8_240_5_96_166_22_55_165_3_99_239_220_56_234_189_104_71_233_178_204_13_7_176_57_21_222_231_48_54%7C1656374400%3A63%7C1658102400%3A224%7C1660694400%3A69%7C1656806400%3A35%7C1656115200%3A15_223_38_2
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-39d0b3bf-b0fe-49e7-9937-f3a3bc4ada76-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.onaudience.com/ Name: done_redirects147
Value: 1
.fiftyt.com/ Name: fppm
Value: 20220618050031
.onaudience.com/ Name: done_redirects104
Value: 1
.semasio.net/ Name: SEUNCY
Value: 537778F805FA3A03
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.onaudience.com/ Name: done_redirects162
Value: 1
.adtelligent.com/ Name: a281178
Value: EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e90f8806-79db-4a37-51f5-5f6891975699.H6PpnnjJcHHkb3t67i5AQapn6rLrbdT5%2Fccavnx6D1A
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A6Q-IBnnbSjdR9V9okZdWmdmKxGM.JkbhbcfocGMZ87amE7e1Em0LBBD9sD3MCgp70EorCJc
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 156631:4
.pubmatic.com/ Name: DPSync3
Value: 1656720000%3A245_228_201_197_219_236_221_226%7C1655596800%3A174%7C1656115200%3A164
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1655550032216
io.narrative.io/ Name: io.narrative.guid.v2
Value: 94c5b0e0-eec3-11ec-a9a5-06119d0d8b4f
.c.appier.net/ Name: _auid
Value: FnaQv_xFBbex3tZn8FutYg
.pubmatic.com/ Name: PugT
Value: 1655528432
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-FnaQv_xFBbex3tZn8FutYg&KRTB&23130-FnaQv_xFBbex3tZn8FutYg

12 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: http://cdn.admixer.net/scripts3/r/vast.js
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://tags.bluekai.com/site/87734?id=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=d29c1f50-d7d1-4bbe-4dd7-6f17930ebcf0&reqId=f8a62767-261a-4de7-613c-a62eb94e3f16&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://idsync.rlcdn.com/420486.gif?partner_uid=EB23AA9A-38DD-4D6D-A333-539FDFDFCF13
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v89.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v89.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.go2net.com.ua
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
adx.adform.net
ajax.googleapis.com
ap.lijit.com
aud.pubmatic.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
c.bigmir.net
c1.adform.net
cdn.admixer.net
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
counter.yadro.ru
creativecdn.com
cs.mobfox.com
cs.yellowblue.io
csync.loopme.me
d.agkn.com
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
io.narrative.io
js.cookieless-data.com
loada.exelator.com
loadeu.exelator.com
m.trafmag.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.owneriq.net
r.i.ua
rtb.adentifi.com
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.ipredictive.com
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
zdorovia.com.ua
cdn.admixer.net
104.102.28.254
104.111.242.245
104.18.2.81
104.36.113.107
104.36.113.68
104.45.178.220
104.89.45.32
104.92.74.8
141.94.171.216
142.250.184.226
142.250.185.70
142.250.74.194
143.204.89.56
144.76.118.233
146.0.227.107
146.0.227.109
151.101.193.44
151.101.194.49
154.59.122.79
162.55.236.225
169.50.137.182
172.105.203.31
172.217.18.2
173.231.181.122
178.250.0.163
18.156.0.31
18.198.126.47
18.210.31.151
183.110.238.136
185.184.8.90
185.29.132.245
185.64.189.110
185.64.190.79
185.86.137.131
188.42.191.196
192.82.242.209
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.19
198.47.127.20
199.115.119.227
2.20.157.55
2001:678:cb4:bbbb::11
205.234.175.175
212.82.100.182
213.19.147.44
216.52.2.19
23.205.235.133
2600:1f16:e61:3f02:8513:7dd7:332b:6625
2600:9000:236e:f400:8:48e:53c0:93a1
2606:4700:10::ac43:db6
2606:4700:4400::ac40:98f5
2606:4700::6813:ac6c
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9d
2a02:6ea0:c700::19
2a02:fa8:8806:12::1370
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:400::300
2a05:d018:24:b002:9c86:618d:a8aa:eb77
2a05:d018:d29:3602:1396:457e:6f4c:9f77
2a0c:5c81:5139::2
3.120.214.218
3.216.198.78
3.68.169.133
3.81.232.90
34.102.253.54
34.111.131.239
34.208.170.188
34.241.232.111
34.98.64.218
34.98.67.61
35.157.1.22
35.186.253.211
35.201.96.126
35.210.53.219
35.227.248.159
35.244.174.68
35.71.131.137
37.157.6.241
37.157.6.245
37.157.6.247
37.252.172.250
37.252.173.62
38.27.122.101
38.67.14.233
38.91.45.7
46.249.52.248
5.178.65.245
5.178.65.253
51.15.145.115
51.68.39.188
51.83.220.94
51.89.9.252
52.18.233.6
52.201.183.195
52.208.103.128
52.208.25.247
52.222.139.112
52.30.64.95
52.50.170.21
52.59.94.57
54.145.48.80
54.210.33.215
54.229.65.185
54.239.37.45
54.72.207.25
54.76.64.233
54.76.93.140
54.80.163.3
62.149.0.72
66.155.71.149
66.155.71.25
67.202.105.32
69.173.144.138
69.173.144.139
69.192.160.219
77.123.132.26
77.243.60.138
8.2.110.114
8.2.110.206
85.114.159.93
88.212.202.52
91.210.190.92
99.80.238.5
00a42a3f93c0d989a715e5e3625caa7102bd6e85ec6d6bbcf6d666c3c2ca1c2b
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01be294156c8acb3762d3790f451b165b9cd4d1123ed7ec7c060aecb5c345a38
0248d7c751e5cf041251a64fcb1bdc4da8ede013e07bb06efb3737389374c67b
033a53416c1a8de97aa263b853cccc6c938fabce45a09a6938f963368b674c1b
041b720a27ba9cd900698269aac9715cad486a2e6fd636c0f552b13db85dd618
04f03301da92131889e42b6df23e9e33b0ba12e706ee463b32a22bdf7551856e
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10ace273fe1b5fd75ff60b49ac8538aaa7146b6657aefe6b6b7caea2e145143c
116ecf73c63439f961f84e512b10db82b11998362367b48c5daed9672e002c12
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
126f811e0afe1b7f004f3edbea475094a2c22939e1ecfcdd0a7e86feabd4da27
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
14826ac7e71aa382242c9411704b011152300bf40e1627595076a2480280b8af
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
164af201f5fbd33692ad8492c4b6fbb086826e7abdecbf9709ff144060540fdd
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b599314de4de0c9b6328caf1b7a000264104d924783652feef6e3723cdf7a1a
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1b9d3e2ada8a87ba2d19833bdeff4fe6b465fe69f698458441e0e33cc6760a34
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
1ddc22e9d23840a7b5d4f182317729bc3a78999d146651a19ee891e1524f82e8
1e6a0c64b4a7981aa23428a74a873d07e312a7999336272d049e2b28cd37c92e
1ea884399a98d6eb39dd9052e1b92f88bfe3570a2ccedba802c806dde93793e3
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9ad127c49eeaf97da6e47928b0f38fdb897cf9531abb9acc167e4406c0fb8d
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
3081fdb997550e1b562838d4d04e31fb73a67749cda8dec8c58cf9381a91e955
318b465c266078e1fd5ee3a2abf43aa238f70bf53f6b4716f317f1035b606aa5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32aefdfce89c4a4696f3e8619b5e8943eaea71f5532723df2d84a67e1eaed8d0
3322e4697d424c705cfe921a4086dbb13982e9265276ced4e8a002ba6da78bed
36a8da27761c6a7da49ef118a7fddebe35de19ba42686eb05cb25d47cd8bbecc
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3a49ca12d6a5e621c12c4747d0c6fcd7876a5b71cc4c34c11b07f92f9563207e
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d130e5e3ac56a96f4a30983edc991604d52492088e772164395588ac4cd4cf
417dbce419383072377a955804304271ad17feb16889c06d05023898df3b6a49
42664f9e0f4f18a21091f2eddca5d06ab4a1cb832d47eae22cbca6a6dcdceaa7
4440b4ee008d9f1725a1df1257da07a2d2d6aa238e4b9569cff88dabcc240a9e
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6
4808ac5d99ea06411190f330780a3f8d8bf96b3e433137fa64bbc4307b6788e3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
498e70d10508acefa3670ef3a1de3a9b252fede49222f69ec64d5b8ec66f5653
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb2c41996cfb9e06eba6db293774f4245d45f82356e7827dc14ca7782781ae4
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4fa54724a400db40d8399022a241b22fdf7cd972799ae5024c7c630b70956c75
4fda904937d6614ea5e77748233c6694ad9387b66126b14b2a40aa0786e47d9c
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
543e9f02671e13d4e6fc561d24865c9c91019a7a3c82a9fd6224c8bc5bb3d577
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5b406f9836e39bcde1407fb83870e3dd8bf4ec3a7138667a896f9d0550623ead
5c648b0b18c0625108e728131807e2ea6cb26708931c7f8f13e4d419589a146d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1
67f2309f738daf8efbf8a4553ffaccad9a09af416d0928436c6eebcbb82a8b80
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6878cc39c6cc495ccec724032941f9b04f0ca1652d6d6913719e3bede04b00f8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7
713b1f4af50233e8a002ae691629fe3a3ff822aa59549efa3b12edba2742e8c2
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
71fc8608a89562a2d3f01432fe9119be5591770b3009203536c1411186197e62
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7eb5fad81b9af9a0fa3f5574dbc0294f8babc522f2f44f31ec9ef54f983ca557
80286e0801df9518d1d1d1181974c1e7b0dd6e73c6f39db55967e215d41a2d91
82c5ada682ec68c6930789823a1006dd6bc50467a752b30132d30bb2751885dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83924e1048daf674ec6d237889a0afa30392cd58147e9dbbcf672ba58840293d
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
8749f0e5d877970a6e18f0f54255eaa8556203435950b181f4c6bcb7fab6f5f1
899d15258aeeae0290bc6105c829ee74ea051be865c11c40f4d62a627d225f7b
89fd4af64417c1e293ed1eacc3059b01562fa8257c797fc0139fe8563f724195
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8c046437526bcf825118fdf7807de310d676badb0d699e9f5c5f75ba74567577
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e9ebaee81871691ba0ae4ea0d1d6d8f375bf61106c4bb03e70daf7179ec0032
8eee7b34356fcf9fe076bd973b7f78014097060ab9482cb5dcd53628e32e2be0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f0d370040854764327b438aaa978105ba66f1d22a2d16f8abf56fda88cbc10f
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2
8f8e518cd706f3f6c743f964efa6f5cf3a4f2ea5b589694dec8ed2295b4f2bb8
9043a9e2e52540b62b0cf26876c12deaa90f9a823e3c086289ad60da9acffe92
9512d278447b44b098b5fe881370420b8b041939444a591b5eafd1e6e071f5b9
9538fee78ddf1caecfc4a79c15698666bf4389559e4d7b1e2ea7ec88ab21c075
973eae95fe89b961d73d4c9bbda445bb635a1f612344a3a856ddf7b14ada3a82
97f32e91299bde607792073c91ef8126fed3cad7fd85fac03fd7ec491925c778
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e1f7f30256ab164bcd52ba6331097ae879d262b8aa2b664f507ef6c0db7671
99eb6feb78c4ee3e06191b8f3c7e6ae11f64259d2c13cc5278b6ff011e81e6e4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7111762386df8ae32f24b77c4c06dff3a93ced7c881107844042a4d680c698
9c1b12cd0b9f4b2c59c8680c5003baa750b6a91ef78f86d2ca38167b6796ec7c
9fbad9dc1e6fef17269b949d872b1f58ffaba7e151fa7673b86c684563c35d1b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ce86b84eb7fea4333f16d9d5e38f1f3c51e9b290e91e026237dcbdaf6d4eff
a1f355917975294d469cc0cc61fba71e7130332b31d32ffc9c1f7885fa536da4
a25d6f11535532e928c979bcec6cce4a3b573affee1914d560dcc79ea33f8ae6
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a2b25b3a0039520af25c01dd7f6369a7eb6f9290ca4f834ed16a5a7c7fd15340
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a47acc0b92a6ea61ab43eb578d2ff72eff98efae7c038e0169317f887207170b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a677c56a225d794f990a2bdb8176317e4a96c9a0e635ec1ee7ff286e91d889b5
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
ab420a1b05301d25dd20fcd88331d007bf6208241e9ea887b5e6fe3ff89f730b
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
ad90c72c916983c74bff0e9d17a9bd5f1511156dd0b14fdebd495ac008b29765
add382c20d26bd6af58529580a87192f0ae0262f850c8b841e03f88377a9b989
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b5c099e51f583677c365ac6124f224849c308ec1d0060dde244446cb7a5dcd74
b6219a44d9382b0a23279b6cbb37bb29326f0892fbd19bbe836f0ce642bd99ee
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b80373045e99f69b1ad509576cd1d5ba53237508826acddde57e6e4e05411405
b92c0caaaf082b47a978444807a3f8214377afd2d65ea9ad40e118295392bf68
bca17b78a061d3cf3646f02a1190569af9a4c7f65a589825dd4ababd2b8a3312
bd43e9afffa375b83820ee779c0f2a917b6e65ddf822ae21c6b0cfe9e9a5c3d3
c034daef6117147838e13f45c7d42eb266865306f538f75f563f1e81ede8c0d7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b1348622fc97e3f0f6e0272b5707fd75af7bd22e5996b6337c233b94cca504
c3f1a25bb7eb1868d1d49d105b6258c216e98621508b0232f0da4990a3bbad19
c8392aa4e41dd8b5e6379fd5350e7921f0a41b03ce25dae5e822b276e2a93be9
c891b4573deb77134d5e06ea8da8e89ca0000a0c2f7c97ca1b17f8279b84d428
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
cad0abc84efa9d7d6013414d63ae9d73b854e711ebb8460fee5510b54c79cab2
ce39bcc2263a3cd16e47ae1527b8d7ee5bb65b46252999a238dd63ca29cebca6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1393a1a39514819587ea7f328eaa5227e14d01f362dd5db1adfc30aeaba18a2
d17374880c2515db062a5ecdc88c4fdab00fb1387d0286ecf79c2586b44ff759
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
d594086269da364755f21fab9e106268cedbf7d487ea35f67c0c36126d131b82
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dafe1c6c712bcc6b09de2739ffaff263b8c40efc85177850ec348eeca8f7c985
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
dce3317e4e31854ac210f5546d82dbb98ab17676cf96f920a4231cacfdd43ddb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de4270e83db860b53ffa4adf95e9dbdd6392a3813fb54cb13fe258fdd714e338
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e6bbc3e3680c3f70fc45eb6da89c56eb004819c74c43e612a88bb16c443a4afb
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f
eacc5c1f227757577961e63cdce9fe3068f7e5562e0c8c2c58f37350e04fb251
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed14c8f2a126d78e1423face18245b9d7070e6efefef46c870ed4c70658d11cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe2d0874a4d2d1e8bd38eb0fded111968ce47bea2e0a649e9190eb1a054990c
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a
f1a15b8570e28e22cb06091c917bec0b136a46100f856dba51b96b34b52f0fe8
f2215033dfa8c17e7ca34c814dfbb6795f646fb6062e6ccc701c96e8ab74e9fa
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f
f47ddb901a9b694f3c501d3ab5842478b838f473c6b707c8ae5436735ef5ef14
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c074fe7caed85285ceec6f5a877867b78a4af8f1ef0b0adc9a2200da2112d1
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f99cb79fd6ac0ce3561d51bafa271b8c7e5751d541c3d50a432b400c85c6a499
fc8a22b220de93a325e6f4baec8d597162c70dac008cb2aba8453c7857075ce3
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb