urlscan.io logo urlscan.io
SecurityTrails logo

zdorovia.com.ua Open in urlscan Pro
91.210.190.92  Public Scan

Go To Rescan Add Verdict Report
URL: http://zdorovia.com.ua/
Submission: On July 24 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 82 IPs in 15 countries across 80 domains to perform 465 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
57 91.210.190.92 48440 (AS-EKVIA)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a03:90c0:41:... 199524 (GCORE)
2 104.18.3.81 13335 (CLOUDFLAR...)
2 4 88.212.201.204 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
6 31 51.83.220.94 16276 (OVH)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 2a03:2880:f02... 32934 (FACEBOOK)
4 22 146.0.227.110 29066 (VELIANET-...)
1 1 2a00:1450:400... 15169 (GOOGLE)
3 10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 146.0.227.107 20773 (GODADDY)
13 19 142.250.185.226 15169 (GOOGLE)
4 193.200.65.6 6681 (GIVEME-CLOUD)
2 104.36.113.35 62713 (AS-PUBMATIC)
8 12 37.252.172.37 29990 (ASN-APPNEX)
1 3 185.184.8.90 204995 (RTB-HOUSE...)
1 5 5.178.65.245 50673 (SERVERIUS-AS)
4 23.227.150.210 55081 (24SHELLS)
10 51.89.9.253 16276 (OVH)
3 3 104.18.19.126 13335 (CLOUDFLAR...)
4 2a0c:5c81:513... 55081 (24SHELLS)
3 3 199.115.119.227 30633 (LEASEWEB-...)
8 8 35.158.200.182 16509 (AMAZON-02)
1 1 188.34.190.35 24940 (HETZNER-AS)
1 1 51.68.39.188 16276 (OVH)
2 2 188.42.191.196 7979 (SERVERS-COM)
4 72.251.249.13 29791 (VOXEL-DOT...)
1 183.110.238.136 4766 (KIXS-AS-K...)
2 82.145.213.8 39832 (NO-OPERA)
4 8.2.110.114 46636 (NATCOWEB)
1 2 144.76.118.200 24940 (HETZNER-AS)
2 4 194.247.175.26 196831 (BEMOBILE-AS)
2 2 3.126.56.137 16509 (AMAZON-02)
2 2 176.34.161.246 16509 (AMAZON-02)
2 8.2.110.206 46636 (NATCOWEB)
34 2a00:1450:400... 15169 (GOOGLE)
2 31.28.167.114 15497 (COLOCALL ...)
5 77.123.132.26 35680 (VOLIA)
8 24 18.210.31.151 14618 (AMAZON-AES)
8 5.178.65.253 50673 (SERVERIUS-AS)
1 5.178.65.246 50673 (SERVERIUS-AS)
6 6 23.203.77.3 16625 (AKAMAI-AS)
12 104.117.200.100 16625 (AKAMAI-AS)
8 104.90.104.242 16625 (AKAMAI-AS)
4 205.234.175.175 30081 (CACHENETW...)
1 19 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 35.227.248.159 15169 (GOOGLE)
5 6 37.157.4.25 198622 (ADFORM)
3 15.197.193.217 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
3 192.82.242.209 62713 (AS-PUBMATIC)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 34.249.212.46 16509 (AMAZON-02)
1 18.198.126.47 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
2 2 185.86.137.132 201081 (SMARTADSE...)
2 6 54.220.48.180 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.156.126.13 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 34.252.17.141 16509 (AMAZON-02)
1 162.55.236.225 24940 (HETZNER-AS)
2 2 151.101.66.49 54113 (FASTLY)
1 52.222.236.12 16509 (AMAZON-02)
1 1 34.224.113.183 14618 (AMAZON-AES)
1 2 52.94.223.37 16509 (AMAZON-02)
1 23.3.108.242 16625 (AKAMAI-AS)
4 4 52.215.229.217 16509 (AMAZON-02)
8 18.66.248.33 16509 (AMAZON-02)
6 69.173.144.138 26667 (RUBICONPR...)
4 51.158.29.13 12876 (Online SAS)
1 3 69.173.144.165 26667 (RUBICONPR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
4 24 62.149.0.72 15497 (COLOCALL ...)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 67.202.105.31 32748 (STEADFAST)
4 4 54.155.65.255 16509 (AMAZON-02)
4 4 213.19.147.45 26120 (RHYTHMONE)
4 5 35.227.252.103 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 37.157.4.41 198622 (ADFORM)
3 2a00:1450:400... 15169 (GOOGLE)
4 3.125.70.222 16509 (AMAZON-02)
1 3 104.18.18.126 13335 (CLOUDFLAR...)
1 143.204.89.102 16509 (AMAZON-02)
1 2 52.212.32.175 16509 (AMAZON-02)
1 209.197.3.19 20446 (STACKPATH...)
1 2600:9000:224... 16509 (AMAZON-02)
8 2600:1f18:1ac... 14618 (AMAZON-AES)
19 23.3.108.56 16625 (AKAMAI-AS)
1 2 142.250.185.70 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 18.192.108.196 16509 (AMAZON-02)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
465 82
57    91.210.190.92 (Ukraine)

ASN48440 (AS-EKVIA, UA)
PTR: internetmedia.ua
zdorovia.com.ua
nashamama.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
15    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
scripts.go2net.com.ua
cdn.admixer.net
2    104.18.3.81 (None, )

ASN13335 (CLOUDFLARENET, US)
i.i.ua
r.i.ua
4    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
31    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
3    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
1    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
1    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
22    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
10    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
6    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
ads.go2net.com.ua
19    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
4    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
2    104.36.113.35 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
12    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    5.178.65.245 (Emmer-Compascuum, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
4    23.227.150.210 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
10    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
3    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
4    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
3    199.115.119.227 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.lemmatechnologies.com
8    35.158.200.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-200-182.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    188.34.190.35 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.35.190.34.188.clients.your-server.de
bidswitch-eu.splicky.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
4    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    144.76.118.200 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de
exchange.buzzoola.com
4    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    176.34.161.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-161-246.eu-west-1.compute.amazonaws.com
r.scoota.co
2    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
34    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    31.28.167.114 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 167-114.admixercdn-s2.cc.colocall.com
content.admixer.net
5    77.123.132.26 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
24    18.210.31.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-31-151.compute-1.amazonaws.com
a.audrte.com
8    5.178.65.253 (Emmer-Compascuum, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    5.178.65.246 (Emmer-Compascuum, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
6    23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    104.90.104.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-242.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    205.234.175.175 (Leesburg, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
19    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
6    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f608:78e4:ddc4:e083:81a6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
3    192.82.242.209 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a05:d018:24:b002:d4fc:f527:7aed:872f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    34.249.212.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-46.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.118 (Rottweil, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
6    54.220.48.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.156.126.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    34.252.17.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-17-141.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    52.222.236.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-12.fra56.r.cloudfront.net
engine.widespace.com
1    34.224.113.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-113-183.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    23.3.108.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-108-242.deploy.static.akamaitechnologies.com
tags.bluekai.com
4    52.215.229.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-229-217.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
8    18.66.248.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-33.dus51.r.cloudfront.net
tags.crwdcntrl.net
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-29-13.rev.poneytelecom.eu
js.cookieless-data.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
15    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
26    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
24    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
sync.console.adtarget.com.tr
2    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
4    54.155.65.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com
ad.360yield.com
4    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
ps.eyeota.net
3    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    143.204.89.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-102.fra50.r.cloudfront.net
cdn.lamp.avct.cloud
2    52.212.32.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-32-175.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
1    2600:9000:224a:7800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2600:1f18:1aca:4282:698a:3145:8fbd:bb17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
19    23.3.108.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-108-56.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
2    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.192.108.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-196.eu-central-1.compute.amazonaws.com
d.agkn.com
1    2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
Apex Domain
Subdomains		 Transfer
60 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
993 KB
54 zdorovia.com.ua
zdorovia.com.ua
1 MB
37 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44129
inv-nets.admixer.net — Cisco Umbrella Rank: 2646
content.admixer.net — Cisco Umbrella Rank: 253942
2 MB
36 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 6944
file.adpartner.pro — Cisco Umbrella Rank: 275505
61 KB
34 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
ad.doubleclick.net — Cisco Umbrella Rank: 202
87 KB
27 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1045
eus.rubiconproject.com — Cisco Umbrella Rank: 598
token.rubiconproject.com — Cisco Umbrella Rank: 703
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2305
pixel.rubiconproject.com — Cisco Umbrella Rank: 333
66 KB
26 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 5107
sync.adtelligent.com — Cisco Umbrella Rank: 3848
14 KB
24 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2290
25 KB
20 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 711
cdn.flashtalking.com — Cisco Umbrella Rank: 951
274 KB
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1792
mwzeom.zeotap.com — Cisco Umbrella Rank: 1448
7 KB
18 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4932
s.e-planning.net — Cisco Umbrella Rank: 7278
u-ams02.e-planning.net — Cisco Umbrella Rank: 60309
i.e-planning.net — Cisco Umbrella Rank: 7322
12 KB
14 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 841
tags.crwdcntrl.net — Cisco Umbrella Rank: 1361
66 KB
14 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 96
4 KB
13 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 587
ads.pubmatic.com — Cisco Umbrella Rank: 485
image6.pubmatic.com — Cisco Umbrella Rank: 634
47 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234
10 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 759
static.adsafeprotected.com — Cisco Umbrella Rank: 559
dt.adsafeprotected.com — Cisco Umbrella Rank: 499
94 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 811
8 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4506
cm.adform.net — Cisco Umbrella Rank: 1608
3 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
4 KB
8 go2net.com.ua
scripts.go2net.com.ua
ads.go2net.com.ua — Cisco Umbrella Rank: 354515
117 KB
6 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 4850
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5450
3 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
5 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1686
816 B
5 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2912
adservice.google.co.uk — Cisco Umbrella Rank: 4623
2 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 945
5 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 650
1 KB
4 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 6942
2 KB
4 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 37983
860 B
4 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 97129
1004 B
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 5746
516 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 699
1 KB
4 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 87673
1 KB
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9515
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
127 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 462
usermatch.krxd.net — Cisco Umbrella Rank: 1248
938 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
796 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 451
769 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285
cms.analytics.yahoo.com — Cisco Umbrella Rank: 765
1 KB
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 4950
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 632
921 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
37 KB
3 nashamama.com
nashamama.com
40 KB
2 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 5710
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4813
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 952
612 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1294
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 640
858 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 447
d.agkn.com — Cisco Umbrella Rank: 568
1 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1510
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22941
684 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1195
753 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 8743
1020 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 34393
1 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 19513
543 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2408
841 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2101
1 KB
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 132767
i.bigmir.net — Cisco Umbrella Rank: 283103
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 113
53 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 533494
r.i.ua — Cisco Umbrella Rank: 152663
4 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1431
298 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1090
464 B
1 avct.cloud
cdn.lamp.avct.cloud — Cisco Umbrella Rank: 25412
14 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 873
650 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 471
146 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 62063
209 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1992
360 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 926
357 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1672
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7265
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12187
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 629
164 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 2740
904 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3406
479 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 24672
219 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 564
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
9 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 303
30 KB
0 com.ru Failed
adx.com.ru — Cisco Umbrella Rank: 51214 Failed
465 80
Domain Requested by
54 zdorovia.com.ua zdorovia.com.ua
34 pagead2.googlesyndication.com cdn.admixer.net
pagead2.googlesyndication.com
file.adpartner.pro
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
www.googletagservices.com
31 a4p.adpartner.pro 6 redirects zdorovia.com.ua
a4p.adpartner.pro
26 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
24 a.audrte.com 8 redirects ads.us.e-planning.net
a.audrte.com
zdorovia.com.ua
s.adtelligent.com
22 sync.adtelligent.com 2 redirects s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
22 inv-nets.admixer.net 4 redirects cdn.admixer.net
zdorovia.com.ua
ads.us.e-planning.net
19 cdn.flashtalking.com fw.adsafeprotected.com
cdn.flashtalking.com
zdorovia.com.ua
19 cm.g.doubleclick.net 13 redirects spl.zeotap.com
googleads.g.doubleclick.net
15 mwzeom.zeotap.com 1 redirects spl.zeotap.com
13 cdn.admixer.net zdorovia.com.ua
cdn.admixer.net
scripts.go2net.com.ua
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
s.adtelligent.com
12 ib.adnxs.com 8 redirects zdorovia.com.ua
spl.zeotap.com
cdn.admixer.net
googleads.g.doubleclick.net
10 onetag-sys.com ads.go2net.com.ua
ads.us.e-planning.net
s.adtelligent.com
10 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
8 dt.adsafeprotected.com googleads.g.doubleclick.net
8 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
8 ads.pubmatic.com ads.us.e-planning.net
s.adtelligent.com
8 s.e-planning.net ads.us.e-planning.net
8 x.bidswitch.net 8 redirects
6 token.rubiconproject.com eus.rubiconproject.com
6 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
6 dmp.adform.net 5 redirects spl.zeotap.com
6 secure-assets.rubiconproject.com 6 redirects
6 ads.go2net.com.ua cdn.admixer.net
zdorovia.com.ua
5 rtb.openx.net 4 redirects googleads.g.doubleclick.net
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
5 ads.us.e-planning.net 1 redirects ads.go2net.com.ua
s.adtelligent.com
4 ps.eyeota.net zdorovia.com.ua
s.adtelligent.com
4 sync.1rx.io 4 redirects
4 ad.360yield.com 4 redirects
4 adservice.google.com pagead2.googlesyndication.com
4 adservice.google.co.uk pagead2.googlesyndication.com
4 js.cookieless-data.com s.e-planning.net
4 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 4 redirects
4 spl.zeotap.com ads.us.e-planning.net
4 i.e-planning.net ads.us.e-planning.net
4 pa.tns-ua.com 2 redirects zdorovia.com.ua
cdn.admixer.net
4 us.ck-ie.com zdorovia.com.ua
4 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
4 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
4 s.adtelligent.com ads.go2net.com.ua
s.adtelligent.com
4 m.trafmag.com zdorovia.com.ua
4 counter.yadro.ru 2 redirects zdorovia.com.ua
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 image6.pubmatic.com spl.zeotap.com
ads.pubmatic.com
googleads.g.doubleclick.net
3 match.adsrvr.org spl.zeotap.com
s.adtelligent.com
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 sync.lemmatechnologies.com 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 creativecdn.com 1 redirects zdorovia.com.ua
cdn.admixer.net
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
2 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
2 ad.doubleclick.net 1 redirects googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 sync.console.adtarget.com.tr 2 redirects
2 cm.adform.net s.console.adtarget.com.tr
2 vid.vidoomy.com s.adtelligent.com
2 ic.tynt.com s.adtelligent.com
2 csync.loopme.me 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 sync.smartadserver.com 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 content.admixer.net zdorovia.com.ua
2 cs.mobfox.com zdorovia.com.ua
cdn.admixer.net
2 r.scoota.co 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 t.adx.opera.com zdorovia.com.ua
cdn.admixer.net
2 ads.betweendigital.com 2 redirects
2 image8.pubmatic.com zdorovia.com.ua
2 www.youtube.com zdorovia.com.ua
www.youtube.com
2 scripts.go2net.com.ua zdorovia.com.ua
cdn.admixer.net
1 ag.innovid.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 static.adsafeprotected.com googleads.g.doubleclick.net
1 servedby.flashtalking.com googleads.g.doubleclick.net
1 cdn.lamp.avct.cloud googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com spl.zeotap.com
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 u-ams02.e-planning.net ads.us.e-planning.net
1 idsync.admixer.co.kr zdorovia.com.ua
1 dsp.nrich.ai 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 www.google.co.uk zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 static.xx.fbcdn.net www.facebook.com
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 www.facebook.com zdorovia.com.ua
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
1 ajax.googleapis.com zdorovia.com.ua
0 adx.com.ru Failed zdorovia.com.ua
465 113

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2021-11-15 -
2022-12-05		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-02 -
2022-07-31		 3 months crt.sh
adpartner.pro
R3		 2022-06-14 -
2022-09-12		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-14 -
2023-06-14		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2021-11-12 -
2022-12-14		 a year crt.sh
*.mobfox.com
R3		 2022-06-28 -
2022-09-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
widespace.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
juke.mmi.tns-ua.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-05-29 -
2022-08-27		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh
cdn.lamp.avocet.io
Amazon		 2022-02-08 -
2023-03-09		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-20 -
2023-05-20		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh

This page contains 111 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: DCEB656FB84B698D2B775EBC147B692F
Requests: 129 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Frame ID: 20E4AD16180FD44821EC491A9B233B80
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 41C3F2E156DD7BC9ED715D48C2B1A118
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: E0BE08615F6CDCE86EAF93FFC9E01EC3
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: 0142EF59FFFB140BCA4CAD0C12F7E9E7
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=91722525464651520&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 9FE36100F6799229F03A523C9365A44C
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 14091CCC6810D9207F63BBC0A437F63D
Requests: 11 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: F0B7EDB7BD43724B35C61282B0F1CBB7
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: E4C5B71E03AA544781159256277A781C
Requests: 1 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: CF9E0EED3EBC897969AF6534EDEB903D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 1E3A260ECAA93DDED64CCC34873C2B9B
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: B059DADAD8F46E7EB6BD6313EFDA2142
Requests: 2 HTTP requests in this frame

Frame: https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Frame ID: 2CCD1533AEE0107F0FAB321E154921EE
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 8D4D1040E7197D3C985B3D094FA402A8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 68A92E1D90ED7C84E0D1818209DF88DC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 43655FB2A56324542CCFBDE6BD90FB95
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: CCD758B5B725C107F9D827E9DFA9DECE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc517f48cde9837b9%26uid%3D
Frame ID: 31BAA6140FD68E5C14D61B2BB4ECDE17
Requests: 2 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 3419D73B268DCA0ABCAE2861A5E41D92
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: B535D0EA83BFF4D4F397419BD1092090
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 08032F21A3E62782C930F2DC71FB2426
Requests: 28 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 1E192F2FB5712E9C1783CB84695B6903
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ANqxpiOEYKmjGHUN
Frame ID: 2DFA52834E8C10D20137B6A10F66A08E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 71A7C3DFC1296F18734F63B5EE1B9BCB
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=2&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: BB1769477FEA0AB120B691108ADE9CA2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Frame ID: 8A6758F6AA433E4822CE463BF41F0746
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 2B2CB25AFFD4154D27CB8EEE91E13FFD
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: F1DCFB5D4AD86AFBB4DF7B8EBF8A5D5E
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: CB97484342AAF61D9D044E9A4C0B854C
Requests: 10 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 3884C77F3D73D64E839A38C49265E235
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: EFC391454CEE4EB2EF45BEF152777DCC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D14a719581c14a7e1%26uid%3D
Frame ID: D85E2FE899E45E7334EC12DB34A9DF15
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 03243FD5515C154360DD1E80D211CFCB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 765CED4FA668DC9C4D9A91A9B7F4985E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 4A9C1B8F98E7E164D3414F80A5046154
Requests: 2 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F35ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk3LCJzaG93X2lkIjoiMzVhZDBiZDAtOGFhYS00M2E4LTllYjItY2U3ZmIyN2EzNzQ0IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc2b73b037b8727c2a6c15e1be02a1fb2&showId=35ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Frame ID: 00C35B779A520D9E212F583D3FBBD81C
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%252235ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252235ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 49C9F25B319CD578B32B37C98B21C432
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%252235ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252235ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 71E91373DEE5F5776E72096A6CFC7549
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: D0A21E8604FF086BCBED9B1AFE09B64B
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ANqxpiOEYKmjGHUN
Frame ID: 9742916C313CFA8B9F5B58DD74B72A2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Frame ID: 906180CC5231EABBBE26661F1EFE579C
Requests: 24 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_91722525464651520&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4dc98c99-0cb3-462e-95f8-eee568b84a34%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Daade5f05861219fcbe6685013d1dfd54
Frame ID: A470945F06AE62D9CF14525BD902844B
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: E12D96B966E90154428876CA90D3850C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=3&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 10858C84CA83F8654B524013BA9547AF
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 58C4BC14DF781B9142FBABE997749DA7
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 2F18F477CAFD1ED7736913640ED13E3D
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 4000C2D524F889732C28F2CBEBC5FF0B
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
Frame ID: 7607D1B5CD249C4E4180F32BAE5C23AF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 24013771CC3BE88F86C137402B99FEC2
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=6b3a4394-773a-43e2-8175-3080ddabe572
Frame ID: 56C1F2A415CBD1CEFCFFF93C42BF7038
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 129861321F6E088C067B9BC97EDCD38B
Requests: 10 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 9ECB3EBA5C7FB6DDB5D6B4256EBD2605
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: CAD4789827EC06A645C0DF374C70D58A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: DA16E85239513375AF5865B283F0BAE2
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 28117FB5649E9C88BA9BAD5565495F41
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 5CDBD85E8AF8202F0FD04898064E602A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D14a719581c14a7e1%26uid%3D
Frame ID: DCC467E59E02A133824A1FDE46782D09
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 85A608F2C8A3282725F281192D215D93
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 9469D0CB20DEDACCCA0C2A64E6EBEDB3
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: DFC552B36E61F6940A5CBD84B0BD2C5A
Requests: 2 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: F675570D8DDACE178B191A2E554231D9
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: ABF2A2C7D473BF80659572F09086F359
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: CE5168A1F56BA69F205A0811EBE7DF1E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: F8C91879D202E8EE558E4D3E7D75B572
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 6256DB6C39E7DF26C5DCB094148A6369
Requests: 10 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 5C7C3B33B5E3EE2C19C3C7A1F2FE0120
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=850b0236-402c-480c-80a6-b7e63113c58c
Frame ID: 4FFE4EF7ED8F8EEEAFAAABA7CC26EA38
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
Frame ID: 98446943EEF1466CA56DF2FC93BCD958
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897664&bpp=14&bdt=178&idt=149&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6956674929435&frm=8&ife=1&pv=2&ga_vid=1485705132.1658637898&ga_sid=1658637898&ga_hid=233276771&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3975512580&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531605&oid=2&pvsid=2285910530696082&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2hr25cuqubpf&fsb=1&dtd=163
Frame ID: DCE57D6DE1EF3A30C2A5F06E520F14F4
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F9b394fa9-f974-4c91-bcd7-47a639a36d3b%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk3LCJzaG93X2lkIjoiOWIzOTRmYTktZjk3NC00YzkxLWJjZDctNDdhNjM5YTM2ZDNiIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D115f7c6282d3e7fed0f7f4cd1d8d0bd1&showId=9b394fa9-f974-4c91-bcd7-47a639a36d3b&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Frame ID: 5D615CBABD9E1F69FDF3F615B3DD0929
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Frame ID: A951E7E5E4C39E8DFB6B3E10C7DA6518
Requests: 10 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25229b394fa9-f974-4c91-bcd7-47a639a36d3b%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229b394fa9-f974-4c91-bcd7-47a639a36d3b%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 31EEED589ACBA239533BEFF75669A329
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25229b394fa9-f974-4c91-bcd7-47a639a36d3b%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229b394fa9-f974-4c91-bcd7-47a639a36d3b%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 8101F646C37867AE683BDB8D32731E69
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 2B8DB4A8A1F650099513624280C7BBF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Frame ID: 58836A7163FD565EDFABAB6B21F5D90D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 11357B1989B3E960EBEDE6E6DD4D2A77
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D14a719581c14a7e1%26uid%3D
Frame ID: 345E4890DB9800531780E9FA5CD17307
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 9FADA2ACA5703AC4244DFA7EBA245B5A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 9932C7C5ED55FAC97DF5FAB5F96778E8
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 4CE376BB673EA90492461E8052700CA7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjKut3OATAB&v=APEucNW76avTiKBklMT5BcCNh0cvGRWQUlnMxy0QQMdj3as81ZKIEiSFWKVPzCClso0MlHwV9GwMk52ECn6O5cKtHMPwID9LPRdgTtGiS4Hrzdvstzt7dFAdOTAuR9IBWdrlqcTdTw419wq7j59cpBg22DyjAuKLjPcFRB7defO2i90HGg0XIlw
Frame ID: C108DD444ACC45C5CF1DDCB62A2DA4BD
Requests: 5 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 3CC67339C46A02672DD6AF30CF3307CF
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANqxpiOEYKmjGHUN
Frame ID: 56657218661180A359E5B7285AD18279
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 1B06DE170061A82901581316A7E2BA2E
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANqxpiOEYKmjGHUN
Frame ID: F4B2A736DA10A7F09B84503E0BC45805
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637898053&bpp=6&bdt=87&idt=110&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4811561033844&frm=8&ife=1&pv=2&ga_vid=914494604.1658637898&ga_sid=1658637898&ga_hid=142395123&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2335508554&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44763505&oid=2&pvsid=4049507553015328&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ra71s6cb2tuj&fsb=1&dtd=122
Frame ID: 51C0FE1AAA7F1B37970D778129060FAC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B1AA9CDEC05B2D58B0B613F91904E898
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5EC55558E1DBF280FA9AEC9A241A15CE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 455786BDA9AC1FB2F3B3CAD53DC73E42
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 825D96DEAD3F6A6A06A77C569B9E9368
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7A86D771B9E30023C6E1500AD375878C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E52975C1A4622460D7CD8CC52996D3CA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F391E428262C122397270A9884D37A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C38A927A098F8DB1A3EB1352A0BA8F7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Frame ID: B2D035FE29C5CF2F8D901215B074AEDD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Frame ID: 85090DCA47803DD50473A3B6C2AC77A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4482F5E461E912A67B86CBDF31EF628E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1201E8F0E1AA7A8EE079F6BB20A4341A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 85B435D2DD3B7C1DEBB114B1F68CE5DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CBE68507EF054922D074D4469A21B183
Requests: 2 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/142364/3459938/index.html
Frame ID: 87D96D9E3B53519D94E94AB837B12B77
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7B76446DD135697F4EC5F32E98D6A483
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 4AC412B45A430672B2FE548D41CA646D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: C27E7B556A9F17929D64E6AFDAC4F76C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 3D3D7C8C97D9A3C6950865DCDC91B064
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 0A37101818F38C9B7E293FD12863F563
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 8AAC5785E4207DCD6AD3F04F6CDBB766
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: D6D8312B2069FD4EEC7AE2A4F770CFC9
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: 384A948E3513B249EF65286F062AE86C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=2&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 3EDDCD9921601C3C3FFBC0F8EF0CCDFB
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=3&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: E348CBA645C472666571BB3409075701
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

465
Requests

72 %
HTTPS

25 %
IPv6

80
Domains

113
Subdomains

82
IPs

15
Countries

5767 kB
Transfer

9674 kB
Size

113
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • http://a4p.adpartner.pro/branding?id=1550&0.33768884185370895 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
Request Chain 59
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 60
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.17386228894439304 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.17386228894439304 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.17386228894439304
Request Chain 67
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n462270&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 76
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=397702054&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=1159341915&utmr=-&utmp=%2F&utmht=1658637895734&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1471403332.1658637896.1658637896.1658637896.1%3B%2B__utmz%3D148597372.1658637896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=25850428&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=397702054&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=1159341915&utmr=-&utmp=%2F&utmht=1658637895734&utmac=UA-37123827-1&utmcc=__utma%3D148597372.1471403332.1658637896.1658637896.1658637896.1%3B%2B__utmz%3D148597372.1658637896.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=25850428&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1471403332.1658637896&jid=25850428&_v=5.7.2&z=397702054 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1471403332.1658637896&jid=25850428&_v=5.7.2&z=397702054 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1471403332.1658637896&jid=25850428&_v=5.7.2&z=397702054&slf_rd=1&random=314066616
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=OTRhMDI5ZDdhYjFkNDJhN2FjYWRhZTEwM2M1ODQ1ZTc=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=OTRhMDI5ZDdhYjFkNDJhN2FjYWRhZTEwM2M1ODQ1ZTc=&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESECW4v3uUzyFgzFIea4C8v4c&google_cver=1
Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEJhXNNyg5WhpBmORi6UqJCQ&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=OTRhMDI5ZDdhYjFkNDJhN2FjYWRhZTEwM2M1ODQ1ZTc=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=OTRhMDI5ZDdhYjFkNDJhN2FjYWRhZTEwM2M1ODQ1ZTc=&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEA0nOTw4HvbW_qRITdMHkDE&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
Request Chain 90
  • https://ib.adnxs.com/setuid?entity=533&code=94a029d7ab1d42a7acadae103c5845e7 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D94a029d7ab1d42a7acadae103c5845e7
Request Chain 91
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 94
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 99
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YtzOSCIS9mHvAGg-9CuxjwAAERcAAAAB
Request Chain 102
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D94a029d7ab1d42a7acadae103c5845e7 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=5df0ab9c-0b0b-11ed-8d99-801844df107c HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=lemma&user_id=5df0ab9c-0b0b-11ed-8d99-801844df107c HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=5df0ab9c-0b0b-11ed-8d99-801844df107c HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c3e395b0-7b66-4318-b749-c0b3f93ccb3e&expires=1&user_group=5&ssp=lemma&bsw_param=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7 HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=94a029d7ab1d42a7acadae103c5845e75df0ab9c-0b0b-11ed-8d99-801844df107c
Request Chain 103
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=6c7a823d-44a3-52cd-8828-978feaf459c7
Request Chain 108
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=94a029d7ab1d42a7acadae103c5845e7 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=94a029d7ab1d42a7acadae103c5845e7
Request Chain 109
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7 HTTP 302
  • http://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0D330FFFA74452C9B3473970A9754E5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7 HTTP 301
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0D330FFFA74452C9B3473970A9754E5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7
Request Chain 110
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Request Chain 111
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-CNdWnBJE2uFhMrvY9OU1yOM_UnBFiuO0xuphPWE-~A
Request Chain 112
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=94a029d7ab1d42a7acadae103c5845e7&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=94a029d7ab1d42a7acadae103c5845e7&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=3b18a1ea-502a-4da7-890d-0fc5e4f5e312&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7&gdpr=&consent=&gdpr_pd=
Request Chain 115
  • https://rtb.com.ru/admixer-sync?uid=94a029d7ab1d42a7acadae103c5845e7 HTTP 302
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=94a029d7ab1d42a7acadae103c5845e7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=62dcce4905f7084a09b3294d&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62dcce4905f7084a09b3294d%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D62dcce4905f7084a09b3294d%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D62dcce4905f7084a09b3294d%252526i%25253D1558689590172652147%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D62dcce4905f7084a09b3294d%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D62dcce4905f7084a09b3294d%2525252526nc%252525253D8434999580856941833%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D62dcce4905f7084a09b3294d%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FbzM8eSgCx7JPheJVKZwCKM%2525252525253Fsign%2525252525253D2309744665%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D62dcce4905f7084a09b3294d HTTP 302
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62dcce4905f7084a09b3294d%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D62dcce4905f7084a09b3294d%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D62dcce4905f7084a09b3294d%252526i%25253D1558689590172652147%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D62dcce4905f7084a09b3294d%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D62dcce4905f7084a09b3294d%2525252526nc%252525253D8434999580856941833%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D62dcce4905f7084a09b3294d%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FbzM8eSgCx7JPheJVKZwCKM%2525252525253Fsign%2525252525253D2309744665%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D62dcce4905f7084a09b3294d&google_gid=CAESENSt5Z7c4NMAjRbEZe6O7mo&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=62dcce4905f7084a09b3294d&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62dcce4905f7084a09b3294d%2526i%253D1558689590172652147%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62dcce4905f7084a09b3294d%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62dcce4905f7084a09b3294d%25252526nc%2525253D8434999580856941833%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62dcce4905f7084a09b3294d%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FbzM8eSgCx7JPheJVKZwCKM%25252525253Fsign%25252525253D2309744665%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62dcce4905f7084a09b3294d HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=62dcce4905f7084a09b3294d&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62dcce4905f7084a09b3294d%2526i%253D1558689590172652147%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62dcce4905f7084a09b3294d%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62dcce4905f7084a09b3294d%25252526nc%2525253D8434999580856941833%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62dcce4905f7084a09b3294d%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FbzM8eSgCx7JPheJVKZwCKM%25252525253Fsign%25252525253D2309744665%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62dcce4905f7084a09b3294d&dsp_provider_id=2 HTTP 302
  • https://prodmp.ru/li?guid=68276619618D13186AD8&uid=62dcce4905f7084a09b3294d&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62dcce4905f7084a09b3294d%2526i%253D1558689590172652147%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62dcce4905f7084a09b3294d%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62dcce4905f7084a09b3294d%25252526nc%2525253D8434999580856941833%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62dcce4905f7084a09b3294d%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FbzM8eSgCx7JPheJVKZwCKM%25252525253Fsign%25252525253D2309744665%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62dcce4905f7084a09b3294d&dsp_provider_id=2 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/62dcce4905f7084a09b3294d?sign=bc3c2009&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62dcce4905f7084a09b3294d%2526i%253D1558689590172652147%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62dcce4905f7084a09b3294d%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62dcce4905f7084a09b3294d%25252526nc%2525253D8434999580856941833%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62dcce4905f7084a09b3294d%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FbzM8eSgCx7JPheJVKZwCKM%25252525253Fsign%25252525253D2309744665%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62dcce4905f7084a09b3294d HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/62dcce4905f7084a09b3294d?redir-setuniq=1&sign=bc3c2009&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D62dcce4905f7084a09b3294d%2526i%253D1558689590172652147%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D62dcce4905f7084a09b3294d%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D62dcce4905f7084a09b3294d%25252526nc%2525253D8434999580856941833%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D62dcce4905f7084a09b3294d%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FbzM8eSgCx7JPheJVKZwCKM%25252525253Fsign%25252525253D2309744665%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D62dcce4905f7084a09b3294d HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=62dcce4905f7084a09b3294d&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62dcce4905f7084a09b3294d%26i%3D1558689590172652147%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D62dcce4905f7084a09b3294d%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D62dcce4905f7084a09b3294d%252526nc%25253D8434999580856941833%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D62dcce4905f7084a09b3294d%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FbzM8eSgCx7JPheJVKZwCKM%252525253Fsign%252525253D2309744665%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D62dcce4905f7084a09b3294d HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=62dcce4905f7084a09b3294d&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62dcce4905f7084a09b3294d%26i%3D1558689590172652147%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D62dcce4905f7084a09b3294d%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D62dcce4905f7084a09b3294d%252526nc%25253D8434999580856941833%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D62dcce4905f7084a09b3294d%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FbzM8eSgCx7JPheJVKZwCKM%252525253Fsign%252525253D2309744665%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D62dcce4905f7084a09b3294d&bounce=1 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=62dcce4905f7084a09b3294d&i=1558689590172652147&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62dcce4905f7084a09b3294d%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62dcce4905f7084a09b3294d%2526nc%253D8434999580856941833%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62dcce4905f7084a09b3294d%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FbzM8eSgCx7JPheJVKZwCKM%2525253Fsign%2525253D2309744665%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62dcce4905f7084a09b3294d HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=62dcce4905f7084a09b3294d&i=1558689590172652147&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62dcce4905f7084a09b3294d%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62dcce4905f7084a09b3294d%2526nc%253D8434999580856941833%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62dcce4905f7084a09b3294d%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FbzM8eSgCx7JPheJVKZwCKM%2525253Fsign%2525253D2309744665%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62dcce4905f7084a09b3294d HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=E4hlWdU1JX1BZcK7AwsZ&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62dcce4905f7084a09b3294d%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62dcce4905f7084a09b3294d%2526nc%253D8434999580856941833%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62dcce4905f7084a09b3294d%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FbzM8eSgCx7JPheJVKZwCKM%2525253Fsign%2525253D2309744665%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62dcce4905f7084a09b3294d HTTP 302
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEDHb8npRI_GzF_rZCc5jrfk&ver=1&google_error=&code=224&ts=E4hlWdU1JX1BZcK7AwsZ&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D62dcce4905f7084a09b3294d%26ru%3Dhttps%253A%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D62dcce4905f7084a09b3294d%2526nc%253D8434999580856941833%2526url%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fadspend-sync%25253Fuid%25253D62dcce4905f7084a09b3294d%252526r%25253Dhttps%2525253A%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252FbzM8eSgCx7JPheJVKZwCKM%2525253Fsign%2525253D2309744665%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D62dcce4905f7084a09b3294d HTTP 307
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62dcce4905f7084a09b3294d&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62dcce4905f7084a09b3294d%26nc%3D8434999580856941833%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D62dcce4905f7084a09b3294d%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252FbzM8eSgCx7JPheJVKZwCKM%25253Fsign%25253D2309744665%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D62dcce4905f7084a09b3294d HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62dcce4905f7084a09b3294d&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62dcce4905f7084a09b3294d%26nc%3D8434999580856941833%26url%3Dhttps%253A%252F%252Fadx.com.ru%252Fadspend-sync%253Fuid%253D62dcce4905f7084a09b3294d%2526r%253Dhttps%25253A%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252FbzM8eSgCx7JPheJVKZwCKM%25253Fsign%25253D2309744665%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D62dcce4905f7084a09b3294d&cs=1 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=62dcce4905f7084a09b3294d&nc=8434999580856941833&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62dcce4905f7084a09b3294d%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252FbzM8eSgCx7JPheJVKZwCKM%253Fsign%253D2309744665%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D62dcce4905f7084a09b3294d HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=62dcce4905f7084a09b3294d&nc=8434999580856941833&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62dcce4905f7084a09b3294d%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252FbzM8eSgCx7JPheJVKZwCKM%253Fsign%253D2309744665%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D62dcce4905f7084a09b3294d&cc=1 HTTP 302
  • https://adx.com.ru/adspend-sync?uid=62dcce4905f7084a09b3294d&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FbzM8eSgCx7JPheJVKZwCKM%3Fsign%3D2309744665%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62dcce4905f7084a09b3294d HTTP 302
  • https://adx.com.ru/adspend-sync?confirm=true&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FbzM8eSgCx7JPheJVKZwCKM%3Fsign%3D2309744665%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62dcce4905f7084a09b3294d&uid=62dcce4905f7084a09b3294d
Request Chain 118
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 131
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc517f48cde9837b9%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253Dc517f48cde9837b9%2526uid%253D%2524UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c517f48cde9837b9&uid=4796792589496994157
Request Chain 132
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 139
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=bc1360cc-b5d1-42a8-b6dd-5d360b0335c5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Request Chain 145
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4e82e3c8-6a04-4ed2-a31e-85e8f2d0458b&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 146
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=450af905-f248-4dd7-7dce-ed1d45138a19&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=450af905-f248-4dd7-7dce-ed1d45138a19&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=71573886031389824132527754512650670347&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Request Chain 148
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7123795519236995220&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Request Chain 150
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=450af905-f248-4dd7-7dce-ed1d45138a19&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=450af905-f248-4dd7-7dce-ed1d45138a19&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361&bounce=1&random=1135115630 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=0gAPb9yyM5jd0GwNKiOlLu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Request Chain 151
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 152
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=450af905-f248-4dd7-7dce-ed1d45138a19?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=450af905-f248-4dd7-7dce-ed1d45138a19?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Request Chain 153
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-BTo7OjZE2oqS9baPJ.a7.OSyFssEJhr1qg--~A&zpartnerid=570&env=mWeb
Request Chain 154
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=lwS6x6TnrYoYh6EQFk3N3qo9mqekdomj%2BS41iYitP1U%3D
Request Chain 158
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361&_test=YtzOSQAAAX_iYAAK HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtzOSQAAAX_iYAAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361&_test=YtzOSQAAAX_iYAAK
Request Chain 160
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=O-cbyen2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=450af905-f248-4dd7-7dce-ed1d45138a19
Request Chain 161
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=450af905-f248-4dd7-7dce-ed1d45138a19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=450af905-f248-4dd7-7dce-ed1d45138a19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361&dcc=t
Request Chain 163
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Request Chain 185
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 201
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 206
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3D306ac624-cb7f-4b4a-619f-e7bb4e53238a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=306ac624-cb7f-4b4a-619f-e7bb4e53238a&zdid=1361
Request Chain 236
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
Request Chain 238
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=6b3a4394-773a-43e2-8175-3080ddabe572
Request Chain 244
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=e9e5c140-aef9-49a3-a58a-68590f13d646
Request Chain 245
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4796792589496994157
Request Chain 246
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Request Chain 247
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1658637897804 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5289798569
Request Chain 248
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
Request Chain 250
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=94a029d7ab1d42a7acadae103c5845e7
Request Chain 252
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2ac8a999c60a276
Request Chain 255
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 264
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
Request Chain 265
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=e9e5c140-aef9-49a3-a58a-68590f13d646
Request Chain 266
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4796792589496994157
Request Chain 267
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Request Chain 270
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1658637897803 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2203770994
Request Chain 272
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=850b0236-402c-480c-80a6-b7e63113c58c
Request Chain 273
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
Request Chain 274
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=94a029d7ab1d42a7acadae103c5845e7
Request Chain 288
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3D2760699e-84d8-458e-7723-e7dd637b1fe5%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=2760699e-84d8-458e-7723-e7dd637b1fe5&zdid=1361
Request Chain 296
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2ac8a999c60a276
Request Chain 298
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=&google_gid=CAESEJvJU8T9HicpeuDR-DQouYI&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 307
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7250623845282102256 HTTP 302
  • https://a.audrte.com/p
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHK4lJw3Yn3aB48hrA4bMA&google_cver=1
Request Chain 311
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtzOSCIS9mHvAGg.9CuxjwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHK4lJw3Yn3aB48hrA4bMA&google_cver=1&google_hm=2
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPPCxJ4hyITbRKhEXfDQ8V8&google_cver=1
Request Chain 313
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5Njc5MjU4OTQ5Njk5NDE1Nw%3D%3D
Request Chain 315
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dca71177f-786d-4597-64ae-d2be19a7bb1e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=ca71177f-786d-4597-64ae-d2be19a7bb1e&zdid=1361
Request Chain 354
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 355
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 356
  • https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/1095264/64280668/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=zdorovia.com.ua&ft_agentEnv=0&ft_referrer=http%3A%2F%2Fzdorovia.com.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=97618.43131579306&adsafe_preview=${IS_PREVIEW}&adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417942%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1658637897%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1658637897175%26bpp%3D6%26bdt%3D1056%26idt%3D250%26shv%3Dr20220721%26mjsv%3Dm202207190101%26ptt%3D9%26saldr%3Daa%26correlator%3D8688755512937%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D1471403332.1658637896%26ga_sid%3D1658637896%26ga_hid%3D467089946%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C44763505%252C44761793%252C44764001%252C31067825%252C31064019%26oid%3D2%26pvsid%3D571492599743351%26tmod%3D703096804%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.nqlvn7t9jq4j%26fsb%3D1%26dtd%3D265&adsafe_type=d&adsafe_jsinfo=,id:5a5667f5-80d3-4de5-9e07-ee89bdaccea8,c:jfYXOx,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-69659766b-9mgqg,rg:ie,pt:1-5-15,mu:10000,br:c,an:n,oam:0,nbld:0,mtim:3,mot:0,app:0,maw:0,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:38,oid:5ee5fdb3-0b0b-11ed-bd74-8ef38aebc4bf,v:19.8.327,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://servedby.flashtalking.com/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=zdorovia.com.ua&ft_agentEnv=0&ft_referrer=http%3A%2F%2Fzdorovia.com.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=97618.43131579306
Request Chain 375
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7250623845282102256 HTTP 302
  • https://a.audrte.com/p
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=&google_gid=CAESEJvJU8T9HicpeuDR-DQouYI&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=&google_gid=CAESEJvJU8T9HicpeuDR-DQouYI&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 392
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7250623845282102256 HTTP 302
  • https://a.audrte.com/p
Request Chain 401
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7250623845282102256 HTTP 302
  • https://a.audrte.com/p
Request Chain 402
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=&google_gid=CAESEJvJU8T9HicpeuDR-DQouYI&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 408
  • https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B28121574.340331809;dc_trk_aid=532086528;dc_trk_cid=174450999;ord=1658637898;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&950394791 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B28121574.340331809;dc_pre=CKPSrtbbkPkCFS-I_QcdQ68Faw;dc_trk_aid=532086528;dc_trk_cid=174450999;ord=1658637898;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&950394791
Request Chain 413
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 417
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 428
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEC9p3cehmSl5v7CiVve0trg&google_cver=1&google_push=AehlK4BMTXidEFWojghw2P2NopqmMcxgDsmvS7KsTc7_7OR3SQkrzjeMkMG-ArUg4AAkGZv_EHU3sM1IMYZi88JtaFXMLSzxzgw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BMTXidEFWojghw2P2NopqmMcxgDsmvS7KsTc7_7OR3SQkrzjeMkMG-ArUg4AAkGZv_EHU3sM1IMYZi88JtaFXMLSzxzgw&google_hm=Q0FFU0VDOXAzY2VobVNsNXY3Q2lWdmUwdHJn
Request Chain 431
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELGbxd5w-YA6mtjj-jRMJus&google_cver=1&google_push=AehlK4Arv2GiLGAovRty7IqQ_w4njQyk2JsGLLI77fBOLEGbpRZWd7GM4dX48o1m5fGvPpBeQd17TGRmrqAXoonfiG7mEoALsV0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZVTZJMU8tMi1CRTVS&google_push=AehlK4Arv2GiLGAovRty7IqQ_w4njQyk2JsGLLI77fBOLEGbpRZWd7GM4dX48o1m5fGvPpBeQd17TGRmrqAXoonfiG7mEoALsV0
Request Chain 432
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-P5Y13jlH2-jMajLZ91Sw&google_cver=1&google_push=AehlK4AN_mQRJL-X_KDNUuV_NS3TDTNX2PrmbkCWTm3lZ0xJg3YwBrnl9Mm_gjeZ1Z6w69WgwQrDOcXqFIPuHT9L1ZVMBRvE3vo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-P5Y13jlH2-jMajLZ91Sw&google_hm=YtzOSCIS9mHvAGg-9CuxjwAAERcAAAAB&google_nid=index&google_push=AehlK4AN_mQRJL-X_KDNUuV_NS3TDTNX2PrmbkCWTm3lZ0xJg3YwBrnl9Mm_gjeZ1Z6w69WgwQrDOcXqFIPuHT9L1ZVMBRvE3vo

465 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zdorovia.com.ua/ 		89 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
ae51dd011ff68063542e2d2b360a3814eeaad33c42d543f73d1220f81fe426f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Sun, 24 Jul 2022 04:44:54 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Tue, 23 Aug 2022 04:44:54 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Tue, 23 Aug 2022 04:44:54 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ 		267 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Tue, 23 Aug 2022 04:44:54 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Tue, 23 Aug 2022 04:44:54 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/ 		64 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Tue, 23 Aug 2022 04:44:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 09:22:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
242531
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
30082
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 21 Jul 2023 09:22:43 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Tue, 23 Aug 2022 04:44:54 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Tue, 23 Aug 2022 04:44:55 GMT
media.js
zdorovia.com.ua/templates/default3/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Tue, 23 Aug 2022 04:44:55 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Tue, 23 Aug 2022 04:44:55 GMT
loader2.js
scripts.go2net.com.ua/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-20T21:01:25+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Tue, 17 May 2022 20:48:21 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-24T04:39:53+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:25 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Tue, 23 Aug 2022 04:44:55 GMT
b85d14b0f4c7d3fb700dac03e99bee33db76a2261.jpg
zdorovia.com.ua/uploads/dsn/7d/26/001/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/7d/26/001/b85d14b0f4c7d3fb700dac03e99bee33db76a2261.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
5bae28411058bdc317781ecd7eab90fafa25c679a9eea8c325743547782f1feb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Fri, 22 Jul 2022 08:48:46 GMT
Server
nginx/1.12.1
ETag
"62da646e-4b9d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19357
Expires
Tue, 23 Aug 2022 04:44:55 GMT
00719d0ad446bb4c19231f089f18fa277556be6b1.jpg
zdorovia.com.ua/uploads/dsn/55/9b/001/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/55/9b/001/00719d0ad446bb4c19231f089f18fa277556be6b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2dc65860b89577cfe093a91964c5d8c0ca505f600e199b10ae4e034ff0cefbaf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Thu, 21 Jul 2022 09:18:50 GMT
Server
nginx/1.12.1
ETag
"62d919fa-4277"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17015
Expires
Tue, 23 Aug 2022 04:44:55 GMT
doucmduc.jpg
zdorovia.com.ua/uploads/dsn/9c/ca/001/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/9c/ca/001/doucmduc.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
c17937534b79fd1af365f2e98e4d8262edcb89c02158dc71f54a3dbba8e643df

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 19 Jul 2022 14:37:36 GMT
Server
nginx/1.12.1
ETag
"62d6c1b0-2aa9"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10921
Expires
Tue, 23 Aug 2022 04:44:55 GMT
f15292751a147b4f88daf10f4c5a94421.jpeg
zdorovia.com.ua/uploads/dsn/d2/aa/002/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d2/aa/002/f15292751a147b4f88daf10f4c5a94421.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
3c299d85c164bbdd6657d53566dd74cbc349508fc62a174f3674af234a8c0e2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 19 Jul 2022 07:43:13 GMT
Server
nginx/1.12.1
ETag
"62d66091-2d24"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11556
Expires
Tue, 23 Aug 2022 04:44:55 GMT
aux-head-1614344012-20210226_produkty_3601.jpg
zdorovia.com.ua/uploads/dsn/df/02/002/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/df/02/002/aux-head-1614344012-20210226_produkty_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
98152d185a09fed649566f5d43fc272b336d544a577d01475562388c6c697c8f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Mon, 18 Jul 2022 18:08:15 GMT
Server
nginx/1.12.1
ETag
"62d5a18f-63b6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25526
Expires
Tue, 23 Aug 2022 04:44:55 GMT
aux-head-1571144634-20191015_rabina_chai_3601.jpg
zdorovia.com.ua/uploads/dsn/1e/23/001/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/1e/23/001/aux-head-1571144634-20191015_rabina_chai_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
7d055a46ca72d163a1e5bf69108bd9fd0a2fb324bf17b2556c56f530f97a4279

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sun, 17 Jul 2022 19:32:28 GMT
Server
nginx/1.12.1
ETag
"62d463cc-51b8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20920
Expires
Tue, 23 Aug 2022 04:44:55 GMT
eikpivkpuf.jpg
zdorovia.com.ua/uploads/dsn/b0/17/001/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/b0/17/001/eikpivkpuf.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
499b0de0a7f31ba636995678a50a535cf28bc3553905195df097cd8715676182

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Mon, 18 Jul 2022 10:01:49 GMT
Server
nginx/1.12.1
ETag
"62d52f8d-6427"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25639
Expires
Tue, 23 Aug 2022 04:44:55 GMT
zhuliasi.jpg
zdorovia.com.ua/uploads/dsn/42/c5/001/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/42/c5/001/zhuliasi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Mon, 06 Jun 2022 10:12:41 GMT
Server
nginx/1.12.1
ETag
"629dd319-31cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12749
Expires
Tue, 23 Aug 2022 04:44:55 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Tue, 23 Aug 2022 04:44:55 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Tue, 23 Aug 2022 04:44:55 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Tue, 23 Aug 2022 04:44:55 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Tue, 23 Aug 2022 04:44:55 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Tue, 23 Aug 2022 04:44:55 GMT
kor.jpg
zdorovia.com.ua/uploads/dsn/3b/80/005/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/3b/80/005/kor.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Wed, 08 Sep 2021 08:44:53 GMT
Server
nginx/1.12.1
ETag
"61387805-4f89"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20361
Expires
Tue, 23 Aug 2022 04:44:55 GMT
doglyad.jpg
zdorovia.com.ua/uploads/dsn/dd/14/018/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/14/018/doglyad.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Fri, 29 Jan 2021 10:09:42 GMT
Server
nginx/1.12.1
ETag
"6013dee6-4655"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18005
Expires
Tue, 23 Aug 2022 04:44:55 GMT
shud.jpg
zdorovia.com.ua/uploads/dsn/9f/63/014/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/9f/63/014/shud.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Wed, 27 Jan 2021 13:56:56 GMT
Server
nginx/1.12.1
ETag
"60117128-3ff4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16372
Expires
Tue, 23 Aug 2022 04:44:55 GMT
5.jpg
zdorovia.com.ua/uploads/dsn/03/2b/055/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/03/2b/055/5.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Fri, 15 Jan 2021 10:50:41 GMT
Server
nginx/1.12.1
ETag
"60017381-84f8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34040
Expires
Tue, 23 Aug 2022 04:44:56 GMT
b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
zdorovia.com.ua/uploads/dsn/41/69/002/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/41/69/002/b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Mon, 18 Apr 2022 19:59:33 GMT
Server
nginx/1.12.1
ETag
"625dc325-3b39"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15161
Expires
Tue, 23 Aug 2022 04:44:56 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Tue, 23 Aug 2022 04:44:56 GMT
0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
zdorovia.com.ua/uploads/dsn/c2/6d/002/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/c2/6d/002/0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Thu, 06 Jan 2022 20:09:55 GMT
Server
nginx/1.12.1
ETag
"61d74c93-814b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33099
Expires
Tue, 23 Aug 2022 04:44:56 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Tue, 23 Aug 2022 04:44:56 GMT
d8c527d-hlib1.jpg
zdorovia.com.ua/uploads/dsn/1b/55/004/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/1b/55/004/d8c527d-hlib1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
46b0ef7e741ff491d90a9e9fb67bba81f023ff2b07d488fbcda68732a7a7dc26

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sat, 02 Jul 2022 19:46:05 GMT
Server
nginx/1.12.1
ETag
"62c0a07d-91eb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37355
Expires
Tue, 23 Aug 2022 04:44:55 GMT
aoumi.jpg
zdorovia.com.ua/uploads/dsn/41/be/002/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/41/be/002/aoumi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f5c1252657d569220b7abaf36abd9d3c30550c7935f1af14d43a358d309c557a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Mon, 18 Jul 2022 06:27:33 GMT
Server
nginx/1.12.1
ETag
"62d4fd55-4c5a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19546
Expires
Tue, 23 Aug 2022 04:44:55 GMT
193685.jpg
zdorovia.com.ua/uploads/dsn/37/34/001/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/37/34/001/193685.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f94e8a28820779ae32f6699ed4c41bb2197c32360bca72919a55d962db4acf04

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Mon, 04 Jul 2022 06:26:10 GMT
Server
nginx/1.12.1
ETag
"62c28802-6aef"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27375
Expires
Tue, 23 Aug 2022 04:44:55 GMT
img_8304.jpg
zdorovia.com.ua/uploads/dsn/b4/45/002/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/b4/45/002/img_8304.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
abfde8fdf415962e66c31a475fa8c7929aba9bf645bf2218a08da2845817b16d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Wed, 29 Jun 2022 10:49:55 GMT
Server
nginx/1.12.1
ETag
"62bc2e53-93a1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37793
Expires
Tue, 23 Aug 2022 04:44:55 GMT
ovsyanaya-kasha1.jpg
zdorovia.com.ua/uploads/dsn/d3/81/004/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/81/004/ovsyanaya-kasha1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
366bd4dcbc5cb7bc3af8d7c0d046abdd245b6c33564393d89a7ff5334223faea

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Mon, 18 Jul 2022 18:33:46 GMT
Server
nginx/1.12.1
ETag
"62d5a78a-7c12"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31762
Expires
Tue, 23 Aug 2022 04:44:55 GMT
ai-148048-aux-360-20150417_son_sleep_3601.jpg
zdorovia.com.ua/uploads/dsn/86/b5/001/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/86/b5/001/ai-148048-aux-360-20150417_son_sleep_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
fdd035c80fa36c9a14ec616161194eeb8a684ca0f207329f753333a7a7fcfa42

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Sat, 23 Jul 2022 21:07:58 GMT
Server
nginx/1.12.1
ETag
"62dc632e-3eed"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16109
Expires
Tue, 23 Aug 2022 04:44:56 GMT
kiifmva.jpg
zdorovia.com.ua/uploads/dsn/85/aa/001/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/85/aa/001/kiifmva.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
3968dd09f5ff8790fdf9953c4457d88a6dce103503701ab0001e95b6ec4d03c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Sat, 23 Jul 2022 13:53:17 GMT
Server
nginx/1.12.1
ETag
"62dbfd4d-7524"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29988
Expires
Tue, 23 Aug 2022 04:44:56 GMT
faaa1c0095341be0486013fec046598b58c7d8341.jpeg
zdorovia.com.ua/uploads/dsn/a0/e2/001/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/a0/e2/001/faaa1c0095341be0486013fec046598b58c7d8341.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
9ac5125d544d751f9f67e7b1e0de88074167fc9e5ea2cdcaaa95e3a88b8e12a4

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Fri, 22 Jul 2022 09:16:31 GMT
Server
nginx/1.12.1
ETag
"62da6aef-59cc"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22988
Expires
Tue, 23 Aug 2022 04:44:56 GMT
8c5e639ec77f95717f54d9f9f3d291850b00d8b31.jpeg
zdorovia.com.ua/uploads/dsn/d8/e6/001/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/d8/e6/001/8c5e639ec77f95717f54d9f9f3d291850b00d8b31.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0c406b530c90df08ffed05e54b0fa8c5141608c6b1552ef9d222ec73e4bdab20

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Fri, 22 Jul 2022 09:12:27 GMT
Server
nginx/1.12.1
ETag
"62da69fb-5337"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21303
Expires
Tue, 23 Aug 2022 04:44:56 GMT
_viber_2021-08-05_18-30-30-6501.jpg
zdorovia.com.ua/uploads/dsn/06/db/001/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/06/db/001/_viber_2021-08-05_18-30-30-6501.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4f83989b716d6a6ffa798e80070b0a157b5b74944b1e737b8a3a6e5037818339

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Mon, 18 Jul 2022 18:34:56 GMT
Server
nginx/1.12.1
ETag
"62d5a7d0-3af6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15094
Expires
Tue, 23 Aug 2022 04:44:56 GMT
c5dc9391eef2e7fdf5a2bf64a82ba0f401972ed01.jpg
zdorovia.com.ua/uploads/dsn/cb/4c/005/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/cb/4c/005/c5dc9391eef2e7fdf5a2bf64a82ba0f401972ed01.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4a6c73c4ba10fd3868df0233d6163e04aac59821eff0699ba848f2484b06e52d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Wed, 13 Jul 2022 08:32:45 GMT
Server
nginx/1.12.1
ETag
"62ce832d-5cc2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23746
Expires
Tue, 23 Aug 2022 04:44:56 GMT
1076d838affc3861e231701dc950affb56b1eccc1.jpg
zdorovia.com.ua/uploads/dsn/12/71/001/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/12/71/001/1076d838affc3861e231701dc950affb56b1eccc1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e0db57088d0c9d4678dc514584d4498bbb12d0c021d346a5374146f65218ed0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Wed, 13 Jul 2022 08:35:51 GMT
Server
nginx/1.12.1
ETag
"62ce83e7-64cb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25803
Expires
Tue, 23 Aug 2022 04:44:56 GMT
335b2a94c5bf6f1dab0114ac908569ca0d2a1ab81.jpg
zdorovia.com.ua/uploads/dsn/f5/b2/003/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/dsn/f5/b2/003/335b2a94c5bf6f1dab0114ac908569ca0d2a1ab81.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f94fac4a3eb3855941efbd4014d8a8e46ba6304e10e3e798bae5dbe6a13b251e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Wed, 13 Jul 2022 08:40:03 GMT
Server
nginx/1.12.1
ETag
"62ce84e3-6af2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27378
Expires
Tue, 23 Aug 2022 04:44:56 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Tue, 23 Aug 2022 04:44:55 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Tue, 23 Aug 2022 04:44:55 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Tue, 23 Aug 2022 04:44:55 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Tue, 23 Aug 2022 04:44:55 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Tue, 23 Aug 2022 04:44:55 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Tue, 23 Aug 2022 04:44:55 GMT
3_1_3.png
i.i.ua/r/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Age
21118
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
72fa00dec8aa54a5-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Sun, 23 Jul 2023 16:07:26 GMT
logo
counter.yadro.ru/ 		672 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
672
Expires
Sun, 23 Jul 2023 21:00:00 GMT
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40b30a38dcd64ea99edd332b2134aa7cc6d7a3cef11ce2d20787a67b43f9a8f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sun, 24 Jul 2022 04:44:55 GMT
vast.js
cdn.admixer.net/scripts3/r/ 		136 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.admixer.net/scripts3/r/vast.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ID
fr5-up-gc32
Date
Sun, 24 Jul 2022 04:44:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 13:43:44 GMT
Server
nginx
ETag
W/"5a60a490-21e4b"
Vary
Accept-Encoding
X-Cached-Since
2022-07-11T10:07:02+00:00
Content-Type
application/javascript
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Wed, 12 Jul 2023 10:07:02 GMT
branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
  • https://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:55 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
Date
Sun, 24 Jul 2022 04:44:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3733
date
Sun, 24 Jul 2022 03:42:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 24 Jul 2022 05:42:42 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.17386228894439304
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 23 Jul 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:55 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.17386228894439304
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Fri, 23 Jul 2021 21:00:00 GMT
s
r.i.ua/ 		43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://r.i.ua/s?u152465&p0&n0.20189467508970727&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:55 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
72fa00debf6354d0-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:55 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Tue, 23 Aug 2022 04:44:55 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Tue, 23 Aug 2022 04:44:55 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/ 		251 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Tue, 23 Aug 2022 04:44:55 GMT
page.php
www.facebook.com/plugins/ Frame 20E4 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a0d667c175a45e955580fb2430449db16b126cde4036018c942f9959d5524c5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
date
Sun, 24 Jul 2022 04:44:55 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
pc7SxIE4sB1GqaqkdR3CVOm/Bnvpah/H4CnJPI5+hgtQl4hzLwwd3D55lkTIP++N8s8vm1/Q2lRGBfO302HZNQ==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n462270&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Wed, 27 Jul 2022 04:44:55 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:55 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
link-arrow.png
zdorovia.com.ua/templates/default3/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Tue, 23 Aug 2022 04:44:56 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 41C3 		738 B
494 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:55 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:25 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc30
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-07-04T09:15:44+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 05 Jul 2023 09:15:44 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-06-21T14:43:19+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 22 Jun 2023 14:43:19 GMT
tcWK2FoLDn4.css
static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/ Frame 20E4 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y0/l/0,cross/tcWK2FoLDn4.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
755bbf4c5bc0eb29b590cddd5c19be2800bcfe3f5a4e6ab394a011b9587329a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4r0z2tHtOEwZj4+XJEYraQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4908
x-fb-rlafr
0
x-fb-debug
psLqYOgu44Wyf6fxRM3upfhhhNt8332u5b6WeH4v8ZoNK3RM5XsV+tmrZT/Kq6XvgXu45IUmLzVlb/weiUHh2w==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sun, 23 Jul 2023 20:17:58 GMT
www-widgetapi.js
www.youtube.com/s/player/afeb58ff/www-widgetapi.vflset/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/afeb58ff/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
913a414d89a4e99a4804e3eb208479ba090542422d952eecd4f692d2803e9183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:06:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52518
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 00:17:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 24 Jul 2023 04:06:57 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame E0BE 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:55 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:25 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc30
dsp.aspx
inv-nets.admixer.net/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=5683292841026097&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%225cd46eeb-840d-b838-3edc-01cc1140cd57%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223bac8428-c5f3-3bde-7fe2-a5035da167cf%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2207fe004b-99a1-5787-66ca-8df197330ad0%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22aaa85ab6-d790-afd4-0eca-a8e70bfe9ba5%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
0eee007ad106bb9035f94a0055c05c85341666c83e9899da981e24fd6a210100
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3234
X-Xss-Protection
0
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=397702054&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=397702054&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=1471403332.1658637896&jid=25850428&_v=5.7.2&z=397702054
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1471403332.1658637896&jid=25850428&_v=5.7.2&z=397702054
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1471403332.1658637896&jid=25850428&_v=5.7.2&z=397702054&slf_rd=1&random=314066616
42 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1471403332.1658637896&jid=25850428&_v=5.7.2&z=397702054&slf_rd=1&random=314066616
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=1471403332.1658637896&jid=25850428&_v=5.7.2&z=397702054&slf_rd=1&random=314066616
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dsp.aspx
ads.go2net.com.ua/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=1954996805776676.5&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%229ca99f09-2b3f-88bc-2bfa-3b38f285dde4%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d297f68-7456-49d7-e055-25f2fd63bed2%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
fe5e8fd2692019dd0df29649fc941be1170dd9054a0d0daae435420c2c6347c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2087
X-Xss-Protection
0
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:55 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 0142 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 24 Jul 2022 04:44:56 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame 9FE3 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=91722525464651520&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
5197b0a1fdb1721f5f755aa8621b7eb9bc849dd7a3e784575b4de5b3a2a79eb2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 24 Jul 2022 04:44:55 GMT
server
nginx
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/46506/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-07-06T08:53:01+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 07 Jul 2023 08:53:01 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/46506/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-07-06T08:53:00+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Fri, 07 Jul 2023 08:53:00 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/46506/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-07-22T11:48:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 23 Jul 2023 11:48:27 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/46506/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-07-22T11:48:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 23 Jul 2023 11:48:27 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/46506/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sun, 24 Jul 2022 04:44:55 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-07-22T11:48:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 23 Jul 2023 11:48:27 GMT
cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=OTRhMDI5ZDdhYjFkNDJhN2FjYWRhZTEwM2M1ODQ1ZTc=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=OTRhMDI5ZDdhYjFkNDJhN2FjYWRhZTEwM2M1ODQ1ZTc=&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESECW4v3uUzyFgzFIea4C8v4c&google_cver=1
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESECW4v3uUzyFgzFIea4C8v4c&google_cver=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESECW4v3uUzyFgzFIea4C8v4c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEJhXNNyg5WhpBmORi6UqJCQ&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=OTRhMDI5ZDdhYjFkNDJhN2FjYWRhZTEwM2M1ODQ1ZTc=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=OTRhMDI5ZDdhYjFkNDJhN2FjYWRhZTEwM2M1ODQ1ZTc=&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEA0nOTw4HvbW_qRITdMHkDE&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
ImgSync
image8.pubmatic.com/AdServer/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=94a029d7ab1d42a7acadae103c5845e7
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D94a029d7ab1d42a7acadae103c5845e7
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:56 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4d7a477c-e4c3-4567-a395-5cf6dd430828
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:56 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9d0049ce-5b43-4100-8c60-a7e9447c0f77
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D94a029d7ab1d42a7acadae103c5845e7
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT, Sun, 24 Jul 2022 04:44:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Sun, 24 Jul 2022 04:44:56 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 9FE3 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=91722525464651520&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6175
date
Sun, 24 Jul 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 24 Jul 2022 05:02:00 GMT
branding
a4p.adpartner.pro/ Frame 9FE3 		1 KB
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=91722525464651520&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
865b46a519ec726714390fae540f3b0538748f04b628a23dd70a7e5add01eed7

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=91722525464651520&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 1409
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
1 KB
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=1954996805776676.5&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%229ca99f09-2b3f-88bc-2bfa-3b38f285dde4%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d297f68-7456-49d7-e055-25f2fd63bed2%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
bbeca1c0c7513a60e5ca1bf62e0215b3dc3cf3ea116918b43dce1704d72cbac7

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:56 GMT
expires
Sun, 24 Jul 2022 04:44:56 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sun, 24 Jul 2022 04:44:56 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606
sync.html
s.adtelligent.com/ Frame F0B7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=1954996805776676.5&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%229ca99f09-2b3f-88bc-2bfa-3b38f285dde4%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d297f68-7456-49d7-e055-25f2fd63bed2%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.150.210 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d590ac8cfe5b4ad0b92bf635ed9e6399ddc8a70550e86e818b4c3d6cdd3a4705

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1259
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame E4C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=1954996805776676.5&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%229ca99f09-2b3f-88bc-2bfa-3b38f285dde4%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226d297f68-7456-49d7-e055-25f2fd63bed2%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
1px-matching-go2net.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
ImgSync
image8.pubmatic.com/AdServer/ 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YtzOSCIS9mHvAGg-9CuxjwAAERcAAAAB
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YtzOSCIS9mHvAGg-9CuxjwAAERcAAAAB
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMf2lynH%2FN1fPQVlsFYktlDZLGW9iWdCJZ55HGOTSjOGj9E4g7h%2F0GzDl1yEkGRCAbi9TcmBcfhzsE%2F31mCeTWRRaRLiJSC8MGuWkzRBoIIsIdeuVX%2Br45GYmZowHnIK8t5XaASoI4k3sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YtzOSCIS9mHvAGg-9CuxjwAAERcAAAAB
cache-control
no-cache
cf-ray
72fa00e539e771e0-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sync.html
s.console.adtarget.com.tr/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:55 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
1px-matching-admixer.gif
m.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D94a029d7ab1d...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=5df0ab9c-0b0b-11ed-8d99-801844df107c
  • https://x.bidswitch.net/ul_cb/sync?ssp=lemma&user_id=5df0ab9c-0b0b-11ed-8d99-801844df107c
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=5df0ab9c-0b0b-11ed-8d99-801844df107c
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=lemma&bsw_custom_parameter=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=c3e395b0-7b66-4318-b749-c0b3f93ccb3e&expires=1&user_group=5&ssp=lemma&bsw_param=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=94a029d7ab1d42a7acadae103c5845e75df0ab9c-0b0b-11ed-8d99-801844df107c
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=94a029d7ab1d42a7acadae103c5845e75df0ab9c-0b0b-11ed-8d99-801844df107c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=94a029d7ab1d42a7acadae103c5845e75df0ab9c-0b0b-11ed-8d99-801844df107c
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=6c7a823d-44a3-52cd-8828-978feaf459c7
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=6c7a823d-44a3-52cd-8828-978feaf459c7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=6c7a823d-44a3-52cd-8828-978feaf459c7
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:56 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
idsync
idsync.admixer.co.kr/ 		43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24-Jul-2022 13:44:57 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
sync
t.adx.opera.com/ 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=94a029d7ab1d42a7acadae103c5845e7
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=94a029d7ab1d42a7acadae103c5845e7
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
144.76.118.200 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.200.118.76.144.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=94a029d7ab1d42a7acadae103c5845e7
date
Sun, 24 Jul 2022 04:44:56 GMT
server
nginx
etag
W/"bf4f9c5d8b1b73da1a0246b3799aaaafda8e3e4ab4993ea54d4aa2ecfbc4bb8a"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7
  • http://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0D330FFFA74452C9B3473970A9754E5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0D330FFFA74452C9B3473970A9754E5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7
56 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0D330FFFA74452C9B3473970A9754E5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.16.0
content-type
image/gif
expires
-1

Redirect headers

Location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z0D330FFFA74452C9B3473970A9754E5&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7
Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx/1.13.0
Connection
keep-alive
X-debug-message
A test
Content-Length
185
Content-Type
text/html
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
date
Sun, 24 Jul 2022 04:44:56 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-CNdWnBJE2uFhMrvY9OU1yOM_UnBFiuO0xuphPWE-~A
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-CNdWnBJE2uFhMrvY9OU1yOM_UnBFiuO0xuphPWE-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-CNdWnBJE2uFhMrvY9OU1yOM_UnBFiuO0xuphPWE-~A
date
Sun, 24 Jul 2022 04:44:56 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=94a029d7ab1d42a7acadae103c5845e7&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=94a029d7ab1d42a7acadae103c5845e7&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=3b18a1ea-502a-4da7-890d-0fc5e4f5e312&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7&gdpr=&consent=&gdpr_pd=
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=44329cdd-3c0d-42bd-a5b9-9c10096cfdd7&gdpr=&consent=&gdpr_pd=
Date
Sun, 24 Jul 2022 04:44:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=94a029d7ab1d42a7acadae103c5845e7&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
adspend-sync
adx.com.ru/
Redirect Chain
  • https://rtb.com.ru/admixer-sync?uid=94a029d7ab1d42a7acadae103c5845e7
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=94a029d7ab1d42a7acadae103c5845e7
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=62dcce4905f7084a09b3294d&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62dcce4905f7084a09b3294d%26d...
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D62dcce4905f7084a09b3294d%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D64...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=62dcce4905f7084a09b3294d&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F%252...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=62dcce4905f7084a09b3294d&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://prodmp.ru/li?guid=68276619618D13186AD8&uid=62dcce4905f7084a09b3294d&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F%252Fdmg.di...
  • https://an.yandex.ru/mapuid/dmpmediadesk/62dcce4905f7084a09b3294d?sign=bc3c2009&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3Dhttps%253A%252F...
  • https://an.yandex.ru/mapuid/dmpmediadesk/62dcce4905f7084a09b3294d?redir-setuniq=1&sign=bc3c2009&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D62dcce4905f7084a09b3294d%26dest%3...
  • https://x01.aidata.io/0.gif?pid=6472613&id=62dcce4905f7084a09b3294d&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62dcce4905f7084a09b3294d%26i%3D1558689590172652147%26r%...
  • https://x01.aidata.io/0.gif?pid=6472613&id=62dcce4905f7084a09b3294d&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D62dcce4905f7084a09b3294d%26i%3D1558689590172652147%26r%...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=62dcce4905f7084a09b3294d&i=1558689590172652147&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3...
  • https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&a=224&e=62dcce4905f7084a09b3294d&i=1558689590172652147&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f45...
  • https://cm.g.doubleclick.net/pixel?google_nid=crossmedia_ddp&google_cm=&code=224&ts=E4hlWdU1JX1BZcK7AwsZ&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100...
  • https://dmg.digitaltarget.ru/awg/7162?a=155&e=CAESEDHb8npRI_GzF_rZCc5jrfk&ver=1&google_error=&code=224&ts=E4hlWdU1JX1BZcK7AwsZ&redirect=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62dcce4905f7084a09b3294d&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62dcce4905f7084a09b3294d%26nc%3D843499958...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=62dcce4905f7084a09b3294d&ru=https%3A%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D62dcce4905f7084a09b3294d%26nc%3D843499958...
  • https://cm.p.altergeo.ru/spnd?aid=62dcce4905f7084a09b3294d&nc=8434999580856941833&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62dcce4905f7084a09b3294d%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://cm.p.altergeo.ru/spnd?aid=62dcce4905f7084a09b3294d&nc=8434999580856941833&url=https%3A%2F%2Fadx.com.ru%2Fadspend-sync%3Fuid%3D62dcce4905f7084a09b3294d%26r%3Dhttps%253A%252F%252Fan.yandex.ru...
  • https://adx.com.ru/adspend-sync?uid=62dcce4905f7084a09b3294d&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FbzM8eSgCx7JPheJVKZwCKM%3Fsign%3D2309744665%26location%3Dhttps%253A%252F%252Ftop-fwz1.ma...
  • https://adx.com.ru/adspend-sync?confirm=true&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FbzM8eSgCx7JPheJVKZwCKM%3Fsign%3D2309744665%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounte...
0
0
loader2.js
scripts.go2net.com.ua/scripts3/ Frame CF9E 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc33
date
Sun, 24 Jul 2022 04:44:56 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-20T21:01:25+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Tue, 17 May 2022 20:48:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1E3A 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ac276e5e7f10c691a5d0f6069a70d835c23e812d5788a78b6502d1cd7bb69ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51738
x-xss-protection
0
server
cafe
etag
9904012874713581559
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 04:44:57 GMT
media
a4p.adpartner.pro/ Frame B059
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=94a029d7ab1d42a7acadae103c5845e7&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=01d05bdd-edfb-499a-bf7e-fb9492eeef9d&hp=1048539382&page=zdorovia.com.ua%2F&pvid=84db1236-88fc-4d4c-a3da-94b45d90d05e&inst=ADS-EU-6&ts=637942346958366448&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=94a029d7ab1d42a7acadae103c5845e7&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=ca988afd-48be-4f32-8f3a-551af33c35be&hp=1048539382&page=zdorovia.com.ua%2F&pvid=84db1236-88fc-4d4c-a3da-94b45d90d05e&inst=ADS-EU-6&ts=637942346958366448&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/ Frame 2CCD 		962 KB
963 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 05 Jul 2022 13:58:02 GMT
Server
nginx
ETag
"62c4436a-f09be"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
985534
Expires
Tue, 25 Jul 2023 04:44:56 GMT
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=94a029d7ab1d42a7acadae103c5845e7&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&device=28&rule=AC37E472-A7BC-417C-9557-81E776BB6B82&requestId=430d3738-0c0f-4ffc-974b-7d8acdc2fab9&hp=1048539382&page=zdorovia.com.ua%2F&segments=4%2C2%2C494&ts=637942346958366448&ap=MA%3D%3D&asign=-1482125469&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-6&pxl=0&pvid=84db1236-88fc-4d4c-a3da-94b45d90d05e&ip=217.138.196.107&item=58A999AB-FCB6-49A0-8F11-2519D7D53A56&crid=58A999AB-FCB6-49A0-8F11-2519D7D53A56&size=300x250&profile=01AC75C7-DAC0-4514-9393-6F973B39E04C&isopt=0&adv=N%2FA&dsp=Admixer+Display&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fbattlefront.vogue.ua%2Fen&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0&hold=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=94a029d7ab1d42a7acadae103c5845e7&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=7735914e-b147-4aaa-87ba-987a8d0a038d&hp=1048539382&page=zdorovia.com.ua%2F&pvid=d24d0f90-d2e6-44b9-b899-80d32234e22c&inst=ADS-EU-6&ts=637942346958921383&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame 8D4D 		0
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:56 GMT
expires
0
pragma
no-cache
server
nginx
c.html
cdn.admixer.net/scripts3/46506/ Frame 68A9 		738 B
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:56 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:25 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc30
c.html
cdn.admixer.net/scripts3/46506/ Frame 4365 		738 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:56 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:25 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc30
dsp.aspx
ads.go2net.com.ua/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2469883405747304&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22bc17c641-3b32-2204-1cfc-b76bcbd189d8%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22dcce0617-8760-c520-7005-1457119e05cd%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
38a87c1e66e4e88ad2b264bae1b0a7f138816be2bb4c3870860d2e9a22dd8f67
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2075
X-Xss-Protection
0
ptag
a.audrte.com/ Frame 1409 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
9b87d0b5fc7f669ba409eb31092c9f10bcecd54262acf8cec47fb474f35c23b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 1409 		566 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 23 Jul 2027 04:44:56 GMT
um
u-ams02.e-planning.net/ Frame 1409
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc517f48cde9837b9%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fdc%253D8103fa85295fbe60%2526fi%253Dc517f48cde9837b9%2526uid%253D%2524UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c517f48cde9837b9&uid=4796792589496994157
42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c517f48cde9837b9&uid=4796792589496994157
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
5.178.65.246 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:56 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e6790b9f-ace4-4c3e-8fa9-27c8248ce8b6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=c517f48cde9837b9&uid=4796792589496994157
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame CCD7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:56 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Jul 2022 04:44:56 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 31BA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc517f48cde9837b9%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=40780
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 24 Jul 2022 04:44:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 24 Jul 2022 16:04:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 3419 		1 KB
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 24 Jul 2022 04:44:56 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame B535 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 0803 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bea645d2c45d44d35ebb8d0e72ce7053b10f918d5f1536bd825a1875fb34fa2

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72fa00e4ac71020d-ZRH
content-encoding
br
content-type
text/html
date
Sun, 24 Jul 2022 04:44:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
getuid
ib.adnxs.com/ Frame 0803 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 0803 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=bc1360cc-b5d1-42a8-b6dd-5d360b0335c5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=bc1360cc-b5d1-42a8-b6dd-5d360b0335c5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e6bda1020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=bc1360cc-b5d1-42a8-b6dd-5d360b0335c5&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
date
Sun, 24 Jul 2022 04:44:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 0803 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 0803 		70 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 0803 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
24
date
Sun, 24 Jul 2022 04:44:56 GMT
via
1.1 varnish
server
nginx
x-timer
S1658637897.695802,VS0,VE24
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6926-MXP
u
dmp.v.fwmrm.net/ad/ Frame 0803 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f608:78e4:ddc4:e083:81a6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:57 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0803 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af905-f248-4dd7-7dce-ed1d45138a19%26reqId%3Dd2e18774-f5fa-4eb4-6672-5abef6c79982%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=4e82e3c8-6a04-4ed2-a31e-85e8f2d0458b&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4e82e3c8-6a04-4ed2-a31e-85e8f2d0458b&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e84edc020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=4e82e3c8-6a04-4ed2-a31e-85e8f2d0458b&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=450af905-f248-4dd7-7dce-ed1d45138a19&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=450af905-f248-4dd7-7dce-ed1d45138a19&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=71573886031389824132527754512650670347&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=71573886031389824132527754512650670347&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e70de8020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v037-03e81d370.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
gEPO6mFIQsU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=71573886031389824132527754512650670347&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 0803 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7123795519236995220&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-...
95 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7123795519236995220&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e67d81020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7123795519236995220&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 0803 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=450af905-f248-4dd7-7dce-ed1d45138a19
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=450af905-f248-4dd7-7dce-ed1d45138a19&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=450af905-f248-4dd7-7dce-ed1d45138a19&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=0gAPb9yyM5jd0GwNKiOlLu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4e...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=0gAPb9yyM5jd0GwNKiOlLu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e7be65020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
via
1.1 google
last-modified
Sun, 24 Jul 2022 04:44:56 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=0gAPb9yyM5jd0GwNKiOlLu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e95f62020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=450af905-f248-4dd7-7dce-ed1d45138a19?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=450af905-f248-4dd7-7dce-ed1d45138a19?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-667...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e83ecd020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.26.10
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-BTo7OjZE2oqS9baPJ.a7.OSyFssEJhr1qg--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-BTo7OjZE2oqS9baPJ.a7.OSyFssEJhr1qg--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e91f3a020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-BTo7OjZE2oqS9baPJ.a7.OSyFssEJhr1qg--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=lwS6x6TnrYoYh6EQFk3N3qo9mqekdomj%2BS41iYitP1U%3D
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=lwS6x6TnrYoYh6EQFk3N3qo9mqekdomj%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00e80ead020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:56 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=lwS6x6TnrYoYh6EQFk3N3qo9mqekdomj%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 0803 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=450af905-f248-4dd7-7dce-ed1d45138a19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 0803 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.17.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-17-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1658637897
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 0803 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=450af905-f248-4dd7-7dce-ed1d45138a19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtzOSQAAAX_iYAAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5ab...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtzOSQAAAX_iYAAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361&_test=YtzOSQAAAX_iYAAK
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00ea0fde020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 varnish
server
Varnish
x-timer
S1658637897.248608,VS0,VE0
x-served-by
cache-lcy19243-LCY
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtzOSQAAAX_iYAAK&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361&_test=YtzOSQAAAX_iYAAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 0803 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-12.fra56.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
KrvFyNI6Ep-vXXedxPdoazMVJxNPQBu7bX4DZi4F2TDJMtNsEls0mg==
x-cache
Miss from cloudfront
usermatch.gif
beacon.krxd.net/ Frame 0803
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=O-cbyen2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=450af905-f248-4dd7-7dce-ed1d45138a19
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=450af905-f248-4dd7-7dce-ed1d45138a19
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.252.17.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-17-141.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1658637897
x-served-by
beacon-n016-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=450af905-f248-4dd7-7dce-ed1d45138a19
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00eb289c020d-ZRH
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0803
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=450af905-f248-4dd7-7dce-ed1d45138a19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dc...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=450af905-f248-4dd7-7dce-ed1d45138a19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dc...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=450af905-f248-4dd7-7dce-ed1d45138a19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DNVY1CBJQXV48GQVY0N2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:57 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7TBPZK9DTJ6ZRSB9GBYB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=450af905-f248-4dd7-7dce-ed1d45138a19&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 0803 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=450af905-f248-4dd7-7dce-ed1d45138a19&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.3.108.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-242.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 0803
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00eae86e020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
date
Sun, 24 Jul 2022 04:44:57 GMT
cross-origin-resource-policy
cross-origin
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 31BA 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82898326&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc517f48cde9837b9%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame CCD7 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33141
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sun, 24 Jul 2022 13:57:17 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 1409 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 05:49:43 GMT
content-encoding
gzip
etag
W/"df595edb87c4422264005b90da79ef4a"
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
age
82514
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
1UigIDL3pOMtFDwu-eleeMzJHkL5M8Ekz3nt_SksUMDX9Uk-0l7mlA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 1E19 		636 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:56 GMT
etag
W/"601b131c-27c"
expires
Fri, 23 Jul 2027 04:44:56 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame 2DFA 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ANqxpiOEYKmjGHUN
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Jul 2022 04:44:56 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
khaos.jpg
token.rubiconproject.com/ Frame CCD7 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
GS.d
js.cookieless-data.com/ Frame 1E19 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1658637896786
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/ Frame 2CCD 		962 KB
963 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.28.167.114 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
167-114.admixercdn-s2.cc.colocall.com
Software
nginx /
Resource Hash
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 05 Jul 2022 13:58:02 GMT
Server
nginx
ETag
"62c4436a-f09be"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
985534
Expires
Tue, 25 Jul 2023 04:44:57 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CCD7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
media.min.js
a4p.adpartner.pro/apstc/ Frame B059 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 71A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 24 Jul 2022 04:44:57 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame BB17 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=2&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
175573b8f407972250d72536050be84e0e4fd86686260482ae4e87d8956ce21a

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 24 Jul 2022 04:44:57 GMT
server
nginx
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ Frame 1E3A 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03d37c6349d258edf301a3614fd4f767796ed45b643828e5102c3ea9d7d6da8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123111
x-xss-protection
0
server
cafe
etag
14530532412032361152
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 04:44:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/ Frame 8A67 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220721/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
46945
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 15:42:32 GMT
etag
8616628553774171045
expires
Sat, 06 Aug 2022 15:42:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=94a029d7ab1d42a7acadae103c5845e7&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=ca988afd-48be-4f32-8f3a-551af33c35be&hp=1048539382&page=zdorovia.com.ua%2F&pvid=84db1236-88fc-4d4c-a3da-94b45d90d05e&inst=ADS-EU-6&ts=637942346958366448&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=94a029d7ab1d42a7acadae103c5845e7&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&device=28&rule=AC37E472-A7BC-417C-9557-81E776BB6B82&requestId=430d3738-0c0f-4ffc-974b-7d8acdc2fab9&hp=1048539382&page=zdorovia.com.ua%2F&segments=4%2C2%2C494&ts=637942346958366448&ap=MA%3D%3D&asign=-1482125469&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-6&pxl=0&pvid=84db1236-88fc-4d4c-a3da-94b45d90d05e&ip=217.138.196.107&item=58A999AB-FCB6-49A0-8F11-2519D7D53A56&crid=58A999AB-FCB6-49A0-8F11-2519D7D53A56&size=300x250&profile=01AC75C7-DAC0-4514-9393-6F973B39E04C&isopt=0&adv=N%2FA&dsp=Admixer+Display&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fbattlefront.vogue.ua%2Fen&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0&hold=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
media
a4p.adpartner.pro/ Frame BB17 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=2&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
66148a6c99dd99eba843f7569fc49021913d5f69283f39e65d39649917521d63

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=2&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
media
a4p.adpartner.pro/ Frame 2B2C
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
cm-notify
creativecdn.com/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT, Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
pic.gif
pa.tns-ua.com/bug/ 		56 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.16.0
content-type
image/gif
expires
-1
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/ 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=94a029d7ab1d42a7acadae103c5845e7&redir=[RED]
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
setuid
ib.adnxs.com/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=533&code=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:57 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f6307ef5-6e82-42f2-abad-4edb86eb1459
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
t.adx.opera.com/ 		35 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame F1DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2469883405747304&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22bc17c641-3b32-2204-1cfc-b76bcbd189d8%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22dcce0617-8760-c520-7005-1457119e05cd%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame CB97 		1 KB
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2469883405747304&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22bc17c641-3b32-2204-1cfc-b76bcbd189d8%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22dcce0617-8760-c520-7005-1457119e05cd%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
7a93d212ee0ac18acb536f2aecc77b821794d221d3127d8f0e820b1a926c6d58

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
Sun, 24 Jul 2022 04:44:57 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606
sync.html
s.adtelligent.com/ Frame 3884 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2469883405747304&cpv=44d22dbc-109a-db8a-f1a3-e54be9a0c811&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22bc17c641-3b32-2204-1cfc-b76bcbd189d8%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22dcce0617-8760-c520-7005-1457119e05cd%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.150.210 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d39c424dbdca7d33722bad2ae2d7f02006d6a7be9e71d8085cce99599cbdd149

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1266
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
Adtelligent
X-Robots-Tag
noindex
ev_view.aspx
ads.go2net.com.ua/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=94a029d7ab1d42a7acadae103c5845e7&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=9d62c7fd-d09e-4568-8e37-681e659fbc27&hp=1048539382&page=zdorovia.com.ua%2F&pvid=d24d0f90-d2e6-44b9-b899-80d32234e22c&inst=ADS-EU-6&ts=637942346971847366&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
pixel
ap.lijit.com/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:57 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
mmr445.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
sfaf25.gif
us.ck-ie.com/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
sync.html
s.console.adtarget.com.tr/ 		63 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
ptag
a.audrte.com/ Frame CB97 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
9b87d0b5fc7f669ba409eb31092c9f10bcecd54262acf8cec47fb474f35c23b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame CB97 		566 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:56 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 23 Jul 2027 04:44:56 GMT
usync.html
eus.rubiconproject.com/ Frame EFC3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:57 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Jul 2022 04:44:57 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D85E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D14a719581c14a7e1%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=40779
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 24 Jul 2022 16:04:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 0324 		1 KB
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 765C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 4A9C 		322 B
667 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad22138ad199af386c214affea8d76c776a7bc79c16ec14f8c051791afdb533b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72fa00ea2fef020d-ZRH
content-encoding
br
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
mw
mwzeom.zeotap.com/ Frame 4A9C
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=306ac624-cb7f-4b4a-619f-e7bb4e53238a&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=306ac624-cb7f-4b4a-619f-e7bb4e53238a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00eb289a020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=306ac624-cb7f-4b4a-619f-e7bb4e53238a&zdid=1361
date
Sun, 24 Jul 2022 04:44:57 GMT
cross-origin-resource-policy
cross-origin
content-length
0
usync.js
eus.rubiconproject.com/ Frame EFC3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33140
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sun, 24 Jul 2022 13:57:17 GMT
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 00C3 		668 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F35ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk3LCJzaG93X2lkIjoiMzVhZDBiZDAtOGFhYS00M2E4LTllYjItY2U3ZmIyN2EzNzQ0IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc2b73b037b8727c2a6c15e1be02a1fb2&showId=35ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 49C9 		0
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%252235ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252235ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 71E9 		0
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%252235ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%252235ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
0
pragma
no-cache
server
nginx
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame CB97 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 05:49:43 GMT
content-encoding
gzip
etag
W/"df595edb87c4422264005b90da79ef4a"
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
age
82515
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
HweIxOAnex-d-37H-nF0ZoWgyFNhGmet8gpDU-0iuMelNCFOgkgP0Q==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame D0A2 		636 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"601b131c-27c"
expires
Fri, 23 Jul 2027 04:44:57 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame 9742 		43 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ANqxpiOEYKmjGHUN
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Jul 2022 04:44:57 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 1E3A 		219 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
8715480336d368deed57f6f516a2ece4a0ddd8b09bdbd63216fa0201659af937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 1E3A 		107 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1E3A 		107 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9061 		23 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a71697f8babbf6452209b1be5cb48f87078c71fb57137c4ece9f77df455ebc97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11535
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1E3A 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34625ede3b3644abfc00e40147a80485bfe61312a2915aa8afac90eb0d104668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10866
x-xss-protection
0
zdorovia.com.ua_160x600_br1.html
file.adpartner.pro/2297/2297845/ Frame A470 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_91722525464651520&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4dc98c99-0cb3-462e-95f8-eee568b84a34%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Daade5f05861219fcbe6685013d1dfd54
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"62947f06-cf9"
last-modified
Mon, 30 May 2022 08:23:34 GMT
server
nginx
khaos.jpg
token.rubiconproject.com/ Frame EFC3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
media.min.js
a4p.adpartner.pro/apstc/ Frame 2B2C 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame E12D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 24 Jul 2022 04:44:57 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 1085 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=3&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
325ec957f575f1846f632c9a71cd599f2294e0920525088bf49acf87b82f1bdd

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 24 Jul 2022 04:44:57 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 58C4 		0
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 2F18 		0
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224dc98c99-0cb3-462e-95f8-eee568b84a34%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
0
pragma
no-cache
server
nginx
GS.d
js.cookieless-data.com/ Frame D0A2 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1658637897509
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 00C3 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F35ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk3LCJzaG93X2lkIjoiMzVhZDBiZDAtOGFhYS00M2E4LTllYjItY2U3ZmIyN2EzNzQ0IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dc2b73b037b8727c2a6c15e1be02a1fb2&showId=35ad0bd0-8aaa-43a8-9eb2-ce7fb27a3744&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9c2a2bb3b98dc1b694b769c314d129f3b817e8eaa0f4ad03f50ebeffdd57a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40123
x-xss-protection
0
server
cafe
etag
15297488894015240569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 04:44:57 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A470 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_91722525464651520&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4dc98c99-0cb3-462e-95f8-eee568b84a34%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Daade5f05861219fcbe6685013d1dfd54
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4ebcbd69f2f140f399a968b1a70b5a37f076a90a15c987e1354d722951c16dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40124
x-xss-protection
0
server
cafe
etag
6744614370703942132
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 04:44:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1E3A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 04:44:58 GMT
media
a4p.adpartner.pro/ Frame 1085 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=3&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
5a7f805a6bc1154a08c69b3a6adb318a6e709dc656add8748261c72eddde5750

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=3&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
ptrack
a.audrte.com/ Frame CB97 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.107&p=M1353665098&artime=2022-07-24T04:44:57.658Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
52e1b59467c38275e8528ce053be985ed7d5bf29b21bd4e4db70ac7f72f8a1a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame CB97 		155 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 23 Jul 2022 10:05:00 GMT
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
age
67198
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
F5QhMIOjOLxP_EN3_zerXHTRYhgsvwrgWN5VXxqnfvRQG-ceQxjlYQ==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ Frame 00C3 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22a9f62ea5eec60503b84a375c1b571103dab87cb0ecec5f1c5aa4f8636adc8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123117
x-xss-protection
0
server
cafe
etag
4251537852265946851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 04:44:57 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ Frame A470 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de769643ad3b9ae7fa9c164ec7821f776997b7dac6098886c270bf972ad8f032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123111
x-xss-protection
0
server
cafe
etag
9476915814204175470
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 04:44:57 GMT
sync.html
s.adtelligent.com/ Frame 4000 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.150.210 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 7607
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 24 Jul 2022 04:44:57 GMT
Etag
9e5feeef637c5eaf
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
45e16bad-733c-4126-92ce-eec507f69daf
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 24 Jul 2022 04:44:57 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
/
onetag-sys.com/usync/ Frame 2401 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 56C1
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=6b3a4394-773a-43e2-8175-3080ddabe572
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=6b3a4394-773a-43e2-8175-3080ddabe572
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 24 Jul 2022 04:44:57 GMT
Etag
9e5feeef637c5eaf
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72fa00ed6b590221-ZRH
content-length
0
date
Sun, 24 Jul 2022 04:44:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=6b3a4394-773a-43e2-8175-3080ddabe572
server
cloudflare
/
ads.us.e-planning.net/uspd/1/ Frame 1298 		1 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
825cd79ab23261f80590f157de7ba6b3a01ea84c925d041d5db54f94c5345970

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
Sun, 24 Jul 2022 04:44:57 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606
d
ic.tynt.com/r/ Frame 9ECB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Sun, 24 Jul 2022 04:44:58 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame CAD4 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA16 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=40779
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 24 Jul 2022 16:04:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
pixel
ap.lijit.com/ Frame 3884 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:57 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 3884
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=e9e5c140-aef9-49a3-a58a-68590f13d646
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=e9e5c140-aef9-49a3-a58a-68590f13d646
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=e9e5c140-aef9-49a3-a58a-68590f13d646
date
Sun, 24 Jul 2022 04:44:57 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 3884
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4796792589496994157
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4796792589496994157
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:57 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c9137c1e-f2c6-42cb-94d9-a8d515b282be
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4796792589496994157
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 3884
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 3884
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1658637897804
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5289798569
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5289798569
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
RXae8b713dcf014886a9976f5fdbc6da28003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5289798569
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 3884
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
k1ppphfd272qvptg6nmb3neu2n9clf61
sync
vid.vidoomy.com/ Frame 3884 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 3884
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=94a029d7ab1d42a7acadae103c5845e7
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=94a029d7ab1d42a7acadae103c5845e7
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
cookie
cm.adform.net/ Frame 2811 		43 B
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:58 GMT
server
nginx
csync
sync.adtelligent.com/ Frame CAD4
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2ac8a999c60a276
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2ac8a999c60a276
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2ac8a999c60a276
Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
VertaMedia 1.0
Etag
f2ac8a999c60a276
Content-Length
0
ptag
a.audrte.com/ Frame 1298 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
9b87d0b5fc7f669ba409eb31092c9f10bcecd54262acf8cec47fb474f35c23b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 1298 		566 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 23 Jul 2027 04:44:57 GMT
usync.html
eus.rubiconproject.com/ Frame 5CDB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:57 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Jul 2022 04:44:57 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DCC4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D14a719581c14a7e1%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=40779
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 24 Jul 2022 16:04:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 85A6 		1 KB
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 9469 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame DFC5 		322 B
702 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80acef942119ac8bdd7c7227e7bf664ad569cac24b6ff0695ef2e0c86a8a813b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72fa00ed29d3020d-ZRH
content-encoding
br
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sync.html
s.console.adtarget.com.tr/ Frame F675 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:56 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame ABF2 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.150.210 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2da35fbda1d1846dafe19cd1bc79afce518145cf24e6e7f318c5c4a18b811a0b

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
788
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CE51 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=40779
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 24 Jul 2022 16:04:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
onetag-sys.com/usync/ Frame F8C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame F0B7
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
ie2qt14fvsv52qeghcdcklpv73gcenq1
csync
sync.adtelligent.com/ Frame F0B7
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=e9e5c140-aef9-49a3-a58a-68590f13d646
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=e9e5c140-aef9-49a3-a58a-68590f13d646
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=e9e5c140-aef9-49a3-a58a-68590f13d646
date
Sun, 24 Jul 2022 04:44:57 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame F0B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4796792589496994157
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4796792589496994157
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:57 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
16d56bb8-7564-4ad3-ab73-8e4bd0b7329d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4796792589496994157
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame F0B7
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
sync
vid.vidoomy.com/ Frame F0B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
/
ads.us.e-planning.net/uspd/1/ Frame 6256 		1 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
825cd79ab23261f80590f157de7ba6b3a01ea84c925d041d5db54f94c5345970

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
Sun, 24 Jul 2022 04:44:57 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-606
generic
match.adsrvr.org/track/cmf/ Frame F0B7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1658637897803
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2203770994
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2203770994
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
RXae8b713dcf014886a9976f5fdbc6da28003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2203770994
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
d
ic.tynt.com/r/ Frame 5C7C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Sun, 24 Jul 2022 04:44:58 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame 4FFE
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=850b0236-402c-480c-80a6-b7e63113c58c
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=850b0236-402c-480c-80a6-b7e63113c58c
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 24 Jul 2022 04:44:57 GMT
Etag
9e5feeef637c5eaf
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72fa00ed6b5a0221-ZRH
content-length
0
date
Sun, 24 Jul 2022 04:44:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=850b0236-402c-480c-80a6-b7e63113c58c
server
cloudflare
csync
sync.adtelligent.com/ Frame 9844
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 24 Jul 2022 04:44:57 GMT
Etag
9e5feeef637c5eaf
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
0cb87005-2fa0-4cf7-b21a-80eb8c685308
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 24 Jul 2022 04:44:57 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4796792589496994157
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
csync
sync.adtelligent.com/ Frame F0B7
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=94a029d7ab1d42a7acadae103c5845e7
0
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=94a029d7ab1d42a7acadae103c5845e7
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=94a029d7ab1d42a7acadae103c5845e7
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
pixel
ap.lijit.com/ Frame F0B7 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:57 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
data
bcp.crwdcntrl.net/6/ Frame CB97 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.26.54
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
integrator.js
adservice.google.co.uk/adsid/ Frame 00C3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 00C3 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DCE5 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897664&bpp=14&bdt=178&idt=149&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6956674929435&frm=8&ife=1&pv=2&ga_vid=1485705132.1658637898&ga_sid=1658637898&ga_hid=233276771&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3975512580&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44763505%2C42531605&oid=2&pvsid=2285910530696082&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2hr25cuqubpf&fsb=1&dtd=163
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 5D61 		668 B
586 B 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F9b394fa9-f974-4c91-bcd7-47a639a36d3b%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk3LCJzaG93X2lkIjoiOWIzOTRmYTktZjk3NC00YzkxLWJjZDctNDdhNjM5YTM2ZDNiIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D115f7c6282d3e7fed0f7f4cd1d8d0bd1&showId=9b394fa9-f974-4c91-bcd7-47a639a36d3b&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
integrator.js
adservice.google.co.uk/adsid/ Frame A470 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A470 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A951 		58 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b1d7c70a23972467375b9b296dd772a56f929838e1a7ef619cc4848bd656cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
25084
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ptag
a.audrte.com/ Frame 6256 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
9b87d0b5fc7f669ba409eb31092c9f10bcecd54262acf8cec47fb474f35c23b5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 6256 		566 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 23 Jul 2027 04:44:57 GMT
if
a4p.adpartner.pro/tracker/ Frame 31EE 		0
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25229b394fa9-f974-4c91-bcd7-47a639a36d3b%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229b394fa9-f974-4c91-bcd7-47a639a36d3b%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 8101 		0
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522d5e5197c-7a1e-4a78-9da1-4863af3b4d9d%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25229b394fa9-f974-4c91-bcd7-47a639a36d3b%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25229b394fa9-f974-4c91-bcd7-47a639a36d3b%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:57 GMT
expires
0
pragma
no-cache
server
nginx
mw
mwzeom.zeotap.com/ Frame DFC5
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=2760699e-84d8-458e-7723-e7dd637b1fe5&zdid=1361
95 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=2760699e-84d8-458e-7723-e7dd637b1fe5&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00ee8ab7020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=2760699e-84d8-458e-7723-e7dd637b1fe5&zdid=1361
date
Sun, 24 Jul 2022 04:44:57 GMT
cross-origin-resource-policy
cross-origin
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9061 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B8b1LDK1gdlNRXboWHCRvVKWdh026hL9h1slSvmArM13leaYXIIKWjxOgVPhxDmXHCRsEXpTnDNzegI54JJpQJOEK1InbQRfLFagxl6XPrloNA0Vs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 9061 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 03:42:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3731
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 03:42:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9061 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 04:44:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 9061 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2179
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 04:08:38 GMT
l
www.google.com/ads/measurement/ Frame 9061 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnrr9LKxc6cwZuK-fFd76AkPZfUUhnXJAfdc5WNYJ4vs-z6LPGEcb4D5_I8fjuyDHCfaEN1ensrB3Q0dNNPQ0udx0OPA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 5CDB 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33140
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sun, 24 Jul 2022 13:57:17 GMT
cookie
cm.adform.net/ Frame 2B8D 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Sun, 24 Jul 2022 04:44:58 GMT
server
nginx
csync
sync.adtelligent.com/ Frame F675
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2ac8a999c60a276
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2ac8a999c60a276
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2ac8a999c60a276
Date
Sun, 24 Jul 2022 04:44:57 GMT
Server
VertaMedia 1.0
Etag
f2ac8a999c60a276
Content-Length
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5883 		58 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99721769d14ff36caac1221fe74b73328c439dcc8b9e3936cf53787771517f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
25191
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 1135
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:58 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Jul 2022 04:44:57 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 345E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D14a719581c14a7e1%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=40779
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 24 Jul 2022 16:04:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 9FAD 		1 KB
989 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
46
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:12 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
58.812
x-cf-tsc
1641922259
x-cf1
29080:dC.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 9932 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 4CE3 		322 B
687 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77932328acb596d182b091fc4841a570ca9b1ca14a858dfd1cbd00dc6d908ad1

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72fa00ee5aa0020d-ZRH
content-encoding
br
content-type
text/html
date
Sun, 24 Jul 2022 04:44:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
pixel
googleads.g.doubleclick.net/xbbe/ Frame C108 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjKut3OATAB&v=APEucNW76avTiKBklMT5BcCNh0cvGRWQUlnMxy0QQMdj3as81ZKIEiSFWKVPzCClso0MlHwV9GwMk52ECn6O5cKtHMPwID9LPRdgTtGiS4Hrzdvstzt7dFAdOTAuR9IBWdrlqcTdTw419wq7j59cpBg22DyjAuKLjPcFRB7defO2i90HGg0XIlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9061 		31 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLokEcQFhCwYOg4OZ9Ght8f-IPxoqr8fYgm1rVrtVJeQ2AIvnSEo2InGYCIiOJfuCY6lDVBKB008h8Ikfvkd6YuXJMYAOMyj8EBVwEGG2g6ecKlaCY5rYeFHLvzZczDMbPFFTIb7JhEeGTbF3kqsST2MMufw&dbm_d=AKAmf-Agf5uJlEONcEh9NZYMqgPlim5o6yDZ3XuDCB5eK6WTGZ3CgQjSwwcWiyeeLcgEqObKEDE3xrIv_SuaK2M4fG2kJOyEZAOlGeiyMg9oYYxg-szCATjlk4Z_iBrJvDqD9CCCWy8m6_DfRuEzRGJNxs8F6uXaSTxzGc-_RZbp3Z6NPOCtwmaZX_QjQDYN2xlVifWyx5_zb5CfPckYPrRCkLuX11OX229y-7uRtfDO3WO1l-EoFSXGGbnqBk5twc04Cslhe3Q7wTbUEs_982Fd2NqciAAzi4ItKEHyxxFBojDnKH6nApnARV1m_EcbroLkNDliF9C68mLIpwlqh7WOUO4z4M06l1HddD8t2Ay8OO3hV31LWfW9HNDapVxCeJdZAxUSJ3SpO3r5wD6SnCCa7yDxWN2OeAnM7jIzWq-Hv619lhcgotYOwR-9yoiNxCICmO28L39NiE05G__lEwsjbCa2Y-TjvRiuAFkxQmC2UE68OqLjiuJU7WwHNFAZdFekoTWL026isKaL1i1aNGandCnqgtf1ErCgCNQMh-0RLmLrX_z3fGHD0s-L6cfHxMqsdwOMUpyoVhCntfJpPDPaSMdunPETlCVaMRMpOkWswa7czBojk-6sWIxNqIPNyQi21ZpfD3qCR6OruYWu95zrFq-wr4IpeGzoPRkdJwc4V8YZW6NBTOueJglu_th5ZW9EHJrD1jrCdfghC7rjl8GDy6mIdwgjEPZWToGiQ32s08TZyviXVMLawosiZv42gFbFw61F1PMF7WHVsCeyAq4iUDKRSLL3ggLdIueAhKUjsa-OO3A_KgGqVY9O3214Px9VptM7j_GsXxE8qW4qiyRMiDjiVKnOZuEQKYQ0LWBogHdh-DGxStIMsZEgDbsddisSFDLOdQmmxRwezpcQGkEvLqAK9iPQ_0nL0gHo7745L0QqN-iw0FDhR0f5sVYRlT9eTOMG30Ew4jrEM8DNeu3d_Ld88Ktw4voUO6SC2eUqJ-K9pJ8qWEZww0ov1D6MiS3eWn2Vbkw75cr2R71woNnxhS6n83AE3TUDBzpshlbJ7pHrG_6FMBXNWWC9I0LWfuU5rJxBvyt7qlsJzy2N1-cFZ4OJ93rZplIO4E7NMSkCoffvTDHWKlzPmG1VTLlYagziFPX8kxrreE_Ju7JMoN9TsMh2aoUnZ7HrXYcqSVb966FULJSs-bcdYivz6ibMJ5LMpA6MbfjFVj5bfJubhaJlsOAUuDbzrnp0lLHslBe7FPyE4gGo6rSYBZEC1091gVhL6rdZ0A1IDbo2yy7qu12OzIRR5jbNXzJe4ACfNFZnE9CoTnMl3FDuDSenT5IREAsecTLC6CTak2kna67_xEeHRAlNqW3J7ftckc2JNdM8aM6vEUhAkK9wuLuhoQGkqCLoXSemtbxlu1a3zNnjSK8NTLmNkgLMbSh1eydLyGy_UaB6WGBTiKb_gYKvTiZqrzu-UNB4hmNfSbYLRPW4VF52-l3mJPNHrmknDwyFQtrcjCEx0n3gkrJMrCgdjtGXdSNA6Cp6PXrhm8FpMw0HSpN2_befACJtgspiduHZqjpj0qJhMUC87-iMl6aZrmurMilPvM-N_OQSjN8595uGAi9eJ3wi8EZK923F62ybsEONoGaMkhFeKPEJ892cDYWSSEl9UMNeBVyDFHfHcDfkgq-4lptUzMpFMkFxrX2UuSCZD5DtGg4ezDqVJYqEZ07fgcf0nRzI5upJ6a1uO3NSeFDap_QcTZJ7vjH4jUKtxhg5aoBLIbke5LHRC2f-vx_JMcWQ1Lk2G93VA8k0HnTa2ly0Q4o2c334T-BSwCDSJBGzzRKNXgsBDxDbjZEaSxP83jj6fbFHHHcdPo9OPrgl9d9CFr2j2d1CUj_R7DjBLOAwRTRa5xvFi0d75FbxOZl2oqXFRsdjJuw1WO5FqvcMEbTdBqU9YFy4vazfijTJXme0P6A23thzQrkHnFbpr7vDYHa_HCkyIYA1bm0prTDpROJ6yKjF5F2gdzmyWQfipUomVWgYMpGkGENv2Fc_am40VNhO10OLUijpg830d70e6_uJs8HfFwBesa9Yd3Qqkis-Pu5CU-x5MVw1D8FmTwqhbNHFLhKUEIZeZC0Fpbr6B4vQKXgmQ_9XjNZoxnjO8EsC8-BRyn9EYI5U4z0Bi9W2d0pi9xh4tihFTSygNPnNJVtwfk8zZ9zhCbzHTyWFYyBf-V0xfdS1BVErGYE7W6G92vH7EjWGIK-DNhYX0FKiU5asEJTSToqCFuywyRu122cH-J-ShEmpNWPq03JDng7iHBAtJZzkD4a8O6cnhLUj-WSHiKqS56b1-D4gSQs61h0YQOzz-CqZSxoOxSjwo-lh6iXX0mMWcJHWGPTv7CjUJ_Hctg1A4nrstcsLs-2wPyfe15E4geFWtkTWiukVJ7wEB40OQmiqSfHt7N08B6B8TarmlLAkCKCUmfgTYmLbehRqfp0sCMhDJYrPNCiB0PLoSPx2s3sR6B8DB2-Nl1slm_Nbs0IEUEUR28_7S13MnsbYUI6glrA2SMlzR6zEUuVKgWq4zQqVq8XXtFsZe_aG0hjbxUTgWTegTV_4X7chdAsnVbasTGGbBzPkRC771JLOTz2EXb_VunHyPy8NGeNspYpL6Uhhg8oDjPOXs4jHmlH5EhGXqsXF2yp1U6S05LgMEigc78xEEKalES-m5pzkR6T0tI9rwGq5bUyxz8nA4ezZuTvxgu4xiWJgTGFAPOTbV6N9g60REdK35Ev1tW2NrAGz7APbljiwPb6n1Nah3rFGWiVis2s3YlNIObuUpmFr0NNUJ96JWm3N1PMLW-DabNoYBvxBA7Jnbn2P_VVUC0WNFYPrRjZChkcyf53Aa3yOnsBCkB9pRey_zQ5YQ3W9z1QY32kk1Wi9MUBI20M7FmYfla6CCPco7a5zcIjxuDRR-C6srScI5xAATAPguXU-bJf-2QqkFSG-aWFt0wkiAQGxUm0Fd5fikuXVliVQ-OyGhnXsb-7q5wGy65_HZamsh87J1Cs_NTyan3MgxGjXcho8hOmf_IgcMLQtai8P5EwlBz0mcnm3LJhDx39D31ca5AOGsEBvHx7AR_rciAIpSnDbSL7pF4iE3rW4pxgiXe55scM0D3RRlXm_XPqN22EF5tfnm-oF_mXLdMfwzW6Io_6MSNgXdS86NXVuGT3I_rtshKichQGlV2c2ghjYFJZCNNfmNyqNLWCjgXTBgogxb8VouHyyMKRFBM4_DY7u3_6Vk5vHsyW_4dUexgwqfdU1aDq6g2wFbd9fjDQjpc-HxTWII0fqKoM8UVk_FxTNy1KjNQMhFzqmYrrd3tPbxxRuzWYF_UkDtY2OBE-k3VmndNl8wxV3u0MDagL66rmN4GKlmdVAchL8kWqk9fO7DbU4G2JPEIGMVkJDmXqCx5XQ2tGdcLEonrqIf_sNP-m16fizTrs7xoVb7dCxB_eO9p0l_7T0rYCpx2h6MxNE2cL_H4fQwFTKy6vSz0-pUADjsV5e6K88qb0wimHEucUgjFP6ArniUVrtQNBE3gJVrACHuatyLenNDZyWaNhdr8jkqQc6wiZqbJMX5yZ8&cid=CAASEuRo3eQvJbY9DrDl07oJxRHEbQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55d081e724949aa6bfc1878e0b692f9e95e539f4422531c641f2633f5ef6b23e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18156
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
a.audrte.com/ Frame CB97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=&google_gid=CAESEJvJU8T9HicpeuDR-DQouYI&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame CB97 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame CB97
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7250623845282102256
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5D61 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F9b394fa9-f974-4c91-bcd7-47a639a36d3b%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk3LCJzaG93X2lkIjoiOWIzOTRmYTktZjk3NC00YzkxLWJjZDctNDdhNjM5YTM2ZDNiIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D115f7c6282d3e7fed0f7f4cd1d8d0bd1&showId=9b394fa9-f974-4c91-bcd7-47a639a36d3b&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9c2a2bb3b98dc1b694b769c314d129f3b817e8eaa0f4ad03f50ebeffdd57a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40123
x-xss-protection
0
server
cafe
etag
15297488894015240569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 04:44:58 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5CDB 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
rum
dsum-sec.casalemedia.com/ Frame C108
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHK4lJw3Yn3aB48hrA4bMA&google_cver=1
43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHK4lJw3Yn3aB48hrA4bMA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjKut3OATAB&v=APEucNW76avTiKBklMT5BcCNh0cvGRWQUlnMxy0QQMdj3as81ZKIEiSFWKVPzCClso0MlHwV9GwMk52ECn6O5cKtHMPwID9LPRdgTtGiS4Hrzdvstzt7dFAdOTAuR9IBWdrlqcTdTw419wq7j59cpBg22DyjAuKLjPcFRB7defO2i90HGg0XIlw
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
72fa00ef6ec87768-LHR
pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5wqMgpELNgSXdo5u5ESpFx8iZyDAMrQHg8QUshJsnrFv6nXITG2wLSJyDq0ZIFqqZeX4CUYRTreGY7J9uQ6oCsn0b%2FcFSmA1gfm%2F2q06nYbb59yA8MX1XJfixmoHNe0lLkkO1C3VQumZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHK4lJw3Yn3aB48hrA4bMA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C108
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtzOSCIS9mHvAGg.9CuxjwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHK4lJw3Yn3aB48hrA4bMA&google_cver=1&google_hm=2
43 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHK4lJw3Yn3aB48hrA4bMA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjKut3OATAB&v=APEucNW76avTiKBklMT5BcCNh0cvGRWQUlnMxy0QQMdj3as81ZKIEiSFWKVPzCClso0MlHwV9GwMk52ECn6O5cKtHMPwID9LPRdgTtGiS4Hrzdvstzt7dFAdOTAuR9IBWdrlqcTdTw419wq7j59cpBg22DyjAuKLjPcFRB7defO2i90HGg0XIlw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
72fa00f06d5473f3-LHR
pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ap4HhI3naOBZ%2B1K9reTqat06Pi0lkAMe6cLXTt%2F4lWT6Bi1w68mx2w6u%2BkvuDR1GF0a8fAMIncojGXI2Oz5ANkCffo%2FUTN938A866j%2F3%2BnW0%2FZPHuHqYMxK%2BknzceU5QpzlaC%2BAZHotbEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHK4lJw3Yn3aB48hrA4bMA&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C108
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPPCxJ4hyITbRKhEXfDQ8V8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPPCxJ4hyITbRKhEXfDQ8V8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjKut3OATAB&v=APEucNW76avTiKBklMT5BcCNh0cvGRWQUlnMxy0QQMdj3as81ZKIEiSFWKVPzCClso0MlHwV9GwMk52ECn6O5cKtHMPwID9LPRdgTtGiS4Hrzdvstzt7dFAdOTAuR9IBWdrlqcTdTw419wq7j59cpBg22DyjAuKLjPcFRB7defO2i90HGg0XIlw
Protocol
HTTP/1.1
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:58 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6cd25d9e-9652-40dc-8dfa-b0e1307e7f13
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPPCxJ4hyITbRKhEXfDQ8V8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C108
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5Njc5MjU4OTQ5Njk5NDE1Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5Njc5MjU4OTQ5Njk5NDE1Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARjKut3OATAB&v=APEucNW76avTiKBklMT5BcCNh0cvGRWQUlnMxy0QQMdj3as81ZKIEiSFWKVPzCClso0MlHwV9GwMk52ECn6O5cKtHMPwID9LPRdgTtGiS4Hrzdvstzt7dFAdOTAuR9IBWdrlqcTdTw419wq7j59cpBg22DyjAuKLjPcFRB7defO2i90HGg0XIlw
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:58 GMT
X-Proxy-Origin
217.138.196.107; 217.138.196.107; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
08e580d2-a851-4eb0-8793-6e81486eb888
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5Njc5MjU4OTQ5Njk5NDE1Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 1135 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33139
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sun, 24 Jul 2022 13:57:17 GMT
mw
mwzeom.zeotap.com/ Frame 4CE3
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D450af...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=ca71177f-786d-4597-64ae-d2be19a7bb1e&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=ca71177f-786d-4597-64ae-d2be19a7bb1e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72fa00ef4b47020d-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=ca71177f-786d-4597-64ae-d2be19a7bb1e&zdid=1361
date
Sun, 24 Jul 2022 04:44:58 GMT
cross-origin-resource-policy
cross-origin
content-length
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ Frame 5D61 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03d37c6349d258edf301a3614fd4f767796ed45b643828e5102c3ea9d7d6da8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123111
x-xss-protection
0
server
cafe
etag
14530532412032361152
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 24 Jul 2022 04:44:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 9061 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLokEcQFhCwYOg4OZ9Ght8f-IPxoqr8fYgm1rVrtVJeQ2AIvnSEo2InGYCIiOJfuCY6lDVBKB008h8Ikfvkd6YuXJMYAOMyj8EBVwEGG2g6ecKlaCY5rYeFHLvzZczDMbPFFTIb7JhEeGTbF3kqsST2MMufw&dbm_d=AKAmf-Agf5uJlEONcEh9NZYMqgPlim5o6yDZ3XuDCB5eK6WTGZ3CgQjSwwcWiyeeLcgEqObKEDE3xrIv_SuaK2M4fG2kJOyEZAOlGeiyMg9oYYxg-szCATjlk4Z_iBrJvDqD9CCCWy8m6_DfRuEzRGJNxs8F6uXaSTxzGc-_RZbp3Z6NPOCtwmaZX_QjQDYN2xlVifWyx5_zb5CfPckYPrRCkLuX11OX229y-7uRtfDO3WO1l-EoFSXGGbnqBk5twc04Cslhe3Q7wTbUEs_982Fd2NqciAAzi4ItKEHyxxFBojDnKH6nApnARV1m_EcbroLkNDliF9C68mLIpwlqh7WOUO4z4M06l1HddD8t2Ay8OO3hV31LWfW9HNDapVxCeJdZAxUSJ3SpO3r5wD6SnCCa7yDxWN2OeAnM7jIzWq-Hv619lhcgotYOwR-9yoiNxCICmO28L39NiE05G__lEwsjbCa2Y-TjvRiuAFkxQmC2UE68OqLjiuJU7WwHNFAZdFekoTWL026isKaL1i1aNGandCnqgtf1ErCgCNQMh-0RLmLrX_z3fGHD0s-L6cfHxMqsdwOMUpyoVhCntfJpPDPaSMdunPETlCVaMRMpOkWswa7czBojk-6sWIxNqIPNyQi21ZpfD3qCR6OruYWu95zrFq-wr4IpeGzoPRkdJwc4V8YZW6NBTOueJglu_th5ZW9EHJrD1jrCdfghC7rjl8GDy6mIdwgjEPZWToGiQ32s08TZyviXVMLawosiZv42gFbFw61F1PMF7WHVsCeyAq4iUDKRSLL3ggLdIueAhKUjsa-OO3A_KgGqVY9O3214Px9VptM7j_GsXxE8qW4qiyRMiDjiVKnOZuEQKYQ0LWBogHdh-DGxStIMsZEgDbsddisSFDLOdQmmxRwezpcQGkEvLqAK9iPQ_0nL0gHo7745L0QqN-iw0FDhR0f5sVYRlT9eTOMG30Ew4jrEM8DNeu3d_Ld88Ktw4voUO6SC2eUqJ-K9pJ8qWEZww0ov1D6MiS3eWn2Vbkw75cr2R71woNnxhS6n83AE3TUDBzpshlbJ7pHrG_6FMBXNWWC9I0LWfuU5rJxBvyt7qlsJzy2N1-cFZ4OJ93rZplIO4E7NMSkCoffvTDHWKlzPmG1VTLlYagziFPX8kxrreE_Ju7JMoN9TsMh2aoUnZ7HrXYcqSVb966FULJSs-bcdYivz6ibMJ5LMpA6MbfjFVj5bfJubhaJlsOAUuDbzrnp0lLHslBe7FPyE4gGo6rSYBZEC1091gVhL6rdZ0A1IDbo2yy7qu12OzIRR5jbNXzJe4ACfNFZnE9CoTnMl3FDuDSenT5IREAsecTLC6CTak2kna67_xEeHRAlNqW3J7ftckc2JNdM8aM6vEUhAkK9wuLuhoQGkqCLoXSemtbxlu1a3zNnjSK8NTLmNkgLMbSh1eydLyGy_UaB6WGBTiKb_gYKvTiZqrzu-UNB4hmNfSbYLRPW4VF52-l3mJPNHrmknDwyFQtrcjCEx0n3gkrJMrCgdjtGXdSNA6Cp6PXrhm8FpMw0HSpN2_befACJtgspiduHZqjpj0qJhMUC87-iMl6aZrmurMilPvM-N_OQSjN8595uGAi9eJ3wi8EZK923F62ybsEONoGaMkhFeKPEJ892cDYWSSEl9UMNeBVyDFHfHcDfkgq-4lptUzMpFMkFxrX2UuSCZD5DtGg4ezDqVJYqEZ07fgcf0nRzI5upJ6a1uO3NSeFDap_QcTZJ7vjH4jUKtxhg5aoBLIbke5LHRC2f-vx_JMcWQ1Lk2G93VA8k0HnTa2ly0Q4o2c334T-BSwCDSJBGzzRKNXgsBDxDbjZEaSxP83jj6fbFHHHcdPo9OPrgl9d9CFr2j2d1CUj_R7DjBLOAwRTRa5xvFi0d75FbxOZl2oqXFRsdjJuw1WO5FqvcMEbTdBqU9YFy4vazfijTJXme0P6A23thzQrkHnFbpr7vDYHa_HCkyIYA1bm0prTDpROJ6yKjF5F2gdzmyWQfipUomVWgYMpGkGENv2Fc_am40VNhO10OLUijpg830d70e6_uJs8HfFwBesa9Yd3Qqkis-Pu5CU-x5MVw1D8FmTwqhbNHFLhKUEIZeZC0Fpbr6B4vQKXgmQ_9XjNZoxnjO8EsC8-BRyn9EYI5U4z0Bi9W2d0pi9xh4tihFTSygNPnNJVtwfk8zZ9zhCbzHTyWFYyBf-V0xfdS1BVErGYE7W6G92vH7EjWGIK-DNhYX0FKiU5asEJTSToqCFuywyRu122cH-J-ShEmpNWPq03JDng7iHBAtJZzkD4a8O6cnhLUj-WSHiKqS56b1-D4gSQs61h0YQOzz-CqZSxoOxSjwo-lh6iXX0mMWcJHWGPTv7CjUJ_Hctg1A4nrstcsLs-2wPyfe15E4geFWtkTWiukVJ7wEB40OQmiqSfHt7N08B6B8TarmlLAkCKCUmfgTYmLbehRqfp0sCMhDJYrPNCiB0PLoSPx2s3sR6B8DB2-Nl1slm_Nbs0IEUEUR28_7S13MnsbYUI6glrA2SMlzR6zEUuVKgWq4zQqVq8XXtFsZe_aG0hjbxUTgWTegTV_4X7chdAsnVbasTGGbBzPkRC771JLOTz2EXb_VunHyPy8NGeNspYpL6Uhhg8oDjPOXs4jHmlH5EhGXqsXF2yp1U6S05LgMEigc78xEEKalES-m5pzkR6T0tI9rwGq5bUyxz8nA4ezZuTvxgu4xiWJgTGFAPOTbV6N9g60REdK35Ev1tW2NrAGz7APbljiwPb6n1Nah3rFGWiVis2s3YlNIObuUpmFr0NNUJ96JWm3N1PMLW-DabNoYBvxBA7Jnbn2P_VVUC0WNFYPrRjZChkcyf53Aa3yOnsBCkB9pRey_zQ5YQ3W9z1QY32kk1Wi9MUBI20M7FmYfla6CCPco7a5zcIjxuDRR-C6srScI5xAATAPguXU-bJf-2QqkFSG-aWFt0wkiAQGxUm0Fd5fikuXVliVQ-OyGhnXsb-7q5wGy65_HZamsh87J1Cs_NTyan3MgxGjXcho8hOmf_IgcMLQtai8P5EwlBz0mcnm3LJhDx39D31ca5AOGsEBvHx7AR_rciAIpSnDbSL7pF4iE3rW4pxgiXe55scM0D3RRlXm_XPqN22EF5tfnm-oF_mXLdMfwzW6Io_6MSNgXdS86NXVuGT3I_rtshKichQGlV2c2ghjYFJZCNNfmNyqNLWCjgXTBgogxb8VouHyyMKRFBM4_DY7u3_6Vk5vHsyW_4dUexgwqfdU1aDq6g2wFbd9fjDQjpc-HxTWII0fqKoM8UVk_FxTNy1KjNQMhFzqmYrrd3tPbxxRuzWYF_UkDtY2OBE-k3VmndNl8wxV3u0MDagL66rmN4GKlmdVAchL8kWqk9fO7DbU4G2JPEIGMVkJDmXqCx5XQ2tGdcLEonrqIf_sNP-m16fizTrs7xoVb7dCxB_eO9p0l_7T0rYCpx2h6MxNE2cL_H4fQwFTKy6vSz0-pUADjsV5e6K88qb0wimHEucUgjFP6ArniUVrtQNBE3gJVrACHuatyLenNDZyWaNhdr8jkqQc6wiZqbJMX5yZ8&cid=CAASEuRo3eQvJbY9DrDl07oJxRHEbQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10526
x-xss-protection
0
server
cafe
etag
4815257668744283084
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 04:37:03 GMT
attn.js
cdn.lamp.avct.cloud/ Frame 9061 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lamp.avct.cloud/attn.js?aid=6287731b5790a58d9a94bb89&mid=628cad665790a58d9a94bb95&mt=displayBanner&cp_placementId=340331809&cp_cmNetwork=4022&cp_geo=GBR&cp_siteId=3000708&size=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLokEcQFhCwYOg4OZ9Ght8f-IPxoqr8fYgm1rVrtVJeQ2AIvnSEo2InGYCIiOJfuCY6lDVBKB008h8Ikfvkd6YuXJMYAOMyj8EBVwEGG2g6ecKlaCY5rYeFHLvzZczDMbPFFTIb7JhEeGTbF3kqsST2MMufw&dbm_d=AKAmf-Agf5uJlEONcEh9NZYMqgPlim5o6yDZ3XuDCB5eK6WTGZ3CgQjSwwcWiyeeLcgEqObKEDE3xrIv_SuaK2M4fG2kJOyEZAOlGeiyMg9oYYxg-szCATjlk4Z_iBrJvDqD9CCCWy8m6_DfRuEzRGJNxs8F6uXaSTxzGc-_RZbp3Z6NPOCtwmaZX_QjQDYN2xlVifWyx5_zb5CfPckYPrRCkLuX11OX229y-7uRtfDO3WO1l-EoFSXGGbnqBk5twc04Cslhe3Q7wTbUEs_982Fd2NqciAAzi4ItKEHyxxFBojDnKH6nApnARV1m_EcbroLkNDliF9C68mLIpwlqh7WOUO4z4M06l1HddD8t2Ay8OO3hV31LWfW9HNDapVxCeJdZAxUSJ3SpO3r5wD6SnCCa7yDxWN2OeAnM7jIzWq-Hv619lhcgotYOwR-9yoiNxCICmO28L39NiE05G__lEwsjbCa2Y-TjvRiuAFkxQmC2UE68OqLjiuJU7WwHNFAZdFekoTWL026isKaL1i1aNGandCnqgtf1ErCgCNQMh-0RLmLrX_z3fGHD0s-L6cfHxMqsdwOMUpyoVhCntfJpPDPaSMdunPETlCVaMRMpOkWswa7czBojk-6sWIxNqIPNyQi21ZpfD3qCR6OruYWu95zrFq-wr4IpeGzoPRkdJwc4V8YZW6NBTOueJglu_th5ZW9EHJrD1jrCdfghC7rjl8GDy6mIdwgjEPZWToGiQ32s08TZyviXVMLawosiZv42gFbFw61F1PMF7WHVsCeyAq4iUDKRSLL3ggLdIueAhKUjsa-OO3A_KgGqVY9O3214Px9VptM7j_GsXxE8qW4qiyRMiDjiVKnOZuEQKYQ0LWBogHdh-DGxStIMsZEgDbsddisSFDLOdQmmxRwezpcQGkEvLqAK9iPQ_0nL0gHo7745L0QqN-iw0FDhR0f5sVYRlT9eTOMG30Ew4jrEM8DNeu3d_Ld88Ktw4voUO6SC2eUqJ-K9pJ8qWEZww0ov1D6MiS3eWn2Vbkw75cr2R71woNnxhS6n83AE3TUDBzpshlbJ7pHrG_6FMBXNWWC9I0LWfuU5rJxBvyt7qlsJzy2N1-cFZ4OJ93rZplIO4E7NMSkCoffvTDHWKlzPmG1VTLlYagziFPX8kxrreE_Ju7JMoN9TsMh2aoUnZ7HrXYcqSVb966FULJSs-bcdYivz6ibMJ5LMpA6MbfjFVj5bfJubhaJlsOAUuDbzrnp0lLHslBe7FPyE4gGo6rSYBZEC1091gVhL6rdZ0A1IDbo2yy7qu12OzIRR5jbNXzJe4ACfNFZnE9CoTnMl3FDuDSenT5IREAsecTLC6CTak2kna67_xEeHRAlNqW3J7ftckc2JNdM8aM6vEUhAkK9wuLuhoQGkqCLoXSemtbxlu1a3zNnjSK8NTLmNkgLMbSh1eydLyGy_UaB6WGBTiKb_gYKvTiZqrzu-UNB4hmNfSbYLRPW4VF52-l3mJPNHrmknDwyFQtrcjCEx0n3gkrJMrCgdjtGXdSNA6Cp6PXrhm8FpMw0HSpN2_befACJtgspiduHZqjpj0qJhMUC87-iMl6aZrmurMilPvM-N_OQSjN8595uGAi9eJ3wi8EZK923F62ybsEONoGaMkhFeKPEJ892cDYWSSEl9UMNeBVyDFHfHcDfkgq-4lptUzMpFMkFxrX2UuSCZD5DtGg4ezDqVJYqEZ07fgcf0nRzI5upJ6a1uO3NSeFDap_QcTZJ7vjH4jUKtxhg5aoBLIbke5LHRC2f-vx_JMcWQ1Lk2G93VA8k0HnTa2ly0Q4o2c334T-BSwCDSJBGzzRKNXgsBDxDbjZEaSxP83jj6fbFHHHcdPo9OPrgl9d9CFr2j2d1CUj_R7DjBLOAwRTRa5xvFi0d75FbxOZl2oqXFRsdjJuw1WO5FqvcMEbTdBqU9YFy4vazfijTJXme0P6A23thzQrkHnFbpr7vDYHa_HCkyIYA1bm0prTDpROJ6yKjF5F2gdzmyWQfipUomVWgYMpGkGENv2Fc_am40VNhO10OLUijpg830d70e6_uJs8HfFwBesa9Yd3Qqkis-Pu5CU-x5MVw1D8FmTwqhbNHFLhKUEIZeZC0Fpbr6B4vQKXgmQ_9XjNZoxnjO8EsC8-BRyn9EYI5U4z0Bi9W2d0pi9xh4tihFTSygNPnNJVtwfk8zZ9zhCbzHTyWFYyBf-V0xfdS1BVErGYE7W6G92vH7EjWGIK-DNhYX0FKiU5asEJTSToqCFuywyRu122cH-J-ShEmpNWPq03JDng7iHBAtJZzkD4a8O6cnhLUj-WSHiKqS56b1-D4gSQs61h0YQOzz-CqZSxoOxSjwo-lh6iXX0mMWcJHWGPTv7CjUJ_Hctg1A4nrstcsLs-2wPyfe15E4geFWtkTWiukVJ7wEB40OQmiqSfHt7N08B6B8TarmlLAkCKCUmfgTYmLbehRqfp0sCMhDJYrPNCiB0PLoSPx2s3sR6B8DB2-Nl1slm_Nbs0IEUEUR28_7S13MnsbYUI6glrA2SMlzR6zEUuVKgWq4zQqVq8XXtFsZe_aG0hjbxUTgWTegTV_4X7chdAsnVbasTGGbBzPkRC771JLOTz2EXb_VunHyPy8NGeNspYpL6Uhhg8oDjPOXs4jHmlH5EhGXqsXF2yp1U6S05LgMEigc78xEEKalES-m5pzkR6T0tI9rwGq5bUyxz8nA4ezZuTvxgu4xiWJgTGFAPOTbV6N9g60REdK35Ev1tW2NrAGz7APbljiwPb6n1Nah3rFGWiVis2s3YlNIObuUpmFr0NNUJ96JWm3N1PMLW-DabNoYBvxBA7Jnbn2P_VVUC0WNFYPrRjZChkcyf53Aa3yOnsBCkB9pRey_zQ5YQ3W9z1QY32kk1Wi9MUBI20M7FmYfla6CCPco7a5zcIjxuDRR-C6srScI5xAATAPguXU-bJf-2QqkFSG-aWFt0wkiAQGxUm0Fd5fikuXVliVQ-OyGhnXsb-7q5wGy65_HZamsh87J1Cs_NTyan3MgxGjXcho8hOmf_IgcMLQtai8P5EwlBz0mcnm3LJhDx39D31ca5AOGsEBvHx7AR_rciAIpSnDbSL7pF4iE3rW4pxgiXe55scM0D3RRlXm_XPqN22EF5tfnm-oF_mXLdMfwzW6Io_6MSNgXdS86NXVuGT3I_rtshKichQGlV2c2ghjYFJZCNNfmNyqNLWCjgXTBgogxb8VouHyyMKRFBM4_DY7u3_6Vk5vHsyW_4dUexgwqfdU1aDq6g2wFbd9fjDQjpc-HxTWII0fqKoM8UVk_FxTNy1KjNQMhFzqmYrrd3tPbxxRuzWYF_UkDtY2OBE-k3VmndNl8wxV3u0MDagL66rmN4GKlmdVAchL8kWqk9fO7DbU4G2JPEIGMVkJDmXqCx5XQ2tGdcLEonrqIf_sNP-m16fizTrs7xoVb7dCxB_eO9p0l_7T0rYCpx2h6MxNE2cL_H4fQwFTKy6vSz0-pUADjsV5e6K88qb0wimHEucUgjFP6ArniUVrtQNBE3gJVrACHuatyLenNDZyWaNhdr8jkqQc6wiZqbJMX5yZ8&cid=CAASEuRo3eQvJbY9DrDl07oJxRHEbQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-102.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bde46880a61444df13c38484e4b3e4dc7fd34380d4577a0c453e6776539873ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 08:37:50 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 11:57:47 GMT
server
AmazonS3
age
72429
etag
W/"58b75371da64ed4121844da59ed40c9d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
G5eb3J17ELU3X0iqcKh0eW_Vjz-01gV9uRZGonxTZSvWEzfx_v35GA==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9061 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CLokEcQFhCwYOg4OZ9Ght8f-IPxoqr8fYgm1rVrtVJeQ2AIvnSEo2InGYCIiOJfuCY6lDVBKB008h8Ikfvkd6YuXJMYAOMyj8EBVwEGG2g6ecKlaCY5rYeFHLvzZczDMbPFFTIb7JhEeGTbF3kqsST2MMufw&dbm_d=AKAmf-Agf5uJlEONcEh9NZYMqgPlim5o6yDZ3XuDCB5eK6WTGZ3CgQjSwwcWiyeeLcgEqObKEDE3xrIv_SuaK2M4fG2kJOyEZAOlGeiyMg9oYYxg-szCATjlk4Z_iBrJvDqD9CCCWy8m6_DfRuEzRGJNxs8F6uXaSTxzGc-_RZbp3Z6NPOCtwmaZX_QjQDYN2xlVifWyx5_zb5CfPckYPrRCkLuX11OX229y-7uRtfDO3WO1l-EoFSXGGbnqBk5twc04Cslhe3Q7wTbUEs_982Fd2NqciAAzi4ItKEHyxxFBojDnKH6nApnARV1m_EcbroLkNDliF9C68mLIpwlqh7WOUO4z4M06l1HddD8t2Ay8OO3hV31LWfW9HNDapVxCeJdZAxUSJ3SpO3r5wD6SnCCa7yDxWN2OeAnM7jIzWq-Hv619lhcgotYOwR-9yoiNxCICmO28L39NiE05G__lEwsjbCa2Y-TjvRiuAFkxQmC2UE68OqLjiuJU7WwHNFAZdFekoTWL026isKaL1i1aNGandCnqgtf1ErCgCNQMh-0RLmLrX_z3fGHD0s-L6cfHxMqsdwOMUpyoVhCntfJpPDPaSMdunPETlCVaMRMpOkWswa7czBojk-6sWIxNqIPNyQi21ZpfD3qCR6OruYWu95zrFq-wr4IpeGzoPRkdJwc4V8YZW6NBTOueJglu_th5ZW9EHJrD1jrCdfghC7rjl8GDy6mIdwgjEPZWToGiQ32s08TZyviXVMLawosiZv42gFbFw61F1PMF7WHVsCeyAq4iUDKRSLL3ggLdIueAhKUjsa-OO3A_KgGqVY9O3214Px9VptM7j_GsXxE8qW4qiyRMiDjiVKnOZuEQKYQ0LWBogHdh-DGxStIMsZEgDbsddisSFDLOdQmmxRwezpcQGkEvLqAK9iPQ_0nL0gHo7745L0QqN-iw0FDhR0f5sVYRlT9eTOMG30Ew4jrEM8DNeu3d_Ld88Ktw4voUO6SC2eUqJ-K9pJ8qWEZww0ov1D6MiS3eWn2Vbkw75cr2R71woNnxhS6n83AE3TUDBzpshlbJ7pHrG_6FMBXNWWC9I0LWfuU5rJxBvyt7qlsJzy2N1-cFZ4OJ93rZplIO4E7NMSkCoffvTDHWKlzPmG1VTLlYagziFPX8kxrreE_Ju7JMoN9TsMh2aoUnZ7HrXYcqSVb966FULJSs-bcdYivz6ibMJ5LMpA6MbfjFVj5bfJubhaJlsOAUuDbzrnp0lLHslBe7FPyE4gGo6rSYBZEC1091gVhL6rdZ0A1IDbo2yy7qu12OzIRR5jbNXzJe4ACfNFZnE9CoTnMl3FDuDSenT5IREAsecTLC6CTak2kna67_xEeHRAlNqW3J7ftckc2JNdM8aM6vEUhAkK9wuLuhoQGkqCLoXSemtbxlu1a3zNnjSK8NTLmNkgLMbSh1eydLyGy_UaB6WGBTiKb_gYKvTiZqrzu-UNB4hmNfSbYLRPW4VF52-l3mJPNHrmknDwyFQtrcjCEx0n3gkrJMrCgdjtGXdSNA6Cp6PXrhm8FpMw0HSpN2_befACJtgspiduHZqjpj0qJhMUC87-iMl6aZrmurMilPvM-N_OQSjN8595uGAi9eJ3wi8EZK923F62ybsEONoGaMkhFeKPEJ892cDYWSSEl9UMNeBVyDFHfHcDfkgq-4lptUzMpFMkFxrX2UuSCZD5DtGg4ezDqVJYqEZ07fgcf0nRzI5upJ6a1uO3NSeFDap_QcTZJ7vjH4jUKtxhg5aoBLIbke5LHRC2f-vx_JMcWQ1Lk2G93VA8k0HnTa2ly0Q4o2c334T-BSwCDSJBGzzRKNXgsBDxDbjZEaSxP83jj6fbFHHHcdPo9OPrgl9d9CFr2j2d1CUj_R7DjBLOAwRTRa5xvFi0d75FbxOZl2oqXFRsdjJuw1WO5FqvcMEbTdBqU9YFy4vazfijTJXme0P6A23thzQrkHnFbpr7vDYHa_HCkyIYA1bm0prTDpROJ6yKjF5F2gdzmyWQfipUomVWgYMpGkGENv2Fc_am40VNhO10OLUijpg830d70e6_uJs8HfFwBesa9Yd3Qqkis-Pu5CU-x5MVw1D8FmTwqhbNHFLhKUEIZeZC0Fpbr6B4vQKXgmQ_9XjNZoxnjO8EsC8-BRyn9EYI5U4z0Bi9W2d0pi9xh4tihFTSygNPnNJVtwfk8zZ9zhCbzHTyWFYyBf-V0xfdS1BVErGYE7W6G92vH7EjWGIK-DNhYX0FKiU5asEJTSToqCFuywyRu122cH-J-ShEmpNWPq03JDng7iHBAtJZzkD4a8O6cnhLUj-WSHiKqS56b1-D4gSQs61h0YQOzz-CqZSxoOxSjwo-lh6iXX0mMWcJHWGPTv7CjUJ_Hctg1A4nrstcsLs-2wPyfe15E4geFWtkTWiukVJ7wEB40OQmiqSfHt7N08B6B8TarmlLAkCKCUmfgTYmLbehRqfp0sCMhDJYrPNCiB0PLoSPx2s3sR6B8DB2-Nl1slm_Nbs0IEUEUR28_7S13MnsbYUI6glrA2SMlzR6zEUuVKgWq4zQqVq8XXtFsZe_aG0hjbxUTgWTegTV_4X7chdAsnVbasTGGbBzPkRC771JLOTz2EXb_VunHyPy8NGeNspYpL6Uhhg8oDjPOXs4jHmlH5EhGXqsXF2yp1U6S05LgMEigc78xEEKalES-m5pzkR6T0tI9rwGq5bUyxz8nA4ezZuTvxgu4xiWJgTGFAPOTbV6N9g60REdK35Ev1tW2NrAGz7APbljiwPb6n1Nah3rFGWiVis2s3YlNIObuUpmFr0NNUJ96JWm3N1PMLW-DabNoYBvxBA7Jnbn2P_VVUC0WNFYPrRjZChkcyf53Aa3yOnsBCkB9pRey_zQ5YQ3W9z1QY32kk1Wi9MUBI20M7FmYfla6CCPco7a5zcIjxuDRR-C6srScI5xAATAPguXU-bJf-2QqkFSG-aWFt0wkiAQGxUm0Fd5fikuXVliVQ-OyGhnXsb-7q5wGy65_HZamsh87J1Cs_NTyan3MgxGjXcho8hOmf_IgcMLQtai8P5EwlBz0mcnm3LJhDx39D31ca5AOGsEBvHx7AR_rciAIpSnDbSL7pF4iE3rW4pxgiXe55scM0D3RRlXm_XPqN22EF5tfnm-oF_mXLdMfwzW6Io_6MSNgXdS86NXVuGT3I_rtshKichQGlV2c2ghjYFJZCNNfmNyqNLWCjgXTBgogxb8VouHyyMKRFBM4_DY7u3_6Vk5vHsyW_4dUexgwqfdU1aDq6g2wFbd9fjDQjpc-HxTWII0fqKoM8UVk_FxTNy1KjNQMhFzqmYrrd3tPbxxRuzWYF_UkDtY2OBE-k3VmndNl8wxV3u0MDagL66rmN4GKlmdVAchL8kWqk9fO7DbU4G2JPEIGMVkJDmXqCx5XQ2tGdcLEonrqIf_sNP-m16fizTrs7xoVb7dCxB_eO9p0l_7T0rYCpx2h6MxNE2cL_H4fQwFTKy6vSz0-pUADjsV5e6K88qb0wimHEucUgjFP6ArniUVrtQNBE3gJVrACHuatyLenNDZyWaNhdr8jkqQc6wiZqbJMX5yZ8&cid=CAASEuRo3eQvJbY9DrDl07oJxRHEbQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 09:42:41 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 1298 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 05:49:43 GMT
content-encoding
gzip
etag
W/"df595edb87c4422264005b90da79ef4a"
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
age
82516
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
UlhLTEGoBUW_gRWdHy0TVINj5YTsKioDjzGy_dXSOa_4FYthjMbe4Q==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 3CC6 		636 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"601b131c-27c"
expires
Fri, 23 Jul 2027 04:44:57 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame 5665 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANqxpiOEYKmjGHUN
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 24 Jul 2022 04:44:58 GMT
Etag
e05ea246dc0385c9
Server
VertaMedia 1.0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 00C3 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
964615479bf7eb8601c8fc6438d983091f53b0d99e0e087941c46074e8631df8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10767
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 1135 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 6256 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 05:49:43 GMT
content-encoding
gzip
etag
W/"df595edb87c4422264005b90da79ef4a"
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
age
82516
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
woL0fTDeNz-OMS4xf_GoGimKePH8iAH7W41MlaK7pRIEFOiH8Dpwjg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 1B06 		636 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Sun, 24 Jul 2022 04:44:57 GMT
etag
W/"601b131c-27c"
expires
Fri, 23 Jul 2027 04:44:57 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame F4B2 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANqxpiOEYKmjGHUN
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Sun, 24 Jul 2022 04:44:58 GMT
Etag
e05ea246dc0385c9
Server
VertaMedia 1.0
/
fw.adsafeprotected.com/rjss/servedby.flashtalking.com/1095264/64280668/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/ Frame 9061 		228 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/servedby.flashtalking.com/1095264/64280668/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=zdorovia.com.ua&ft_agentEnv=0&ft_referrer=http%3A%2F%2Fzdorovia.com.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=97618.43131579306&adsafe_preview=${IS_PREVIEW}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.32.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-32-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a6277d13398b9f4a1b0d01ebbc8a63ef62ccce0862b48cd7cff322c2e93e818f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
GS.d
js.cookieless-data.com/ Frame 3CC6 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1658637898140
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
GS.d
js.cookieless-data.com/ Frame 1B06 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1658637898152
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 5D61 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5D61 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 51C0 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637898053&bpp=6&bdt=87&idt=110&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4811561033844&frm=8&ife=1&pv=2&ga_vid=914494604.1658637898&ga_sid=1658637898&ga_hid=142395123&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2335508554&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44763505&oid=2&pvsid=4049507553015328&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.ra71s6cb2tuj&fsb=1&dtd=122
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 00C3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 04:44:58 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B1AA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
261215
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 04:11:23 GMT
expires
Fri, 21 Jul 2023 04:11:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
logcz.aspx
ads.go2net.com.ua/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 24 Jul 2022 04:44:58 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
6590145384951130631
tpc.googlesyndication.com/simgad/ Frame A951 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6590145384951130631?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkcqSfsLsFaAe86oZsKiWNlVWetKw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a927b814339934f4cc07b7db14e4c2b50063a92214a1b8ce64b2562b85e7d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 19:09:25 GMT
x-content-type-options
nosniff
age
207333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29753
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 16:16:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Jul 2023 19:09:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame A951 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 03:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8663
x-xss-protection
0
server
cafe
etag
1576890815193688712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 03:33:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame A951 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 04:16:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A951 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 04:44:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame A951 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 04:08:38 GMT
l
www.google.com/ads/measurement/ Frame A951 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRHMXGwGYsKQFyGP2ScMavrBiP6LR1OwGov2-F-SSJLABCPQ9c0-FFdKMWBeBtQvRd0ur7b2BKcMWBPMrBzU7oU7KOoA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame A951 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f4cec16cd84d3ba943306792a8a1b09e9881c1f23110fa652e1a65e0992da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 22:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12688
x-xss-protection
0
server
cafe
etag
6873948312887217847
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Aug 2022 22:39:52 GMT
6590145384951130631
tpc.googlesyndication.com/simgad/ Frame 5883 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6590145384951130631?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkcqSfsLsFaAe86oZsKiWNlVWetKw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a927b814339934f4cc07b7db14e4c2b50063a92214a1b8ce64b2562b85e7d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 19:09:25 GMT
x-content-type-options
nosniff
age
207333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29753
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 16:16:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Jul 2023 19:09:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 5883 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 03:33:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8663
x-xss-protection
0
server
cafe
etag
1576890815193688712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 03:33:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 5883 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 04:16:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5883 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 04:44:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 5883 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 04:08:38 GMT
l
www.google.com/ads/measurement/ Frame 5883 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHKxBQLIoVgM3ZXe1IL5oZKIA89UaTsHXu3E7T_BOhtTQgIitmEs9viNxL3-lMYLrhC4b_Zzkysz1tBw_K5fccdKi01Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 5883 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f4cec16cd84d3ba943306792a8a1b09e9881c1f23110fa652e1a65e0992da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 22:39:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21906
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12688
x-xss-protection
0
server
cafe
etag
6873948312887217847
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Aug 2022 22:39:52 GMT
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame B1AA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 12:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
145820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Jul 2023 12:14:38 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5EC5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 04:39:00 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4557 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 04:39:00 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5EC5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 04:44:58 GMT
expires
Sun, 24 Jul 2022 04:44:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 04:44:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4557
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 04:44:58 GMT
expires
Sun, 24 Jul 2022 04:44:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 04:44:58 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
/
servedby.flashtalking.com/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/ Frame 9061
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/1095264/64280668/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/?ftx=&f...
  • https://servedby.flashtalking.com/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=...
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=zdorovia.com.ua&ft_agentEnv=0&ft_referrer=http%3A%2F%2Fzdorovia.com.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=97618.43131579306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
HTTP/1.1
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app38.lhr11 /
Resource Hash
19179e1a21673cbafe072b392a9e63db4fd03b454ad484183b61522e58fa9029

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
prod-xre-app38.lhr11
X-HW
1658637898.dop059.lo4.t,1658637898.cds011.lo4.shn,1658637898.dop059.lo4.t,1658637898.cds258.lo4.sc,1658637898.cds258.lo4.p
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1476
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://servedby.flashtalking.com/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=zdorovia.com.ua&ft_agentEnv=0&ft_referrer=http%3A%2F%2Fzdorovia.com.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=97618.43131579306
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 825D 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
5947825
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
DUS51-P1
content-type
application/javascript
x-amz-cf-id
uJKLII1XjoOchh6_cQ6OIHlfKBsOmSnE8Z-EUN6_qxXWgH00FUXoEw==
ptrack
a.audrte.com/ Frame 1298 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.107&p=M1353665098&artime=2022-07-24T04:44:58.564Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f430ba97631fa44ee9b7b51d119d57d584de986257c84aa097c87fae81336f09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 1298 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 23 Jul 2022 10:05:00 GMT
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
age
67199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
jt8pTB1gUR31Zvv9Jfp262DBmEKGJkDkl_OU1GwcXzb5NAoCTZBcnQ==
dt
dt.adsafeprotected.com/ Frame 9061 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095264&asId=5a5667f5-80d3-4de5-9e07-ee89bdaccea8&tv=%7Bc:jfYXQj,pingTime:-2,time:147,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:979,beZ:980,mfA:982,cmA:983,inA:983,inZ:987,prA:987,prZ:1013,si:1017,poA:1018,poZ:1037,cmZ:1037,mfZ:1037,loA:1097,loZ:1100,ltA:1125,ltZ:1125%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:37%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:147,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,bkn:%7Bpiv:%5B141~1%5D,as:%5B141~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,sinceFw:107,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:698a:3145:8fbd:bb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7A86 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
18921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 23:29:37 GMT
expires
Sun, 23 Jul 2023 23:29:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E529 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e29abd7a308fa90b7e627ccae0c3a4695241897e7ab0a9cb71de1da94703e80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oeVnl9BSBA0jDPEjcvDEuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-oeVnl9BSBA0jDPEjcvDEuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:58 GMT
expires
Sun, 24 Jul 2022 04:44:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F39 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
18921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 23:29:37 GMT
expires
Sun, 23 Jul 2023 23:29:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0C38 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b1c2e085d33e1a7e36b84b919640123ea5a409ba2435ccce5f6f42875eaa037d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0cZ4xQWZeeCiwp7aqTKfHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-0cZ4xQWZeeCiwp7aqTKfHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:58 GMT
expires
Sun, 24 Jul 2022 04:44:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5D61 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7f57e73dc706cf90f567c2a859529719d5a0fdbd7285a2248f2958b9df37a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10803
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A470 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220721&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a60deb6fc2c67e117b422b15354d45ffee977df4be2c6ccb88bfec48b8066c01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10902
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame A470 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_91722525464651520&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F4dc98c99-0cb3-462e-95f8-eee568b84a34%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Daade5f05861219fcbe6685013d1dfd54
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
data
bcp.crwdcntrl.net/6/ Frame 1298 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.15.12
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame B2D0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897680&bpp=12&bdt=151&idt=232&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&correlator=6525449284628&frm=22&ife=1&pv=2&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.gk11at6w9ueq&fsb=1&xpc=oA9fx8MVij&p=https%3A//file.adpartner.pro&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 12:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
145820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Jul 2023 12:14:38 GMT
truncated
/ Frame A951 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1516a519cc9ef0a478c5b7a8d02be31ab28a22e99719113b3181923f88ee1f70

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5883 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e00578f0fb82923000878d8cf4ca887e505221fa9feaf66ae03644f28bd9fa26

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame 8509 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_91722525464651520%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F4dc98c99-0cb3-462e-95f8-eee568b84a34%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4NjM3ODk2LCJzaG93X2lkIjoiNGRjOThjOTktMGNiMy00NjJlLTk1ZjgtZWVlNTY4Yjg0YTM0IiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZDVlNTE5N2MtN2ExZS00YTc4LTlkYTEtNDg2M2FmM2I0ZDlkIiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253Daade5f05861219fcbe6685013d1dfd54&wgl=1&dt=1658637897707&bpp=2&bdt=178&idt=237&shv=r20220721&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=6525449284628&frm=22&ife=1&pv=1&ga_vid=1498370608.1658637898&ga_sid=1658637898&ga_hid=763832406&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=912867297&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763505%2C31062930&oid=2&pvsid=3581320966944015&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.u4gh3v3o8wma&fsb=1&xpc=OhaWlbn4un&p=https%3A//file.adpartner.pro&dtd=242
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 12:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
145820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Jul 2023 12:14:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5D61 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 04:44:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B1AA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrLi6Sc7cYrDtPKLR7_UP8uOCmAEAAAAAOAHgBAI&bg=!1Nel15PNAAacadVKvGk7ACkAdvg8WptAMBjBRE7OfKjU9-nZlXICkz9mPbRGECp8NMTqbfBZ3tivCAIAAAEvUgAAAAFoAQcKAIOVj-3uBWlAAbi8CGOeXMwZOIGNpF4PXuVn_hhEMQe0AQa0OMIkHn0mXZ0-i3ZIyIP2QNc06nFn4V1UpZygSEQrHTKBN8ciyD_Z-4gNGYtxNw-_AxjRDkLM1pIiri4HBnW1mphg8-gonMmPVeEx4AGzaZPyWpyVj8rw4mKdWqS3QQB9TZkC2kv4taEcb_kGHvUTrteKhyvtQvtApYsJzDNHayejuyhEsIYHuOioJr8qu86BUm7sF8lGQrQ6d_uMtZHjq3YX4p8JhmcnDi-hSLg2phbm5vfxl0NjIMZgZcIDYkMA8cW7TCmpBkoAZWWhE6ho_biLCaXjfEURcI1C2Ry-gKPXshDsQ0f_XF8ymiBrd4asIMicaPzhwVPt1p_aCi0CP5oQ0pY9z5g1M3TeN4hlu3ahsFyPmIbwRKswi-uVuY-ut797hQ9RBWN-urxEQEkdzg1WszUEWtr59PlLq1Hpsvhsmmx5lc1ggsFoVeg_8cRMCLL7lOrvlSopaqxERMy6-gBJWekF950NL3tVUiCSwRBFBKhxAdVvAHEFbsGCouquXAVNy_PWicyyDAfEC7Ua2jfp0C3Mh3Q5x-y8OXegh93vWSTVlppWKexYQZ1I86dyt2J0ak-DwJr2hH7VSACso9-FTw0DZl-pPU8oJPzY8ZtAHh5igOFTmBx6VtpH3vppSxQWjw8xxpH9SFuQViuJOvGz21DrF_wM20XhpRliOdb3U750ik7jfaZ-AE87EvgppwQarnproS7YivXIIGivOyO-diJluU1rh6_cxf8pntgN-p52Yx1V3wQ33yCDH0m0w8GiqJ0M7lJi7wekM3fB7gDx_UgPWZhN9NCKT-u4nN4WgbvLGWd-Tvvb1LeEcggAVa0VgxEHGrWnCQFJ7T9bjQlD_tjh4k0SmGO5b1D3fwkCvs6r5w_wy3QfQsiiOJZXiOrxXj7wuhleCSkktrx7fOgxBrm810kzpjOert1vL29DUqZjNBdCW_H-Oed7RbzDtJMmOzlSBhkK6xWJkBb3eibbuWY4YthkSghGipg-XVdQRQff8OpIUkcaNp2UFkN1bTVB_SR_ot5L1ibF05g9P52YTkDlcg5wOnh8-8bjbMRRoiIzf9uY2p_tJwV47kPyI8SRBjpG66dxoGdLy9Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
a.audrte.com/ Frame 1298
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7250623845282102256
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 1298
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=&google_gid=CAESEJvJU8T9HicpeuDR-DQouYI&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 1298 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ptrack
a.audrte.com/ Frame 6256 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.107&p=M1353665098&artime=2022-07-24T04:44:58.699Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
52e1b59467c38275e8528ce053be985ed7d5bf29b21bd4e4db70ac7f72f8a1a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 6256 		155 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 23 Jul 2022 10:05:00 GMT
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
age
67199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
6RJdVgIfRmfySzxK-qbGh4f18qLTFBjCSmkhI530-LJABtY96MoIlQ==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A470 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 04:44:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E529 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=571492599743351&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C38 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=2285910530696082&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame 7A86 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 12:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
145820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Jul 2023 12:14:38 GMT
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame 5F39 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 12:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
145820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Jul 2023 12:14:38 GMT
data
bcp.crwdcntrl.net/6/ Frame 6256 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.26.10
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
j-6632556-3459938.js
cdn.flashtalking.com/xre/663/6632556/3459938/js/ Frame 9061 		84 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/663/6632556/3459938/js/j-6632556-3459938.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/1095264/64280668/imp/1/171905;6632556;201;js;HPH;HPHGoogleWeightedConversionsStandardBannerDLBD728x90CPMPCCDoBHVDSPLYPROGNiroSG2/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=zdorovia.com.ua&ft_agentEnv=0&ft_referrer=http%3A%2F%2Fzdorovia.com.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=97618.43131579306&adsafe_preview=${IS_PREVIEW}&adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D2751417942%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1658637897%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1658637897175%26bpp%3D6%26bdt%3D1056%26idt%3D250%26shv%3Dr20220721%26mjsv%3Dm202207190101%26ptt%3D9%26saldr%3Daa%26correlator%3D8688755512937%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D1471403332.1658637896%26ga_sid%3D1658637896%26ga_hid%3D467089946%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C44763505%252C44761793%252C44764001%252C31067825%252C31064019%26oid%3D2%26pvsid%3D571492599743351%26tmod%3D703096804%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.nqlvn7t9jq4j%26fsb%3D1%26dtd%3D265&adsafe_type=d&adsafe_jsinfo=,id:5a5667f5-80d3-4de5-9e07-ee89bdaccea8,c:jfYXOx,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-69659766b-9mgqg,rg:ie,pt:1-5-15,mu:10000,br:c,an:n,oam:0,nbld:0,mtim:3,mot:0,app:0,maw:0,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:38,oid:5ee5fdb3-0b0b-11ed-bd74-8ef38aebc4bf,v:19.8.327,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
98c90495a3546a4571818cdc6b1d499d334dba910f9b5e355127fa35f3858f52

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jul 2022 16:13:51 GMT
Server
Flashtalking (AKA)
ETag
W/"7ad4f42df42e83286ba972914fc8df6c"
Vary
Accept-Encoding
X-Varnish
1033608757
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Content-Length
20755
Expires
Sun, 24 Jul 2022 05:04:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4482 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
18921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 23:29:37 GMT
expires
Sun, 23 Jul 2023 23:29:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1201 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dcbba3268cddc640779c17d22508771332e21bc4b2376a7ce88dc95d64b266c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KIswt3dG2SewB-u-4q2_pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-KIswt3dG2SewB-u-4q2_pA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:58 GMT
expires
Sun, 24 Jul 2022 04:44:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 85B4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
18921
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 23:29:37 GMT
expires
Sun, 23 Jul 2023 23:29:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CBE6 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ce1838f5b2b77392d7a94d2adebe366dfdf9c348e02b8894e9d286ab0f79020d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YgiSrrEm1C-JqUEyEIxwcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-YgiSrrEm1C-JqUEyEIxwcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 04:44:58 GMT
expires
Sun, 24 Jul 2022 04:44:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
p
a.audrte.com/ Frame 6256
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=&google_gid=CAESEJvJU8T9HicpeuDR-DQouYI&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 6256
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7250623845282102256
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 6256 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ptrack
a.audrte.com/ Frame 1409 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.107&p=M1353665098&artime=2022-07-24T04:44:58.849Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f430ba97631fa44ee9b7b51d119d57d584de986257c84aa097c87fae81336f09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 1409 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 23 Jul 2022 10:05:00 GMT
via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
age
67199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
x-amz-cf-id
Qxkqbbk94Ez81WonwbKOQ5IP1HRdtF3xSgA21I59pCL6JAcAIuiXhg==
data
bcp.crwdcntrl.net/6/ Frame 1409 		20 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.48.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-48-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.17.75
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
sodar
pagead2.googlesyndication.com/pagead/ Frame 1201 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=4049507553015328&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame CBE6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220721&jk=3581320966944015&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame 4482 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 12:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
145820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Jul 2023 12:14:38 GMT
sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
pagead2.googlesyndication.com/bg/ Frame 85B4 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 12:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
145820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13883
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Jul 2023 12:14:38 GMT
p
a.audrte.com/ Frame 1409
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7250623845282102256
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 1409
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=&google_gid=CAESEJvJU8T9HicpeuDR-DQouYI&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
18.210.31.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-31-151.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 1409 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3i86I5f57Q6THmQzhvZDvG0HQ&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
dt
dt.adsafeprotected.com/ Frame 9061 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095264&asId=5a5667f5-80d3-4de5-9e07-ee89bdaccea8&tv=%7Bc:jfYXXg,pingTime:-10,time:578,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1658637898997%7C%7C00571b4aef307024dd0fb4d53e21aee3%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C9688bfe4187d9db93d4b544881be3f12%7C%7Cc6be35db8d13b7efd37f4f458e4ac9e5%7C%7Cc45fb1a55dbc2656d5a64bbc0fc73f5c%7C%7C31cc5034cfef01e20aca305c4fc895ed%7C%7Ca69dc8472ced9f3841a783a0e9a40335%7C%7C1629390669%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:698a:3145:8fbd:bb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 5F39 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ogypYg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 7A86 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JFNjrg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
index.html
cdn.flashtalking.com/142364/3459938/ Frame 87D9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/142364/3459938/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/663/6632556/3459938/js/j-6632556-3459938.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
c24d753a6ebfa39bde3fe7a8310dbabb2c8a0c5c1aa31dd9216bbf19afb8c968

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
keep-alive
Content-Encoding
gzip
Content-Length
761
Content-Type
text/html
Date
Sun, 24 Jul 2022 04:44:59 GMT
ETag
W/"4d2626e529ea68b82e00aea5f9817e04"
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Last-Modified
Tue, 25 May 2021 08:43:38 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-Varnish
789997736
B28121574.340331809;dc_pre=CKPSrtbbkPkCFS-I_QcdQ68Faw;dc_trk_aid=532086528;dc_trk_cid=174450999;ord=1658637898;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/ Frame 9061
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B28121574.340331809;dc_trk_aid=532086528;dc_trk_cid=174450999;ord=1658637898;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
  • https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B28121574.340331809;dc_pre=CKPSrtbbkPkCFS-I_QcdQ68Faw;dc_trk_aid=532086528;dc_trk_cid=174450999;ord=1658637898;dc_lat=;dc_rdid...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B28121574.340331809;dc_pre=CKPSrtbbkPkCFS-I_QcdQ68Faw;dc_trk_aid=532086528;dc_trk_cid=174450999;ord=1658637898;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&950394791
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B28121574.340331809;dc_pre=CKPSrtbbkPkCFS-I_QcdQ68Faw;dc_trk_aid=532086528;dc_trk_cid=174450999;ord=1658637898;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&950394791
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7B76 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
52784
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 14:05:15 GMT
etag
48472445140208031
expires
Sun, 24 Jul 2022 14:05:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9061 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c817911e2610a0b53b5da708720886470d4a26cb7afe0fd0e73a75a1fe2a6aa

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
/
onetag-sys.com/usync/ Frame 4AC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C27E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=40777
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 24 Jul 2022 04:44:59 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 24 Jul 2022 16:04:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame 3D3D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:59 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Jul 2022 04:44:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
csync
sync.adtelligent.com/ Frame ABF2 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
43
Content-Type
image/gif
dt
dt.adsafeprotected.com/ Frame 9061 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095264&asId=5a5667f5-80d3-4de5-9e07-ee89bdaccea8&tv=%7Bc:jfYY0q,pingTime:-3,time:774,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:37%7D,%7Bpiv:0,vs:o,r:r,w:728,h:90,t:765%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:774,n:765,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,bkn:%7Bpiv:%5B759~1%5D,as:%5B759~na.na%5D%7D%7D,%7Bsl:o,t:765,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B9~0%5D,as:%5B9~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:698a:3145:8fbd:bb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A37 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=40777
content-encoding
gzip
content-length
5549
content-type
text/html
date
Sun, 24 Jul 2022 04:44:59 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 24 Jul 2022 16:04:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame 8AAC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 04:44:59 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 24 Jul 2022 04:44:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame D6D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 4000 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:58 GMT
Server
VertaMedia 1.0
Etag
9e5feeef637c5eaf
Content-Length
43
Content-Type
image/gif
style.css
cdn.flashtalking.com/142364/3459938/ Frame 87D9 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/142364/3459938/style.css
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459938/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
3cf850f22514602ed144862a4da9caed752b580dc542a59943f39286d2cafb6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Tue, 25 May 2021 08:43:38 GMT
Server
Flashtalking (AKA)
ETag
W/"c4021c3b539383a40d5e3995fa842519"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
221779166 221808210
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
1831
Expires
Sun, 24 Jul 2022 05:04:59 GMT
TweenMax.min.js
cdn.flashtalking.com/frameworks/js/gsap/latest/ Frame 87D9 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/latest/TweenMax.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459938/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Oct 2019 20:28:46 GMT
Server
Flashtalking (AKA)
ETag
W/"1cdb51ec2f59b803cdcda4ded3c188f8"
Vary
Accept-Encoding
X-Varnish
559813186 549009719
Cache-Control
max-age=71967
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
39762
Expires
Mon, 25 Jul 2022 00:44:26 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 87D9 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459938/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 15:35:29 GMT
Server
Flashtalking (AKA)
ETag
W/"db3a9e799b66fd834e149105a04e7840"
Vary
Accept-Encoding
X-Varnish
1020921218 1014136908
Cache-Control
max-age=71922
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
31158
Expires
Mon, 25 Jul 2022 00:43:41 GMT
jquery-3.3.1.min.js
cdn.flashtalking.com/frameworks/js/jquery/ Frame 87D9 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/jquery/jquery-3.3.1.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459938/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jan 2018 19:55:39 GMT
Server
Flashtalking (AKA)
ETag
W/"a09e13ee94d51c524b7e2a728c7d4039"
Vary
Accept-Encoding
X-Varnish
960925790 959898035
Cache-Control
max-age=72817
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
30351
Expires
Mon, 25 Jul 2022 00:58:36 GMT
main.js
cdn.flashtalking.com/142364/3459938/ Frame 87D9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/142364/3459938/main.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459938/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e2658e5ca7730f48183a2e9361428c89bea5ad195145319f6850f4c5b5e0770a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
1042
Last-Modified
Tue, 25 May 2021 08:43:38 GMT
Server
Flashtalking (AKA)
ETag
W/"9e8531efa63753d311beeb5cfc611fe4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
1036689260
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Sun, 24 Jul 2022 05:04:59 GMT
generate_204
tpc.googlesyndication.com/ Frame 4482 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fqtv1Q
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 85B4 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?z5dd8A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dpixel
cms.quantserve.com/ Frame 7B76 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFOVuccyJGwvLqlAf8OAq0o&google_cver=1&google_push=AehlK4BbpEvIl3OzaJATAeMo2GAKIqzibci6osCn2t6TUNB5Z2TVJdnDSBbBItK04Jv_bAnC1k9iM5UF2QPiLRcy5wKCuidyBw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7B76
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEC9p3cehmSl5v7CiVve0trg&google_cver=1&google_push=AehlK4BMTXidEFWojghw2P2NopqmMcxgDsmvS7KsTc7_7OR3SQkrzjeMkMG-ArUg4AAkGZv_EHU3sM1IMYZi88JtaFXMLSzxzgw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BMTXidEFWojghw2P2NopqmMcxgDsmvS7KsTc7_7OR3SQkrzjeMkMG-ArUg4AAkGZv_EHU3sM1IMYZi88JtaFXMLSzxzgw&google_hm=Q0FFU0VDOXAzY2VobVNsNX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BMTXidEFWojghw2P2NopqmMcxgDsmvS7KsTc7_7OR3SQkrzjeMkMG-ArUg4AAkGZv_EHU3sM1IMYZi88JtaFXMLSzxzgw&google_hm=Q0FFU0VDOXAzY2VobVNsNXY3Q2lWdmUwdHJn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 04:44:59 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BMTXidEFWojghw2P2NopqmMcxgDsmvS7KsTc7_7OR3SQkrzjeMkMG-ArUg4AAkGZv_EHU3sM1IMYZi88JtaFXMLSzxzgw&google_hm=Q0FFU0VDOXAzY2VobVNsNXY3Q2lWdmUwdHJn
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 7B76 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMLR-KNaNopJ9UhZLC_hY0s&google_cver=1&google_push=AehlK4DdP8YYWSGjeDzb3oQB1Uo62-lRIjK8MMLev4gqrSzxx4L8zKqtH5zTVpLZrhpp_lYbB4ZURwkKPbtwvNRol121fZr4nB4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
i4l6naqg1l5q51q1ucvocsabpk4rlb85
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 7B76 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOjI0087SCl-fvsP9mO4Ie0&google_cver=1&google_push=AehlK4AdlWjNpCxIngCuNpjiHL-hzN_j1oItS86Uc9U3dMy0BkeRem5Oo2MUtRlJxEoqVIp6jJQZ9jRge5TireEaUkJEreTIQqw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7B76
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELGbxd5w-YA6mtjj-jRMJus&google_cver=1&google_push=AehlK4Arv2GiLGAovRty7IqQ_w4njQyk2JsGLLI77fBOLEGbpRZWd7GM4dX48o1m5fGvPpBeQd1...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZVTZJMU8tMi1CRTVS&google_push=AehlK4Arv2GiLGAovRty7IqQ_w4njQyk2JsGLLI77fBOLEGbpRZWd7GM4dX48o1m5fGvPpBeQd17TGRmrqAXoonfiG7mEoALsV0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZVTZJMU8tMi1CRTVS&google_push=AehlK4Arv2GiLGAovRty7IqQ_w4njQyk2JsGLLI77fBOLEGbpRZWd7GM4dX48o1m5fGvPpBeQd17TGRmrqAXoonfiG7mEoALsV0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVZVTZJMU8tMi1CRTVS&google_push=AehlK4Arv2GiLGAovRty7IqQ_w4njQyk2JsGLLI77fBOLEGbpRZWd7GM4dX48o1m5fGvPpBeQd17TGRmrqAXoonfiG7mEoALsV0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7B76
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK-P5Y13jlH2-jMajLZ91Sw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-P5Y13jlH2-jMajLZ91Sw&google_hm=YtzOSCIS9mHvAGg-9CuxjwAAERcAAAAB&google_nid=index&google_push=AehlK4AN_mQRJL-X_KDNUuV_NS3TDTNX2Prmb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-P5Y13jlH2-jMajLZ91Sw&google_hm=YtzOSCIS9mHvAGg-9CuxjwAAERcAAAAB&google_nid=index&google_push=AehlK4AN_mQRJL-X_KDNUuV_NS3TDTNX2PrmbkCWTm3lZ0xJg3YwBrnl9Mm_gjeZ1Z6w69WgwQrDOcXqFIPuHT9L1ZVMBRvE3vo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ED30GWqDbzDPRGRzMe%2BA9yBI0wE5TV8vMYYzdObt0usokxXuPcCwUemw7S3c0Yy7zXIwhiiuxNg%2FmVJjJ3y0TzA5VBLXk6KAijscNvwIIsZQ1NJ%2BSmDFGV%2BeGkgCcXUZvS0MhulTTTwa5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK-P5Y13jlH2-jMajLZ91Sw&google_hm=YtzOSCIS9mHvAGg-9CuxjwAAERcAAAAB&google_nid=index&google_push=AehlK4AN_mQRJL-X_KDNUuV_NS3TDTNX2PrmbkCWTm3lZ0xJg3YwBrnl9Mm_gjeZ1Z6w69WgwQrDOcXqFIPuHT9L1ZVMBRvE3vo
cache-control
no-cache
cf-ray
72fa00f6980b71e0-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 7B76 		43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGltOPBjtUVRe5i5bXpN_PU&google_cver=1&google_push=AehlK4DEntJFq6aMzx_aXvqRarE8JGBCISV7h0SNRsN5s6ucwTEqA_evl57UFPCL_-d0QXRuhilPKZ3SsE768EDdZkPOje4VqYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 7B76 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvKJy5lJOJLWKyJ6-QZfBWfQcRH3dtjM5KJXnrbKwE0p8Bwm-immP8Pm8WS9E9NBjAyWNh
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1658637897&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658637897175&bpp=6&bdt=1056&idt=250&shv=r20220721&mjsv=m202207190101&ptt=9&saldr=aa&correlator=8688755512937&frm=23&ife=5&pv=2&ga_vid=1471403332.1658637896&ga_sid=1658637896&ga_hid=467089946&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C44761793%2C44764001%2C31067825%2C31064019&oid=2&pvsid=571492599743351&tmod=703096804&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.nqlvn7t9jq4j&fsb=1&dtd=265
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:44:59 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame 3D3D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33138
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sun, 24 Jul 2022 13:57:17 GMT
usync.js
eus.rubiconproject.com/ Frame 8AAC 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-200-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33138
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sun, 24 Jul 2022 13:57:17 GMT
khaos.jpg
token.rubiconproject.com/ Frame 3D3D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 8AAC 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
sync.php
pixel.rubiconproject.com/exchange/ Frame 3D3D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
manifest.js
cdn.flashtalking.com/142364/3459938/ Frame 87D9 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/142364/3459938/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
2a874941fabbe5b9c7f5854d103387cc4c32a06f7e2c7c81444633460eb4259c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
326
Last-Modified
Tue, 25 May 2021 08:43:38 GMT
Server
Flashtalking (AKA)
ETag
W/"b9d470032e1bb45a5113fb31e788ca84"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
359952812 360551393
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Sun, 24 Jul 2022 05:04:59 GMT
mv26817354.json
cdn.flashtalking.com/142364/ Frame 87D9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/142364/mv26817354.json?cb=703289524
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0a5484cbe12adb89345de750f3ccf8f79fdd46215fb582482f71bad4cbb75b9d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-meta-creative-id
3459938
Connection
keep-alive
x-amz-meta-creative-library-id
142364
Content-Length
325
Last-Modified
Tue, 08 Feb 2022 11:16:49 GMT
Server
Flashtalking (AKA)
ETag
W/"f4bec526abf0d00b6147dbc4234b967d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
7238584
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
x-amz-meta-ad-type
HTML_onpage
x-amz-meta-version-id
26817354
Accept-Ranges
bytes
Content-Type
application/json
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_EV6_Silver_DM_F1_Img_728x90.jpg
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_EV6_Silver_DM_F1_Img_728x90.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
c5f66860cf3401f84e99aed75cebadc62a8dd51a0e4442ae9d13c06633e88e2c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Mon, 24 Jan 2022 17:19:44 GMT
Server
Flashtalking (AKA)
ETag
W/"a304278e0c213c293dddc9ea2a2e7941"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
343522863
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
25250
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_EV6_Silver_DM_F1_Txt_728x90.png
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_EV6_Silver_DM_F1_Txt_728x90.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
600f7813fa24166524142bd0a13be2db64c012c353a274a978e85d43d68f2f29

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Mon, 24 Jan 2022 17:19:44 GMT
Server
Flashtalking (AKA)
ETag
W/"c7b2e186e61b6add7bebd5d79dc27725"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
408487838
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4198
Expires
Sun, 24 Jul 2022 05:04:59 GMT
kiaLogo_white.png
cdn.flashtalking.com/142364/3459938/images/ Frame 87D9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/3459938/images/kiaLogo_white.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
56ebfd621741401da5b27289fa3f12f1e6364609466e49989666d355429219d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Tue, 25 May 2021 08:43:38 GMT
Server
Flashtalking (AKA)
ETag
W/"5c1f60c2cbaae1fe01a47744d9c57eab"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
58886026 58378293
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1642
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_EV6_Silver_DM_F2_Img_728x90.jpg
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_EV6_Silver_DM_F2_Img_728x90.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
b3f6e920157c30a004b4c6c840470829214a6d8c5b1e92d2715008362fd44038

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Tue, 14 Dec 2021 15:10:34 GMT
Server
Flashtalking (AKA)
ETag
W/"242e3e8046c44be9991bd00a3b8b9073"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
1004704780
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
31072
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_EV6_Silver_DM_F2_Txt_728x90.png
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_EV6_Silver_DM_F2_Txt_728x90.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
463e754c66aea8720b023ae9cc2065aeb46be40ad8a4376766d10d393fdbe76d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Mon, 24 Jan 2022 17:19:44 GMT
Server
Flashtalking (AKA)
ETag
W/"9e476999571efcf61fca140f3fb7bb93"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
346199297
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4493
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_EV6_Silver_DM_F3_Img_728x90.jpg
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_EV6_Silver_DM_F3_Img_728x90.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
d887b8ff91f9b74d7b220fbf4091d63d10395dcb3891f2571f03f1ff13493e65

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Tue, 14 Dec 2021 15:10:34 GMT
Server
Flashtalking (AKA)
ETag
W/"a60c0292d60b483d495f79132214d9b2"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
1001863485
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
28529
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_EV6_Silver_DM_F3_Txt_728x90.png
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_EV6_Silver_DM_F3_Txt_728x90.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
00bf59f55d43d283ebdb708a1af2f358a0ccff19c0a3bf794f1023503911d241

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Tue, 14 Dec 2021 15:10:34 GMT
Server
Flashtalking (AKA)
ETag
W/"4d93bf0f482a5be7ce5792cbe5c9e8b4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
965865293
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
6339
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_EV6_Silver_DM_F4_Img_728x90.jpg
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_EV6_Silver_DM_F4_Img_728x90.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
35e73d4f108582632f411c4f61edfb3fe874dcfa3c18e47f93b94e1712c3925b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Tue, 14 Dec 2021 15:10:34 GMT
Server
Flashtalking (AKA)
ETag
W/"cf8fb5535fcd6388ff6bc6eb555d1efa"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
677535891
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
26206
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_EV6_Silver_DM_F4_Txt_728x90.png
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_EV6_Silver_DM_F4_Txt_728x90.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
600f7813fa24166524142bd0a13be2db64c012c353a274a978e85d43d68f2f29

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Tue, 14 Dec 2021 15:10:34 GMT
Server
Flashtalking (AKA)
ETag
W/"c7b2e186e61b6add7bebd5d79dc27725"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
1001863487
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4198
Expires
Sun, 24 Jul 2022 05:04:59 GMT
Q122_CTA_Square_DM_728x90.png
cdn.flashtalking.com/142364/instantAssets/ Frame 87D9 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/142364/instantAssets/Q122_CTA_Square_DM_728x90.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.108.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-108-56.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
efa16140fcc62094da6354c287e49c888d2dcf1f9fb230872cbae8be3ca57ee9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://cdn.flashtalking.com/142364/3459938/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 04:44:59 GMT
Last-Modified
Tue, 14 Dec 2021 15:10:34 GMT
Server
Flashtalking (AKA)
ETag
W/"246fe1184ef426d61b754b2886eeec0a"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
965670055
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
10283
Expires
Sun, 24 Jul 2022 05:04:59 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5883 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpByM2RLWizMh2xKuFe5JZzw5ZZn6Vksz0UuYZI26ODUuwdO_ZyD2Or1-sA-elMEpNfYghUm7-7cYsn94gXuJJCJ6fDkX0INNysmZAjMY9KPUx0L8vrp4to46aKZrwg8Jc39bMm4SCJnF3hebcSfM_7H-xfOYsVATlOFl6IzOw1B0kiszsMVKNvw_OZgmywe5ulI5oBoS4viFsJrdo6VNeibSCesS2IRqZAy9nARn69wGVnlGIkfvL0skVhFXFiRfRCzGT_TxVHQaTZVHTs_tjKlpoDppouxaiFBqMkxIqW1N_Y-bzvqT-4CzlRkLfG4AZbDoAHcXB88XIvz6HogWWK4nWC6JwuijAsZtucor0l-gqHUnrxBjgl7muwflv9puxAQtPnPtKsSvyjronQ1V69cmLmBvLLWQHdxqiLSDh-uuqZvBi573V7uodZ2SsiLmS-RlZCrS6hD2Gpwwr-SUwsbpl0YeDLMlPkXH-weCSncijMrXMFDos7EtT5GczIUBpj3B6laJVKfQabsLpEuiECNxdW5dHXJD59SNQ8k_SOJ86kFFMTNJBq1s21Twz61hFHg5V9A9Wq5cFiUQJcjFf64F_5Q1ar-zHPuAclwb1gk5JEpv_ha_JTXd2xint1vQ3fqQ97vh7n5E-_LiHmkQTaeFKS4XFcy864UNtnZWwo9tCAdaUNwzpiIv6mZDxosJYD1slDqrWW_dCf1rhWPo05wfUDCpPrA51UgDr2a38mBooPGO9XDu9_q08BT8RBYTcza88-RSr6XtlYNFQW7xEJfYL4sC43vSW_qnzoHPsH-jzogjhEyAnj6q0t70j1tw9dhwQD6-ZNyY7ASdBIstsZsFYHJ8NaBNzk3bWIMaTA7_-wHwdXxxVNxMQ33EIIvHO2Z74J1zWGWwp3TQIb6ZkJk3wrFEdC7lAgCZ9alW9zbXp0qPb09WwfD0qstP5EK741kiVOoWvDVT-4VCWydHIVb5mN0Nra6LhdWBGKG3qwIx6DM25YVYuC4YeKjUr0LnXn5HaiW8uzp4sPJzhu_kGirk4JKHQ4LMOEeMTKWnkgV-2h2UiuK1NP5ZcywCNuRl4k5cF2Kz9p-ZLcUczZgapRdlgucOcTUWlmMjLjDrB8-MXtZLItlzZ3rP6T7-pC37VslRkRbH7ZOF9PNJ1vhf4LIOfKdnmf3OGivbIsBbtgZabB2uLvIZfygKQjjf1atR6VKGsdqKUzAl7A1QCU5e1RIALJDmeJaL31MQgyVWYuv0owRgSfO7aV8tjquq3_ob-qSt8hwFvbREzp55yQSMBKDNp4ZALuxRx1af9suslbTobzfl4gPznC1H7fB5K_5iJXbah&sai=AMfl-YTEmeuX3GzfLZRAz2V-rNw4s3tqgc6PQG8KrKqBXPxZmqz0DjSs0UjT25Zpzeuy-9iY-PF5_fT8wubWkj15npSk8TX_3OjDaKzsP7V28imyB1FLdTQS&sig=Cg0ArKJSzHyWsmgBIXzaEAE&cid=CAASF-Ro_eLTMz_IBnDr9taq00T75XxXoMgi&id=lidar2&mcvt=1016&p=0,0,600,160&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1974494150&rs=2&la=0&cr=0&vs=4&r=v&rst=1658637897950&rpt=582&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A951 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD6wyDVYS803cLD3RUfX2vjFW4C-Y5YolZO2GFPPCmThv6T81Yt68XMFIglOfVvaLqZte0L8b6llaqgIGy8JyJvnm-iOsOhXiWxfNm8bdsDgy5SIQAJNah4QVeVCP3rdWnmdvpTnzz-LYf8xG3N9WePQbn1-SknNvd3Voy_1UUA0ic73tZyHNVJq_stP0F6Eqx5wKoiJ3PDCuFTPO2R76B92toAJ_h4NpriEAAejmj8-7V_A-4CpYz8gcY4QqjPqr47tpXOFTRZAz8i1neYD6njdciQsAelx9zvpp46OF7fmuXVZ0kI_TQXupdSkyJQzyGFDeyrfAhUFku8H1fUQtv9Td-OmMngF43qomYQ9DwqzraygTEuA54hG7KJWlCCL_zuEPmh-SFNe-NNjk1eg9Gu6JImaxGzsHm9Ulbah3f39PgkW2DncxgiZH_yweUj9u6y6SyZ1WCBQzYtbcRc0eIvvvOethmk6V7NDbAyqAF55GL-SlcHkMPkn8_ucai5TFJ1EaCOv8S91F3H1ziGcRONyLXYqu3RtC-QgE_pMgc-JAVtfcMDcnWQKfK81ZjvZLb2Tt9DVqB6VnpEZTiOeIECbiRNiWyDp5zln4BNcnuUVZ8PkpWHxD2GpMfdphrjW1VdA9wv22G1ZW33dOrapHTl32irahCM3tOlb1RsdbSraWk2Lt7OfUQky1nEpZhD9EqgH0rdzzPWLYSp42vDJpw_O0b3gtNknp0B8pb0gOcJIk02dFV1VY_rILx1XBA0kpVFp51OynxbrhTOOtWEHqCmXjg3Yn3DtrEk_biZfTcq3iBX16M_hgUKf1zWrcESP6a6nQFM9usDBc_1jEw5WVHJE3Ljh7wapt4AODu_uhQeV1h4PXdTK8ZGg2b0NNr_hDrwKAhb5vGm4xRrSYoyGkKaZt83iPDVznUuw0bUCtBPdj41LmYild7ub2flpnxY2VojKac8XHVn-9GXTYxNk9KEvBxQlifDJNdM8wgUDXlikn7hS1Oy5qC275ELL-6219hv37i__MF3noyf-9wpT1DNoVpYLHdbABUCRL5EE9lHN0DFwjyyHm8FrQPC_vZXFyCPWw13c8Jl_o-vmdu6Fcz1sfRHJGaOTBVxnpRZ5YH1DhZKBlNnnD6EdzGl97jij2AtsfHa4sQX0qwwx7b6ebZGlCCwsZgZ5ovLYGz-X6iuVe5smti17YxOn-JzcFTSFtWN4J3jsCBISTs-Vu3AlG-rj2qLcOangq8OIWXoV7excPfxScLE_8oAUo2CYJ0rLn5hegTub1p5euGB5W4J90yhmnQ_EiAH-KRcto1YAsEEjcHHIpxNfzxVH7O6Q9UKzgxS_Q&sai=AMfl-YTGjqsjbyAc-T1EpVE9U5tO-Dn_iJf8IrhJtIMp-3datGaFp9uZBmxY78toriyCQV0GcHLk2Jsd3BPwtgCJDPLianpOQMTXt4uoaBpNUfY8eTqvUCAz&sig=Cg0ArKJSzO2FFFJnvShKEAE&cid=CAASF-RoziAQbamWGQscFJGM8EcsDRS3KH6S&id=lidar2&mcvt=1020&p=0,0,600,160&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1620915178&rs=2&la=0&cr=0&vs=4&r=v&rst=1658637897929&rpt=589&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:44:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1E3A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=571492599743351&bg=!6-il6KzNAAacadVKvGk7ACkAdvg8Wjb52wyUfPYMVHSSBGip3Ujij_3aAL733D4GL-0PEtCqZKhAOAIAAAEVUgAAAANoAQcKAMs_q9PY0x7JPMKBU7avGsGkarDkV5xtP11iV5zo_FnnFFaHY2fgkya2awZ56SUowmcFLRydEoDoG2NYpmf3n4ZDa3K9AecTFnlnE_ylauJFrsAZwmXC0Lua9i8sVb1J7PG8HBPvLpEUlBidfseJPx5aGYPrcZgFtHvkYZHG6AFJVM9yWpkPui_wJ261HQjPy01Li9ZizHcOVXKZmxxf7Of14gDybcOBARzsqQ_VZPIfXCJSVkRqeMhSG0tDyyM6PnK5QVlNCl6GGnT5WZkCucnnmJ0oGhBP6myBd6SmdMlhzWjmhDkzP1FDvDOsDrdTuGUJ8i4KbIL7Q4Fz3GHSjHD34TK66GVxQzEy07Z96qhTXc3zVwlI4j48GhaOJrNAv1UuMCqr3LB7Sy9bWyao2z-uPETYxIcqfnRxVMEgsQNL-eprnzKW_jLSnayEchdlKUZM0jSLhb8-6dzDzOGsEguaapRYJ-siG4o1JRGEnlsmGYLD68bpVp6JQb67giJzGssfL6YcgP8p8A19aULlPk4EL0Lio1MEEvuZcILr9m5hF61sTeAyj6Qdhl_jIBkodL5N2e2Vrh14_Rpw6E5RDnQZiOxny9N41eBD9jlfXSPl8K_AECrk1lNBccECnG_KZmaIt4L2QoAVRp0-TFYr2IbgX7eN64WPZR942A5PwNlMpelgl6DXYLosgUH9kXrI-hKwRVHo62NCUSRX11KmX02vl_6UrrQdny2KHT070z7IESy39yMBr_kJUUepY9Q7TeSgj0O3OZHx9P73iwrsnpkQkeHGcjxn0srr-mZc7FIUq2U7dheDw2aeGjHRvhDCfZdhv_C1kIoYiQPrbEkf8IiKCsnxu_mnqJonlp3Yu_MAnqSlKQQgx_7EfosQ5lk2F39AvbjDSUY2x3eOBkGvcjKrIO_dheCZGY2MS86AGQzAg9M1f0I6Bd-FYPktZAXi2SWiMmBut2Q3IqzvQfVwwVR4edZmgpIQEhxuv7VnZoQSA-35_LqIZEOw3hTx3HLvDhXOIPCJdF9IQWrGWOQVERKMIfS4SXfyJty2hqfTnGc8JiyoZ1QAshaURqQuyp8JCPbOaL22JkLjbXA4iuyO62NDz3IIlPlSh517cGDmiOlheBB5zOLhLAPH96fjpthcDsr4zOeWjGW8-uD2PVinqcSRp3l9plnViYPE6J8Na44uH2oWlDXshRs
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 00C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=2285910530696082&bg=!r6ylrOjNAAacadVKvGk7ACkAdvg8Wu71U2HpfXCBAVw32VuFLAhakU0I_32hO5TKlISyfkSS1p41OgIAAAEAUgAAAAJoAQcKACkh1UkMcNen8AVFvZVJH9GMJuyYrBWXN9xjg-FKXliumD6e4n7jNLaAS5kCzC15ImtlnPfNauFeXO7d713aMARThvIqkSY3U9Ows3fjZB6TnFAe9dnoZrfJGV5hHspsV8kellnhmRhjE1_uj2WVJJsteADcUwdPNzSnnxN9F5o_XHfsmDtJhB1NkSq_ikPmfG8NlbloOQXRcefMMN9yaXNBF0l5FsRMDvl_-KC5YQKdJBSgPIGwiZq2KvVk1z7klcYYooTY3E5iSjRj1eP_dMqcFtlbSdfohVQesJVBVNAjFJS6yh-NZyi1D0kozYLghUwN46y7qAhxc8Zvm3WiBYkzPmHErHlUTnapYr3_0kZFT7sZjhDYtUzAHzztSSoBjddWmx-8lWy2HLqpekDug6M-44B0ONsRokjlHzPH7sqGFqhY_LPJZ0U6MRJdkfG9gA9q0QlHhmTyBQK_e3wUUSHkE9b5VJ4cPmsceNleftA3sMlqiGj_-Bu3s5D7JbSdBm2_8t1RE9GLD7VtvsQWRTtgCpIxTbJeJFhOPEWrmfLTBqhxrWLXd7vK85juxzdupGJQRRmLsmBrIUDMfOaXMGmxG_3r8OLuOd_EJCQSssVqn0Li4y0JVMtkeZXAETw4z9kkTYMlQ91kBDWk1CRB-zAsk4Sm3moLBAZhuYXYKnFEkRBhxpes2k4PXbiOUTUQT6dx9KaSuRvOXMHdKhQUTdHSLYTb5YkoSIqmSsdnUqFcCUHq6i12vqumh0KiTCrYfZCvRgNYOzzSohjtRrFpYj2z6E2l20hm2R-Hczz-J0goh8uIxlE2EW1THP43O0noUeUPmzCXg7L-Du8E2IpqyRhdaWcPJnlFcmiH5fORXcim3DR4g_VU1VFXdAFQskV1IgUl1E-pwz9SKtTud9q5XGfzJWw6ldChDEdduY6CbUoPPWy6qGZFcY5e7dNOl-Jw-B4vIIut0h3plx67PysDmV6bvFWEDEGwVLoopoVz5oT8IxfOnIhlAwTZ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5D61 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=4049507553015328&bg=!xMelx4PNAAacadVKvGk7ACkAdvg8Wuv6JS5pivaLDGAdCvPJv2UH0bOB3IeKiRYdahnJdP2Gy6ZU2wIAAAETUgAAAANoAQeZAs2AjvZqpJiQntSZcZvFExE1NUCVV72fwaaJFQJX26w7-9Xvsn2Bx9e68ja2sQOuQ88EPRa2Y4M5mseL42Be0GrywJWXjg6G2A_E5OdSzzt_OIl-fgHk03cf6B_zGUyVL4Ecc9TMyxDcOlHDhBKD1NRfHnID26PJmY1kVuCrEAyMS3ywoA-iLjE1L5iicbDoN1EaRsfJUSvTXRKAVjAPC_waJlUSHB11q6ju5EzKdoduU7wJ9Gv0UoGBQrq7zOnayBLATGtnxwsSlmNNMu2KK8kb_jyUHslhuoZwiYdZ-Yc-IVBFS-CLREobPS-1NsHfubrbe1aWFGKayPHHxLeEBmRaowWxPlmKARSMTrofTODlXNCTbk6c7fERk9xSfKd-VNOHGMvOZIVpsuzUHbi1-Q_KjQxsI8TLtVw7ajKK5p6Ht9GovRyC_M0J9oX0B42XdJ0Z0dE6wnhKTraLBKU4-OaAKaOgHQBfSKJaHwwqWNosqBBM9YZd7Iqi7ZUrTjKwv2rbxF_OZN7t8c7Zv-dqBg1taI2UQK5CFt4j1ymt7jQjT5IStrEZs_cLSwPekoGjhYHgwCObexw1n9KyQpM055loGzPRWHmguaPt-btEVBXPKBQqNASNQJ68uYlXoiizFBkCVRNHyX-GreLWMQWRKICUNBrGyW2Z2i8GbOad2J3j6dvY0MhVmkggnl2ZY7fzk7i4qLZnq1OuACILcO6YXf1yAgyAyBSF2b4iGIv28Epmi-Iqz91RFDSZUZuWjnoTYUCMrGeDinbCqyFX-vvFbDbnmveXrMbl5lOTWzgaTIjdv-3bnkCiaLhUy6jjH-AFDo3DoL27Ro7TF5rcBHCWcQt5In0knAVJHV9eoErOakEb9eM22BPrGreZEKVJetNV_Thcbf4ZpSRn11LN5MTJE0PemoeYTj88QvNcR_ySrBTY90OFtIsnVV8SZgJ-d9o
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A470 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220721&jk=3581320966944015&bg=!NTalNnLNAAacadVKvGk7ACkAdvg8WmxfOpvKl0Ol97O682vuPcPPl-7mVJifIu8Iyn3n2PTAVEJxpgIAAAESUgAAAANoAQcKAJjtFTOMWf5OAxDjhi295zlgO9uGCmyIsrgRkWItyTdKwy9j5k4jXvy8h7hk1N3OCa2ASEWXV-an7hwX1NWJUPPewSoxceLU5esQVzugVxNbmxfRam6BoDzylVTuq0PAJVsSuSOQVhwHG_BJdJ72EP50Ubxq6Vm5bVXuym6ZOl-ve_zuUPalUTOlvEG-GTQIlzqx81i3dIeqrJkCsaWOSJgXuy3RbBhymeilLB-N0DaorZ6fyqzY18ZYLuErHszqbo3K4MTwjCodWsRyIt0rgxWr7-qgISdZxpKQn810L5pFAiQRsjZ8PkU2QMu00YMqktuYrtNXwWWU3-mFwB5VXzbPhiVq8cjsPIHjn4ewK93-0RYWvUUoTgNK7qy1Z_zcgo08Gyd31xxkIVIgH2v79n7Kclwzm3ZHIk8pkks8NR9SXjpuAkLZxOdv5vbAXl0KadAYIff_ud2r4X9dSh5QAR2PR0HULg8VFqmW_pgqpgCaefuyHf45VzUHTIYCiWTCSXaZja_IzR7USGuJJTP_QUoB3KGSeinQfCNT0ScScJ9yvruTYTA-cHv0iQtLIqVYVztosFt8wWn7VmLb-4w8tAGqiDpXlsdJXYumLI26JdrLe2_H-wIjJQRN4SB_uhscBiV5QyGIT5IR-KAJCl-aTAu4L5yEnmnBA1JCEG6vom9zhJoucqKiOeYn9IikMscvRoNRsBb3tC6KoGxmvd-uJlBF8ecZj6VtqsnFMNMlgWjGVwq8YA-UK3Vy7MeAOwqKB-o6omenUo_1GB01fN86tz5_jGXatOKSZXY_GnoxGefkALiIV07nfotzomrJ7En6c3Bn4ojytKF9JvAKU22bMWv3g-aeDETRFR2-zQZPytL0L6evXGNgoXIRT87DEyuKwB6TkNGaWEWRndsZsaUj6YFN_YJ-U5M14piz-62mCmQUToOo8j5-TwpuCJOcm50zmfRIwfAM3L5C_ITH97iSwnukdDtIA834V_QVOEEoLL8M-ebeO-zEvJXHdabG0TtQQz4HaHe9gbXitdzrKCHa-BoohEugEPu4_VChB3ZzjRezFC_CQN4zgNoYjrXiDKK61GAl7ATOqxaEZAqdyJp4bWf6B6-_2lIYV2eZngSS
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 9061 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVdw2phLMB_TO1CAbCbZFIw8rnIFdng9TFbBG3tDFLuJYp79k1tnMl5Y2cKOWC5F6JHuo0i9n0Fs71KvnGueU5VRbdbFpeU45h2ofPcCuSYFMI2a51w-lQ19xapOsMF9fGCy3yNjQZARm4&sai=AMfl-YTv1flD8ktB1HKnOQ6VYEmVRI7QXywApxQn6iJzhkadRwRdd986ZLpx-o6toJNFScqa6piRbM1A6ld6mf0jGNxN8L9gPXxtAdw&sig=Cg0ArKJSzKr8mN_g7Q-mEAE&cid=CAASEuRo3eQvJbY9DrDl07oJxRHEbQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3481491427&rs=2&la=0&cr=0&vs=4&r=v&rst=1658637897441&rpt=1722&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:45:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 9061 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095264&asId=5a5667f5-80d3-4de5-9e07-ee89bdaccea8&tv=%7Bc:jfYYgY,time:1800,type:e,im:%7Bpci:%7Btdr:1730%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1800,n:765,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,bkn:%7Bpiv:%5B759~1%5D,as:%5B759~na.na%5D%7D%7D,%7Bsl:o,t:765,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1035~0%5D,as:%5B1035~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:139,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:698a:3145:8fbd:bb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:45:00 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9061 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095264&asId=5a5667f5-80d3-4de5-9e07-ee89bdaccea8&tv=%7Bc:jfYYyI,pingTime:1,time:2900,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:37%7D,%7Bpiv:0,vs:o,r:r,w:728,h:90,t:765%7D,%7Bpiv:100,vs:i,r:,t:1899%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1899,n:765,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,bkn:%7Bpiv:%5B759~1%5D,as:%5B759~na.na%5D%7D%7D,%7Bsl:o,t:765,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1134~0,0~100%5D,as:%5B1134~728.90%5D%7D%7D,%7Bsl:i,t:1899,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:113,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:698a:3145:8fbd:bb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:45:01 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9061 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095264&asId=5a5667f5-80d3-4de5-9e07-ee89bdaccea8&tv=%7Bc:jfYYyI,pingTime:1,time:2900,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:37%7D,%7Bpiv:0,vs:o,r:r,w:728,h:90,t:765%7D,%7Bpiv:100,vs:i,r:,t:1899%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1899,n:765,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,bkn:%7Bpiv:%5B759~1%5D,as:%5B759~na.na%5D%7D%7D,%7Bsl:o,t:765,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1134~0,0~100%5D,as:%5B1134~728.90%5D%7D%7D,%7Bsl:i,t:1899,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:113,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:698a:3145:8fbd:bb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:45:01 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9061 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095264&asId=5a5667f5-80d3-4de5-9e07-ee89bdaccea8&tv=%7Bc:jfYZBe,pingTime:5,time:6900,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:37%7D,%7Bpiv:0,vs:o,r:r,w:728,h:90,t:765%7D,%7Bpiv:100,vs:i,r:,t:1899%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1899,n:765,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,bkn:%7Bpiv:%5B759~1%5D,as:%5B759~na.na%5D%7D%7D,%7Bsl:o,t:765,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1134~0,0~100%5D,as:%5B1134~728.90%5D%7D%7D,%7Bsl:i,t:1899,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:113,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:698a:3145:8fbd:bb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:45:05 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9061 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1095264&asId=5a5667f5-80d3-4de5-9e07-ee89bdaccea8&tv=%7Bc:jfYZBe,pingTime:5,time:6900,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:37%7D,%7Bpiv:0,vs:o,r:r,w:728,h:90,t:765%7D,%7Bpiv:100,vs:i,r:,t:1899%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1899,n:765,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:37,wc:0.0.1600.1200,bkn:%7Bpiv:%5B759~1%5D,as:%5B759~na.na%5D%7D%7D,%7Bsl:o,t:765,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1134~0,0~100%5D,as:%5B1134~728.90%5D%7D%7D,%7Bsl:i,t:1899,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:bf,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:113,fm:tctBAA4+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C183%7C184%7C185%7C186%7C187%7C1911%7C192%7C193%7C194%7C1951%7C1952%7C1953%7C1954%7C1955%7C1956%7C1957%7C196%7C197%7C198%7C1a%7C1b1%7C1b2%7C1c1%7C1c2*.1095264-64280668%7C1c21%7C1c221%7C1d%7C1e1%7C1e2%7C1e31%7C1e4%7C1e5%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i31%7C1i4%7C1i5%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1l1%7C1l2%7C1l3%7C1l4%7C1l51%7C1l52%7C1l53%7C1l54%7C1l55%7C1l56%7C1l57%7C1l6%7C1l71%7C1l8%7C1m11%7C1m21%7C1n%7C1o,idMap:1c2*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:698a:3145:8fbd:bb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 04:45:05 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
tt
a4p.adpartner.pro/ Frame 384A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=1&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.33768884185370895
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 24 Jul 2022 04:45:06 GMT
server
nginx
tt
a4p.adpartner.pro/ Frame 3EDD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=2&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 24 Jul 2022 04:45:07 GMT
server
nginx
tt
a4p.adpartner.pro/ Frame E348 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=d5e5197c-7a1e-4a78-9da1-4863af3b4d9d&session_pageview=3&session_id=b5c26b79-6494-44ef-b0ad-711474e61ec4&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 24 Jul 2022 04:45:07 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adx.com.ru
URL
https://adx.com.ru/adspend-sync?confirm=true&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FbzM8eSgCx7JPheJVKZwCKM%3Fsign%3D2309744665%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62dcce4905f7084a09b3294d&uid=62dcce4905f7084a09b3294d

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation undefined| returnExports function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| hb_dmx_res object| _gat object| gaGlobal object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding function| html2canvas function| _open object| banner1550_91722525464651520 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ap_br_img number| k object| googletag

113 Cookies

Domain/Path Name / Value
.admixer.net/gadx Name: am-uid
Value: 94a029d7ab1d42a7acadae103c5845e7
.admixer.net/bs Name: am-uid
Value: 94a029d7ab1d42a7acadae103c5845e7
.zdorovia.com.ua/ Name: ngTrackID
Value: a65382899134a019db13c35bbff43518
.zdorovia.com.ua/ Name: PHPSESSID
Value: 2finmn3hcs6n9h1k4bf7o5bni2
zdorovia.com.ua/ Name: b
Value: b
zdorovia.com.ua/ Name:
Value: store.test
.youtube.com/ Name: YSC
Value: Oww5rw9woCo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: YOYvav3P3TA
.zdorovia.com.ua/ Name: __utma
Value: 148597372.1471403332.1658637896.1658637896.1658637896.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1658637896.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1658637896
zdorovia.com.ua/ Name: session_id
Value: b5c26b79-6494-44ef-b0ad-711474e61ec4
zdorovia.com.ua/ Name: site_visited
Value: 1658724296.1
.admixer.net/ Name: am-uid
Value: 94a029d7ab1d42a7acadae103c5845e7
.ads.go2net.com.ua/ Name: am-uid
Value: 94a029d7ab1d42a7acadae103c5845e7
a4p.adpartner.pro/ Name: apuid
Value: d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
a4p.adpartner.pro/ Name: apudmg
Value: 1
.yadro.ru/ Name: FTID
Value: 1YtCv72RrAeM1YtCv7002B2K
.yadro.ru/ Name: VID
Value: 0FnBQ20Ns9uM1YtCv8002B3E
ads.us.e-planning.net/ Name: CT
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlX8qkNLdIHy6Wl84sb2Fcl7WYHVx4RKT2uiX94mfGBPfxFSR56ZMH77flHDLI
.e-planning.net/ Name: E
Value: ANqxpiOEYKmjGHUN
.creativecdn.com/ Name: u
Value: cSWu0f4CJ0hjhNIc1hFh
.creativecdn.com/ Name: ts
Value: 1658637896
.adnxs.com/ Name: uuid2
Value: 4796792589496994157
.casalemedia.com/ Name: CMID
Value: YtzOSCIS9mHvAGg.9CuxjwAA
.casalemedia.com/ Name: CMPS
Value: 4375
.casalemedia.com/ Name: CMPRO
Value: 4375
.zeotap.com/ Name: zc
Value: 450af905-f248-4dd7-7dce-ed1d45138a19
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 6c7a823d-44a3-52cd-8828-978feaf459c7
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YtzOSAAIumAFE9sXmm_Hn4M_v8YZq03VDSnurg==
.tapad.com/ Name: TapAd_TS
Value: 1658637896626
.tapad.com/ Name: TapAd_DID
Value: bc1360cc-b5d1-42a8-b6dd-5d360b0335c5
.adfarm1.adition.com/ Name: UserID1
Value: 7123795519236995220
.adx.opera.com/ Name: UID
Value: 5784e6cd09764fb187f1addb38805d43
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.exchange.buzzoola.com/ Name: uuid
Value: 65c1a217-3f82-4d7f-5748-e45f825e1125
.demdex.net/ Name: demdex
Value: 71573886031389824132527754512650670347
.lemmatechnologies.com/ Name: uid
Value: 5df0ab9c-0b0b-11ed-8d99-801844df107c
.weborama.fr/ Name: AFFICHE_W
Value: o4PDUeO-Dp2j27
.dpm.demdex.net/ Name: dpm
Value: 71573886031389824132527754512650670347
.bidswitch.net/ Name: c
Value: 1658637896
.bidswitch.net/ Name: tuuid_lu
Value: 1658637896
.analytics.yahoo.com/ Name: IDSYNC
Value: 1985~266s
pa.tns-ua.com/ Name: uid
Value: Z0D330FFFA74452C9B3473970A9754E5
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.tidaltv.com/ Name: tidal_ttid
Value: 4e82e3c8-6a04-4ed2-a31e-85e8f2d0458b
.agkn.com/ Name: ab
Value: 0001%3AmjZgl%2FZD7cdFoQuTHGaYfrK4X7PcXkkk
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NrSwsDK0MAIA2TYaxgkAAAA="
.bidswitch.net/ Name: tuuid
Value: 44329cdd-3c0d-42bd-a5b9-9c10096cfdd7
.krxd.net/ Name: _kuid_
Value: O-cbyen2
.yahoo.com/ Name: A3
Value: d=AQABBEnO3GICEK-TypXk2tdCZosdQVpdQQs&S=AQAAAkb0MNB7g1m4L28EiaVIy8g
zdorovia.com.ua/ Name: lapuid
Value: d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.richaudience.com/ Name: avcid-zeo-uid
Value: 450af905-f248-4dd7-7dce-ed1d45138a19
rtb.com.ru/ Name: as-user
Value: 62dcce4905f7084a09b3294d
.scoota.co/ Name: tuuid
Value: 3b18a1ea-502a-4da7-890d-0fc5e4f5e312
.scoota.co/ Name: c
Value: 1658637897
.scoota.co/ Name: tuuid_lu
Value: 1658637897
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YtzOSQAAAX_iYAAK
zdorovia.com.ua/ Name: session_pageview
Value: 1658637897.3
.nrich.ai/ Name: _nauid
Value: c3e395b0-7b66-4318-b749-c0b3f93ccb3e
prodmp.ru/ Name: rai
Value: 266d989672dcdc76ac887c92ec39c681
prodmp.ru/ Name: rai_new
Value: baa17700143241d0f456c2101a8ab02a
.zdorovia.com.ua/ Name: __gads
Value: ID=d90ae4d4263f93d0-2291c6a0d9cd00fe:T=1658637897:RT=1658637897:S=ALNI_MbjH0QuMc2F_WwJnsg5SVGOj7vClw
.openx.net/ Name: i
Value: d3c30de1-c99f-46fb-a8a3-373048a17892|1658637897
.csync.loopme.me/ Name: viewer_token
Value: 850b0236-402c-480c-80a6-b7e63113c58c
.fwmrm.net/ Name: _uid
Value: "eb860_7123795523522027994"
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ae8b713d-cf01-4886-a997-6f5fdbc6da28-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.360yield.com/ Name: tuuid_lu
Value: 1658637897
.360yield.com/ Name: tuuid
Value: e9e5c140-aef9-49a3-a58a-68590f13d646
.adform.net/ Name: C
Value: 1
.zeotap.com/ Name: zsc
Value: %1A-%3D%8E%01A3%EE%8EZRW%60%5C%F4%B2%BC%7B%BFW%1E%3C%B3%21%16%E4Q%14%A2%B8Nr%BD19%2F%11x%AA%C3%FB%84x%60%E5%8C%F5%07%A6%91C%18%05BG%27%83%60%04%BB2U%06%DF%02A%0DS2%B6%3E%EF%A4%DA%D4%FCF%A7%84%A7%18P%BDf%FD%7C%E8%D1fi%17%AA%AE%A1%1F%BF%23%80%26%F7%E7%B0%2Ch%98V%B8%9E4%25b%D6B%5E%1C%04%22%0C%B8%FC%CA%08%EBl%E3%E03-y%98%05%C4%D8%91%EEV%BAu%5C%00%E3%C2%81b%D7%1F%02%27g+%F9W%CB%CA%A4%99%D0%93G%2C%8B%BFC
.adform.net/ Name: uid
Value: 7250623845282102256
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2C$GpLmU^!]tbC8i_jCf!vUN2Q:6#TA/Oyg:xUi/k>@3YMAcqoQ`?%@)uhNE8eoPit>GBTF2teE!>@+ih-:-1(K)7rLo%Xqq%KsBnF:[?@axb)bgmH+Ro1uFK#n#I!n@yN3FR@PsXH%!5y+ijKtVP
.eyeota.net/ Name: SERVERID
Value: 23814~DM
.audrte.com/ Name: arcki2_ddp
Value: CAESEJvJU8T9HicpeuDR-DQouYI!20210804!1658637898113
.console.adtarget.com.tr/ Name: vmuid
Value: f2ac8a999c60a276
.yandex.ru/ Name: yuidss
Value: 1979948941658637898
.yandex.ru/ Name: yandexuid
Value: 1979948941658637898
.audrte.com/ Name: arcki2_adform
Value: 7250623845282102256!20210804!1658637898153
.audrte.com/ Name: arcki2_TTT
Value: 1658637898154!3i86I5f57Q6THmQzhvZDvG0HQ!H4sIAAAAAAAAAB2WW7JrKwhFG7O+rVJExeYIav+bkGHux6nsXKMwmQ9cZOYbK+0zPKnektYsOZWsdbR+573ty/1I3SvSljNTvb7SlLKSzxq71S23+DfHnk1U0iinJ51L0lwjpzrVd8QxXviKZ7lNI4kunjtlp3luTrr7rSVu8zu/HnPp3C2Na5Lq6RzKl0/8OPdZd1kcojwbs6TuWZPmudJaOpIX0zZ9W+3rk6D+nHsax1uqrZy0ihuH1uzeaDzsi23mOXqirpM0rCY3nhO3eetuU/r8TtM7h5dUdwWCtUZap1gSk31C9pi1fDFakdxuutuDwsdKRnmpW633qhfnJtn1hsZIt/Gm6mzJJHIapn1YLl1yfHf6OEK5umQm7VkYi4C4tbLHyqMeujstbIakOJ1Dftrr3lO26bbbPc7segW2MO7PE5zm8eSNkxYjV98j5jZwsrkKiG/fjwX7JPDh5NDoU7OWd5OqN61cEgUwV8/JBifXzOvctmPPNzu/5wwObZekbUuyxW/snOoiPXvO35Cr5kDMd4ubLrO72lK7K7xKyyHj02LH6o7U5ziAmS8s0Jz89ijqUqrKd3z3FY9q0htvTj5VW6lILLikHke+kbM075qO7gpVOo35HMym9KWrzzcWmr7ZX6UDRBFCwEy9qTdvshhxL7CA68auK+VdR9KSEULO4KAXWniztfd30A+SUPj4wBoLsAuFr1zW9jOy2fxWKV2vjcSoYHY0IDBkaDnDJPiFyj4UdWVy06j7cdx7Wq/EU7q9ziH3/kqW6PXcBPwXMGGeIaTUOHH4SUD9TzeAn1ySyNpwGEn4RDKjlHGyRWwpXzMUgHyS12ocekIoPIxkd3fGApW+barHBIL4gyBA3GBlmqFr7NtbPvOrq0A+ILyLFvX2V3h+F29U8BRDTdHdlgwm0iOYnTC74TOdu/Wo1ZvVPn4AOBQ+zeiuUc68YYBxbMVp9UT+pKvthTgjmI32ZkyRKZ+VG//jNF/nq1p7uzQeIf/nNuU4Cptd7MyF/1x0VyZTqqkf+KJ0nWYDJxlq6Mmc/76ix0ttNS10n3gaMBpqOBQ06XWU6J80Ji1YV+WLJ/ObbD8Ieu6GEmod9dvI5lS6p0UKHwWZ39WTzLJR6bgyHDCBojYkh0tiCA1mxcZktDTcyfHH9i0DDhH4Oo3unMLXyp5Wv3kv1ecJeEHRuHjBXPYUCkR220QI7dySsZ+C9QTfjwOzBzhXqRwq0FN0VLTp0uv82jjnxIBPI+8HQQBGhS9zMyhuH218dHrtsQwBF1jwYgPnSsZ785a9huwvnzYgjibsFZyGPlixWCdAKlzpldmF5hb8keoAcSYJ32RzqJA4JBOD3d/OqLNhPQUyQxBaJFueP0UgFCdT/LuNtyY9dT8wr9VIviiMVFhvNNPL+PbKc0x94qQcNVLKLB90ldcY/KYs+3BCzPmOhLW8QzbTxMGfXTHWGFu6f8/m8I+bYjZ/A+S5yXP5Ol9vPrf6ZSFqDLB9vERwODy1SupFB4ogebJ+GrUTgk/XC/qvNcGJAbRbffKhZVlP5uevka7y8hJ6G3+nG50LZ8NS76cZBRCDaTNcIDh43sT2rWZIV3qx0HfTOsgQ9IgFhf1paS9kS8UmLv+e823deCheYHeTjNgfTohuMJ5Kv3btZiC4lFhq2vkF/eAmz3AQ/rS42jv9firX+kTm4z6nk784C6M+fkyJJ1768DwSlG+R8UMcBTq+loj1dT1j81g0aju6FC8YBk4Xa/JGxnYdp8FL5B0f20emG0/Qi7H00THexS5RiUqvWG4mW+pwe1FnMRlLZfXxYN7od0POvrvoFwZMjdk+7iQsBKfryp8mEnVKHbd+OtlDNhDnihAqsUPk10MeZRYB7GmKfBODzVjps1MgYFlBwesA1jSZmIpr/jJ7GZ6tbGKTyL8wyxhTytO9lHgj6l/cU1/iYSO4EiY23/IghN5mZVkV+9n4U5HVIO3JkFLvQFIMHkeXsUojcU7+2H8GiUNYXJaP6hjGnB2701nwY987Y6ztxRUp11ZUYuOluXTujL0Dsy+tky0+it1or6fyZoc/BWacC7igzx6jf90uxUH/LpwkFsiWO5ly9FO06WZx+AhAR4Pwyd9NeAj+ZW+dWn2wvrCG6McO20/V91KhEoEvTha9SJ9ipYbiTxJjQJubzttIdcJMhkBNmbgfKoft4VsR01iiEu7KgCFQmhtXae1sTElrLe1jj8pkJDXXl00l/odK8iMZiQw0PciWBhQka2nHnqQejuyBrd4p9xD6W74Wh1WnGym18tv+wGnXTUDoeWSFbSwPawW+yk4n7UUZq/TaR3CV7aypDVWUD9VJfWrZs19WbfoE+kgnOAEbW9H9eWMb31AF0uPjwxGnstmzPT3BjEssfrICyPlptYZF7/z2JzJUMH820Muiq7ivvHxgV+HyVCsr5jJ8PFjdc0GBIfoDv9rQ6m0MAAA=
.adtelligent.com/ Name: a584890
Value: 4796792589496994157
.adtelligent.com/ Name: a319130
Value: 850b0236-402c-480c-80a6-b7e63113c58c
.adtelligent.com/ Name: a297253
Value: 4796792589496994157
.adtelligent.com/ Name: a307971
Value: ANqxpiOEYKmjGHUN
.admixer.co.kr/ Name: __auid
Value: ef8fac48eab66de45f11bccdebeb99c8
.admixer.co.kr/ Name: __puid_103
Value: 94a029d7ab1d42a7acadae103c5845e7
.admixer.co.kr/ Name: __id_utm
Value: 20220724
.admixer.co.kr/ Name: __id_inf_103
Value: 0_94a029d7ab1d42a7acadae103c5845e7
.aidata.io/ Name: __upin
Value: /c+MqbBO6CTgQ2mafCtHBQ
.aidata.io/ Name: __upints
Value: 1658637898
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adtelligent.com/ Name: vmuid
Value: 9e5feeef637c5eaf
.adtelligent.com/ Name: a307558
Value: d5e5197c-7a1e-4a78-9da1-4863af3b4d9d
.adtelligent.com/ Name: a309255
Value: 39b1bd77-d987-4ae5-99f9-3fcdaddd89e2
.dmg.digitaltarget.ru/ Name: viuserid
Value: tv.2brY1J.UVHeA7OL2v
.adtelligent.com/ Name: a289656
Value: e9e5c140-aef9-49a3-a58a-68590f13d646
.adtelligent.com/ Name: p440467
Value: 94a029d7ab1d42a7acadae103c5845e7
.adtelligent.com/ Name: a318342
Value: f2ac8a999c60a276
.audrte.com/ Name: arcki2
Value: 3i86I5f57Q6THmQzhvZDvG0HQ!20210804!1658637899247
.casalemedia.com/ Name: CMTS
Value: 4378
.1dmp.io/ Name: uid
Value: 5f852320-0b0b-11ed-8677-901b0e934d81
.quantserve.com/ Name: d
Value: EGYBCQHYJoEA
.quantserve.com/ Name: mc
Value: 62dcce4b-5dd04-ab117-4e312
.agkn.com/ Name: u
Value: C|0CEAAAAAAKm-KywAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/ Name: uuid
Value: 36d05c69-9998-4995-87e7-146c3f06c19c-20220724 00:44:59
.adx.com.ru/ Name: user
Value: 62dcce4ba897d83d1044717b

8 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=450af905-f248-4dd7-7dce-ed1d45138a19&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=450af905-f248-4dd7-7dce-ed1d45138a19&reqId=d2e18774-f5fa-4eb4-6672-5abef6c79982&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://adx.com.ru/adspend-sync?confirm=true&r=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2FbzM8eSgCx7JPheJVKZwCKM%3Fsign%3D2309744665%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D62dcce4905f7084a09b3294d&uid=62dcce4905f7084a09b3294d
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ads.betweendigital.com
ads.go2net.com.ua
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
adx.com.ru
ag.innovid.com
ajax.googleapis.com
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
bidswitch-eu.splicky.com
c.bigmir.net
cdn.admixer.net
cdn.flashtalking.com
cdn.lamp.avct.cloud
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
content.admixer.net
counter.yadro.ru
creativecdn.com
cs.mobfox.com
csync.loopme.me
d.agkn.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dt.adsafeprotected.com
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
fw.adsafeprotected.com
googleads.g.doubleclick.net
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
match.adsrvr.org
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
ps.eyeota.net
r.i.ua
r.scoota.co
rtb.openx.net
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
servedby.flashtalking.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.lemmatechnologies.com
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
zdorovia.com.ua
adx.com.ru
104.117.200.100
104.18.18.126
104.18.19.126
104.18.3.81
104.36.113.35
104.90.104.242
142.250.185.226
142.250.185.70
143.204.89.102
144.76.118.200
146.0.227.107
146.0.227.110
15.197.193.217
151.101.66.49
162.55.236.225
176.34.161.246
18.156.126.13
18.192.108.196
18.198.126.47
18.210.31.151
18.66.248.33
183.110.238.136
185.184.8.90
185.86.137.132
188.34.190.35
188.42.191.196
192.82.242.209
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.26
199.115.119.227
205.234.175.175
209.197.3.19
212.82.100.182
213.19.147.45
216.58.212.130
23.203.77.3
23.227.150.210
23.3.108.242
23.3.108.56
2600:1f18:1aca:4282:698a:3145:8fbd:bb17
2600:1f18:6593:f608:78e4:ddc4:e083:81a6
2600:9000:224a:7800:8:48e:53c0:93a1
2606:4700:10::6816:1957
2606:4700::6813:ad6c
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c01::9d
2a02:6ea0:c700::11
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:600::300
2a05:d018:24:b002:d4fc:f527:7aed:872f
2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f
2a0c:5c81:5139::2
3.125.70.222
3.126.56.137
31.28.167.114
34.111.131.239
34.224.113.183
34.249.212.46
34.252.17.141
34.98.67.61
35.158.200.182
35.227.248.159
35.227.252.103
37.157.4.25
37.157.4.41
37.252.172.37
5.178.65.245
5.178.65.246
5.178.65.253
51.158.29.13
51.68.39.188
51.83.220.94
51.89.9.253
52.212.32.175
52.215.229.217
52.222.236.12
52.94.223.37
54.155.65.255
54.220.48.180
62.149.0.72
67.202.105.31
69.173.144.138
69.173.144.165
72.251.249.13
77.123.132.26
8.2.110.114
8.2.110.206
82.145.213.8
85.114.159.118
88.212.201.204
91.210.190.92
00bf59f55d43d283ebdb708a1af2f358a0ccff19c0a3bf794f1023503911d241
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03d37c6349d258edf301a3614fd4f767796ed45b643828e5102c3ea9d7d6da8d
0a5484cbe12adb89345de750f3ccf8f79fdd46215fb582482f71bad4cbb75b9d
0a927b814339934f4cc07b7db14e4c2b50063a92214a1b8ce64b2562b85e7d78
0ac276e5e7f10c691a5d0f6069a70d835c23e812d5788a78b6502d1cd7bb69ca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c406b530c90df08ffed05e54b0fa8c5141608c6b1552ef9d222ec73e4bdab20
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
0eee007ad106bb9035f94a0055c05c85341666c83e9899da981e24fd6a210100
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1516a519cc9ef0a478c5b7a8d02be31ab28a22e99719113b3181923f88ee1f70
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
175573b8f407972250d72536050be84e0e4fd86686260482ae4e87d8956ce21a
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19179e1a21673cbafe072b392a9e63db4fd03b454ad484183b61522e58fa9029
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
22a9f62ea5eec60503b84a375c1b571103dab87cb0ecec5f1c5aa4f8636adc8b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28f4cec16cd84d3ba943306792a8a1b09e9881c1f23110fa652e1a65e0992da9
2a874941fabbe5b9c7f5854d103387cc4c32a06f7e2c7c81444633460eb4259c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2da35fbda1d1846dafe19cd1bc79afce518145cf24e6e7f318c5c4a18b811a0b
2dc65860b89577cfe093a91964c5d8c0ca505f600e199b10ae4e034ff0cefbaf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
325ec957f575f1846f632c9a71cd599f2294e0920525088bf49acf87b82f1bdd
34625ede3b3644abfc00e40147a80485bfe61312a2915aa8afac90eb0d104668
35e73d4f108582632f411c4f61edfb3fe874dcfa3c18e47f93b94e1712c3925b
366bd4dcbc5cb7bc3af8d7c0d046abdd245b6c33564393d89a7ff5334223faea
38a87c1e66e4e88ad2b264bae1b0a7f138816be2bb4c3870860d2e9a22dd8f67
3968dd09f5ff8790fdf9953c4457d88a6dce103503701ab0001e95b6ec4d03c0
3c299d85c164bbdd6657d53566dd74cbc349508fc62a174f3674af234a8c0e2e
3cf850f22514602ed144862a4da9caed752b580dc542a59943f39286d2cafb6f
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3e29abd7a308fa90b7e627ccae0c3a4695241897e7ab0a9cb71de1da94703e80
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b30a38dcd64ea99edd332b2134aa7cc6d7a3cef11ce2d20787a67b43f9a8f1
463e754c66aea8720b023ae9cc2065aeb46be40ad8a4376766d10d393fdbe76d
46b0ef7e741ff491d90a9e9fb67bba81f023ff2b07d488fbcda68732a7a7dc26
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
499b0de0a7f31ba636995678a50a535cf28bc3553905195df097cd8715676182
4a6c73c4ba10fd3868df0233d6163e04aac59821eff0699ba848f2484b06e52d
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c817911e2610a0b53b5da708720886470d4a26cb7afe0fd0e73a75a1fe2a6aa
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f83989b716d6a6ffa798e80070b0a157b5b74944b1e737b8a3a6e5037818339
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
5197b0a1fdb1721f5f755aa8621b7eb9bc849dd7a3e784575b4de5b3a2a79eb2
52e1b59467c38275e8528ce053be985ed7d5bf29b21bd4e4db70ac7f72f8a1a8
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d081e724949aa6bfc1878e0b692f9e95e539f4422531c641f2633f5ef6b23e
56ebfd621741401da5b27289fa3f12f1e6364609466e49989666d355429219d7
5a7f805a6bc1154a08c69b3a6adb318a6e709dc656add8748261c72eddde5750
5bae28411058bdc317781ecd7eab90fafa25c679a9eea8c325743547782f1feb
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
600f7813fa24166524142bd0a13be2db64c012c353a274a978e85d43d68f2f29
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1
66148a6c99dd99eba843f7569fc49021913d5f69283f39e65d39649917521d63
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1d7c70a23972467375b9b296dd772a56f929838e1a7ef619cc4848bd656cc2
6bea645d2c45d44d35ebb8d0e72ce7053b10f918d5f1536bd825a1875fb34fa2
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
755bbf4c5bc0eb29b590cddd5c19be2800bcfe3f5a4e6ab394a011b9587329a4
77932328acb596d182b091fc4841a570ca9b1ca14a858dfd1cbd00dc6d908ad1
7a93d212ee0ac18acb536f2aecc77b821794d221d3127d8f0e820b1a926c6d58
7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754
7d055a46ca72d163a1e5bf69108bd9fd0a2fb324bf17b2556c56f530f97a4279
80acef942119ac8bdd7c7227e7bf664ad569cac24b6ff0695ef2e0c86a8a813b
825cd79ab23261f80590f157de7ba6b3a01ea84c925d041d5db54f94c5345970
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
865b46a519ec726714390fae540f3b0538748f04b628a23dd70a7e5add01eed7
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
8715480336d368deed57f6f516a2ece4a0ddd8b09bdbd63216fa0201659af937
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6
8a0d667c175a45e955580fb2430449db16b126cde4036018c942f9959d5524c5
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2
913a414d89a4e99a4804e3eb208479ba090542422d952eecd4f692d2803e9183
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
964615479bf7eb8601c8fc6438d983091f53b0d99e0e087941c46074e8631df8
98152d185a09fed649566f5d43fc272b336d544a577d01475562388c6c697c8f
98c90495a3546a4571818cdc6b1d499d334dba910f9b5e355127fa35f3858f52
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
99721769d14ff36caac1221fe74b73328c439dcc8b9e3936cf53787771517f99
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac5125d544d751f9f67e7b1e0de88074167fc9e5ea2cdcaaa95e3a88b8e12a4
9b87d0b5fc7f669ba409eb31092c9f10bcecd54262acf8cec47fb474f35c23b5
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a60deb6fc2c67e117b422b15354d45ffee977df4be2c6ccb88bfec48b8066c01
a6277d13398b9f4a1b0d01ebbc8a63ef62ccce0862b48cd7cff322c2e93e818f
a71697f8babbf6452209b1be5cb48f87078c71fb57137c4ece9f77df455ebc97
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
abfde8fdf415962e66c31a475fa8c7929aba9bf645bf2218a08da2845817b16d
ad22138ad199af386c214affea8d76c776a7bc79c16ec14f8c051791afdb533b
ae51dd011ff68063542e2d2b360a3814eeaad33c42d543f73d1220f81fe426f9
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c2e085d33e1a7e36b84b919640123ea5a409ba2435ccce5f6f42875eaa037d
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b3f6e920157c30a004b4c6c840470829214a6d8c5b1e92d2715008362fd44038
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b4ebcbd69f2f140f399a968b1a70b5a37f076a90a15c987e1354d722951c16dd
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b9c2a2bb3b98dc1b694b769c314d129f3b817e8eaa0f4ad03f50ebeffdd57a28
bbeca1c0c7513a60e5ca1bf62e0215b3dc3cf3ea116918b43dce1704d72cbac7
bde46880a61444df13c38484e4b3e4dc7fd34380d4577a0c453e6776539873ff
c17937534b79fd1af365f2e98e4d8262edcb89c02158dc71f54a3dbba8e643df
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24d753a6ebfa39bde3fe7a8310dbabb2c8a0c5c1aa31dd9216bbf19afb8c968
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c5f66860cf3401f84e99aed75cebadc62a8dd51a0e4442ae9d13c06633e88e2c
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ce1838f5b2b77392d7a94d2adebe366dfdf9c348e02b8894e9d286ab0f79020d
d39c424dbdca7d33722bad2ae2d7f02006d6a7be9e71d8085cce99599cbdd149
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
d590ac8cfe5b4ad0b92bf635ed9e6399ddc8a70550e86e818b4c3d6cdd3a4705
d887b8ff91f9b74d7b220fbf4091d63d10395dcb3891f2571f03f1ff13493e65
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dcbba3268cddc640779c17d22508771332e21bc4b2376a7ce88dc95d64b266c4
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de769643ad3b9ae7fa9c164ec7821f776997b7dac6098886c270bf972ad8f032
e00578f0fb82923000878d8cf4ca887e505221fa9feaf66ae03644f28bd9fa26
e0db57088d0c9d4678dc514584d4498bbb12d0c021d346a5374146f65218ed0d
e2658e5ca7730f48183a2e9361428c89bea5ad195145319f6850f4c5b5e0770a
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa16140fcc62094da6354c287e49c888d2dcf1f9fb230872cbae8be3ca57ee9
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f430ba97631fa44ee9b7b51d119d57d584de986257c84aa097c87fae81336f09
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f
f5c1252657d569220b7abaf36abd9d3c30550c7935f1af14d43a358d309c557a
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f7f57e73dc706cf90f567c2a859529719d5a0fdbd7285a2248f2958b9df37a1c
f94e8a28820779ae32f6699ed4c41bb2197c32360bca72919a55d962db4acf04
f94fac4a3eb3855941efbd4014d8a8e46ba6304e10e3e798bae5dbe6a13b251e
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdd035c80fa36c9a14ec616161194eeb8a684ca0f207329f753333a7a7fcfa42
fe5e8fd2692019dd0df29649fc941be1170dd9054a0d0daae435420c2c6347c4