www.zdrave.net Open in urlscan Pro
193.107.36.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%8...
Submission Tags: falconsandbox
Submission: On December 05 via api (December 5th 2022, 2:41:29 pm UTC) from US — Scanned from DE

Summary HTTP 119 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 14 domains to perform 119 HTTP transactions. The main IP is 193.107.36.30, located in Bulgaria and belongs to SUPERHOSTING_AS, BG. The main domain is www.zdrave.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 21st 2022. Valid for: 3 months.

This is the only time www.zdrave.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 52	193.107.36.30 193.107.36.30	201200 (SUPERHOST...) (SUPERHOSTING_AS)
3	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:49::44 2620:1ec:49::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
4	104.45.184.134 104.45.184.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
119	21

52 193.107.36.30 (Bulgaria) 1 redirects

ASN201200 (SUPERHOSTING_AS, BG)
PTR: server25.superhosting.bg

www.zdrave.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdrave.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:49::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.45.184.134 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	zdrave.net 1 redirects www.zdrave.net zdrave.net	921 KB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	421 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	79 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	146 KB
6	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 1399 a.clarity.ms — Cisco Umbrella Rank: 10403	20 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 87	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	2 KB
2	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 116	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	95 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5234 adservice.google.de — Cisco Umbrella Rank: 7808	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	87 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	694 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 876	7 KB
119	14

	Domain	Requested by
51	www.zdrave.net	www.zdrave.net
20	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	www.zdrave.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
4	a.clarity.ms	www.clarity.ms
3	www.google.com	1 redirects www.zdrave.net tpc.googlesyndication.com
3	fonts.googleapis.com	www.zdrave.net googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.facebook.com	1 redirects connect.facebook.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	connect.facebook.net	www.zdrave.net connect.facebook.net
2	www.clarity.ms	www.zdrave.net www.clarity.ms
2	www.google-analytics.com	www.zdrave.net www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.zdrave.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	maxcdn.bootstrapcdn.com	www.zdrave.net
1	zdrave.net	1 redirects
119	21

This site contains links to these domains. Also see Links.

Domain
twitter.com
zdrave.net
www.facebook.com
mediamonitoring.zdrave.net
www.linkedin.com
plus.google.com
www.xn--e1aldfgn4g.xn--90ae
blsbg.com
news.google.com
platformata.bg
www.portalnapacienta.bg
child.unihosp.com
bba-bulgaria.com
none.bg

Subject Issuer	Validity	Valid
zdrave.net cPanel, Inc. Certification Authority	`2022-10-21` - `2023-01-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-13` - `2022-12-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
Frame ID: 71A4EF0210915F9D43D8353C7AC62CE6
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 60271123F281D0CB1072ACBF907B68ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&adk=1812271804&adf=3025194257&lmt=1670251284&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283570&bpp=4&bdt=555&idt=346&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6136536367740&frm=20&pv=2&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=396
Frame ID: B0298E2BC5927A16398D381CC742A64E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=90&slotname=4277830557&adk=621980329&adf=921206747&pi=t.ma~as.4277830557&w=728&lmt=1670251284&format=728x90&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283574&bpp=1&bdt=559&idt=419&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lDp4wG7EUo&p=https%3A//www.zdrave.net&dtd=433
Frame ID: 5657CC7D850CE6D672B8C9684097E934
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1670251284&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283575&bpp=1&bdt=559&idt=443&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=3438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rrZoBM5zRu&p=https%3A//www.zdrave.net&dtd=449
Frame ID: 8F1BB023052E68DCCBE6BCEF58C3CFA9
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html
Frame ID: 6CBC7CC9B3D13F72F2705346256FECC7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B98C20C7559CA0B26AF8CEC9FF112B2C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 287F0F500BD9165D1C265072ACE41996
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2f99f520b1585c%2526domain%253Dwww.zdrave.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.zdrave.net%25252Ffdeec2a5af2228%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdravenet-102162099889218%252F%253Ffref%253Dts%26locale%3Dbg_BG%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26width%3D300
Frame ID: 3B0359A321322E4E8EF3E00125CA0312
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D841E91F97DFFE06BE13D71E66CFA3D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07392C97EA1795FF61DDC2B76DB0292A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

90% от „лекарите, на които вярваме“: Да се въведат ДСГ, но не веднага, а постепенно

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

119
Requests

99 %
HTTPS

90 %
IPv6

14
Domains

21
Subdomains

21
IPs

4
Countries

1802 kB
Transfer

3370 kB
Size

9
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/NetZdrave

Search URL Search Domain Scan URL

URL: https://zdrave.net/news.xml

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Zdravenet-102162099889218/

Search URL Search Domain Scan URL

URL: http://mediamonitoring.zdrave.net/
Title: Медиен мониторинг

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571&title=90%%20%D0%BE%D1%82%20%E2%80%9E%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,%20%D0%BD%D0%B0%20%D0%BA%D0%BE%D0%B8%D1%82%D0%BE%20%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5%E2%80%9C:%20%D0%94%D0%B0%20%D1%81%D0%B5%20%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82%20%D0%94%D0%A1%D0%93,%20%D0%BD%D0%BE%20%D0%BD%D0%B5%20%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,%20%D0%B0%20%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE&summary=Zdrave.net

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571

Search URL Search Domain Scan URL

URL: https://www.facebook.com/empowerare/

Search URL Search Domain Scan URL

URL: https://www.xn--e1aldfgn4g.xn--90ae/

Search URL Search Domain Scan URL

URL: https://blsbg.com/bg/vsichki_c82

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMNvapAswnuW8Aw?hl=bg&gl=BG&ceid=BG%3Abg

Search URL Search Domain Scan URL

URL: https://platformata.bg/bg/kauzi/915:covid-197/details/campaign.html?fbclid=IwAR0umOEKn-AeTeocbaWoEAk9XLwcuZt3Vk-T4d-pmtzkKrZzmgK-oX3LuDg

Search URL Search Domain Scan URL

URL: https://blsbg.com/bg/bls-obiaviava-konkurs-po-progama-za-podpomagane-obuchenie-i-izgrazhdane-na-liderski-i-komunikatsionni-umeniia-sred-bdeshchi-lekari-za-2021-2022-g_p10751.html

Search URL Search Domain Scan URL

URL: https://www.portalnapacienta.bg/

Search URL Search Domain Scan URL

URL: http://child.unihosp.com/

Search URL Search Domain Scan URL

URL: https://blsbg.com/bg/3648.bls-restartira-nacionalnata-kampaniya-sreshu-nasilieto-nad-medici-pod-mototo-dobrata-duma-lekuva.html

Search URL Search Domain Scan URL

URL: https://bba-bulgaria.com/

Search URL Search Domain Scan URL

URL: http://none.bg/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://zdrave.net/images/icon.png HTTP 301
https://www.zdrave.net/images/icon.png

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://www.facebook.com/v2.8/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f99f520b1585c%26domain%3Dwww.zdrave.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.zdrave.net%252Ffdeec2a5af2228%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FZdravenet-102162099889218%2F%3Ffref%3Dts&locale=bg_BG&sdk=joey&show_facepile=false&show_posts=false&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2f99f520b1585c%2526domain%253Dwww.zdrave.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.zdrave.net%25252Ffdeec2a5af2228%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdravenet-102162099889218%252F%253Ffref%253Dts%26locale%3Dbg_BG%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26width%3D300

119 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request n23571 Show response
www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0... 107 KB
19 KB 356ms
80ms Document
text/html 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache / PHP/7.0.33

Resource Hash

4480d5f8426748ec2e1d1e62daf66a66217223a23fbccd0415d966b12c524c01

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 05 Dec 2022 14:41:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Mon, 05 Dec 2022 14:41:24 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.0.33
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 149ms
62ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans|Noto+Serif

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07a168823a66228242f1c214eee0ad58395acbd1eacc5fa5ae1e3e9816a22961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 14:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 14:41:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 14:41:23 GMT

GET
H2 200 default.css
www.zdrave.net/css/ 1 KB
631 B 50ms
48ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/default.css?version=3.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

f449d1503fabfc8367b7e1698ae3d62c4a5b4c1cd88fe05d0b00881d6fcbb0c8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 07:03:29 GMT
server: Apache
etag: "7ae0a3e-432-58ddb172a1f9f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 499
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 jquery-latest.min.js Show response
www.zdrave.net/js/ 94 KB
33 KB 55ms
53ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/jquery-latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Wed, 03 May 2017 08:52:15 GMT
server: Apache
etag: "7b00c79-1762a-54e9ac5dbcdc0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33225
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 menumaker.min.js Show response
www.zdrave.net/js/ 2 KB
652 B 50ms
49ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/menumaker.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

a2f9715182c9ec076818f9f7c3291f1d03da74d0edf4a12f7c69d62fa65481dc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "7b00c7f-643-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 550
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 script.js Show response
www.zdrave.net/js/ 172 B
226 B 51ms
49ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

a5a177c215b89cccf0a6dc99c27e896853a287f0e822ff64682fe36a8e16d405

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "7b00c82-ac-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 165
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 bootstrap.min.js Show response
www.zdrave.net/js/ 27 KB
7 KB 52ms
51ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/bootstrap.min.js?ver=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:21 GMT
server: Apache
etag: "7b00c78-6cae-54e7520252a40-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7283
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 c.js Show response
www.zdrave.net/js/ 7 KB
2 KB 51ms
50ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/c.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

776caf23f2dd61692e8bf8ec85e98407dcdf172758472b2166b12e659853e098

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Thu, 02 Aug 2018 13:05:25 GMT
server: Apache
etag: "7b0023d-1a2d-5727376e9af7c-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1970
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 jquery.twbsPagination.js Show response
www.zdrave.net/js/ 11 KB
3 KB 51ms
50ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/jquery.twbsPagination.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

0878b7a70b07f41f8dffb16561bb8a07da29a2e21c353e30de2141cd90c298f5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Wed, 10 May 2017 09:25:18 GMT
server: Apache
etag: "7b00c7b-2cff-54f280cf19b80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2745
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 229ms
137ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40c8491dd8d25e206d281e7d8bec063037caef34d452809d1ddc08d0e6988eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48974
x-xss-protection: 0
server: cafe
etag: 13162428606479717485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 14:41:23 GMT

GET
H2 200 logo.png
www.zdrave.net/images/theme/ 8 KB
8 KB 53ms
44ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c3ddaa5eecec0e0081656dd442d14e03fcd302b4400d8b8af9e62d25b27a68b7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f7e-1f7a-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8058
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 rrssb.min.js Show response
www.zdrave.net/js/ 5 KB
2 KB 46ms
45ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/rrssb.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c6b16c1f0ed9249a4c2c2da6b7ebc2e25aef5998ddb8b311e312a9cfe20247b4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "7b00c81-156d-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1934
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 comment.png
www.zdrave.net/images/icons/ 2 KB
2 KB 54ms
45ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/icons/comment.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c318714f0ec6a40faa4c30ae5c6beb71661d82568f18565219bfb1550224462f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:17 GMT
server: Apache
etag: "eed5a58-6dd-54e751fe82140"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1757
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2

200

icon.png
www.zdrave.net/images/
Redirect Chain

https://zdrave.net/images/icon.png
https://www.zdrave.net/images/icon.png

3 KB
3 KB

45ms
45ms

Image
image/png

193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/icon.png

Requested by

Protocol

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c32886a5d00d2b4761daaa1cabb05eb082e41eb34943699ea64da7b27a8518a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Thu, 30 Nov 2017 05:53:18 GMT
server: Apache
etag: "7af131f-c3d-55f2cde664f80"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3133
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

Redirect headers

location: https://www.zdrave.net/images/icon.png
date: Mon, 05 Dec 2022 14:41:24 GMT
cache-control: max-age=2592000
expires: Wed, 04 Jan 2023 14:41:24 GMT
server: Apache
content-length: 246
content-type: text/html; charset=iso-8859-1

GET
H2 200 jquery-1.4.4.min.js Show response
www.zdrave.net/js/slider-images/ 77 KB
27 KB 51ms
51ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/slider-images/jquery-1.4.4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "2861f8e-13309-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27073
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 jsCarousel-2.0.0.js Show response
www.zdrave.net/js/slider-images/ 11 KB
2 KB 49ms
48ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/slider-images/jsCarousel-2.0.0.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

b86d7688284b356fc73bf814453d2e5f81c3e42403967512a7b51516bb436892

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Mon, 01 May 2017 11:57:22 GMT
server: Apache
etag: "2861f8f-2d2a-54e7520346c80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1815
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 image.php
www.zdrave.net/ 88 KB
88 KB 115ms
107ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/image.php?width=600&image=https://www.zdrave.net/ImagesDB/News_23571/1664198266-lekarite.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache / PHP/7.0.33

Resource Hash

8bbaf59d66080803e89d5759a5f0cffb3bb1d9b9569986a1bcc1285e0682fd84

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.0.33
etag: "da00ea97af77a798d4080757de95ffeb-gzip"
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 1664198266-lekarite.jpg
www.zdrave.net/ImagesDB/News_23571/ 88 KB
89 KB 54ms
46ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_23571/1664198266-lekarite.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

8bbaf59d66080803e89d5759a5f0cffb3bb1d9b9569986a1bcc1285e0682fd84

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 26 Sep 2022 13:17:46 GMT
server: Apache
etag: "86b0477-16071-5e9945a7d4744"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 90225
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 user.png
www.zdrave.net/images/ 5 KB
6 KB 52ms
45ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/user.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

3a685bfca7b3da8b42fddd6f480ab33dc0ac3287d3bd7d08b96626140ad65223

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:19 GMT
server: Apache
etag: "7af1326-1590-54e752006a5c0"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5520
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 1670245310-invitro.jpg
www.zdrave.net/ImagesDB/News_24332/ 62 KB
62 KB 55ms
48ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_24332/1670245310-invitro.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

17eaee734a775f1f235ed9bd7776afdf4c75ca2bf4e39ace0edccb7a2a963bfb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 05 Dec 2022 13:01:50 GMT
server: Apache
etag: "d5206a5-f761-5ef144a65470c"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 63329
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 1670243810-7712764-image.jpeg
www.zdrave.net/ImagesDB/News_24331/ 29 KB
30 KB 54ms
47ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_24331/1670243810-7712764-image.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

ceeb80cc9eaff5f737aa00110c4121e4ba6374db55ffd8bb227e56d01b3d6b94

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 05 Dec 2022 12:36:50 GMT
server: Apache
etag: "d520689-75fe-5ef13f0ffe02b"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30206
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 47_redki.jpg
www.zdrave.net/bannerInside/ 18 KB
19 KB 54ms
47ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/47_redki.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

5a5da5d4b4efc7e40e1165624e027145a6c38a0052e0b673fdcb8fc91951a3e0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Thu, 01 Dec 2022 10:12:36 GMT
server: Apache
etag: "7ab112a-49c3-5eec175d5cdcb"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18883
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 44_plusmen.jpg
www.zdrave.net/bannerInside/ 13 KB
13 KB 55ms
48ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/44_plusmen.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

ad2d3eda55065150c5f357e5f97eee07ad613fe71a581d4f91cb76227a6942da

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 21 Mar 2022 14:00:34 GMT
server: Apache
etag: "7ab10c8-33da-5dabaeb8e6c97"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13274
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 43_bls.jpg
www.zdrave.net/bannerInside/ 46 KB
46 KB 92ms
85ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/43_bls.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

d7e56e7336c292a43f7630b098dcb604c4f9a9d6ad26bbb75fe3687797908692

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Tue, 15 Mar 2022 10:05:49 GMT
server: Apache
etag: "7ab10c2-b6e0-5da3ef0ffef23"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 46816
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 42_baner-zdravenet_google.jpg
www.zdrave.net/bannerInside/ 14 KB
14 KB 98ms
92ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/42_baner-zdravenet_google.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

1309ddeec5bde7ef3550f4e95bd348d46211e52a3a62a2ad77fcf935f98dda0a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Thu, 23 Dec 2021 08:19:42 GMT
server: Apache
etag: "7ab1023-37d7-5d3cbe6815b97"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14295
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 41_fund_deca.jpg
www.zdrave.net/bannerInside/ 13 KB
13 KB 100ms
93ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/41_fund_deca.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

94fa68fdd95ac855f8507740b330a861a3bce4c06427da75ad5853bb01e704ab

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Fri, 11 Dec 2020 08:20:55 GMT
server: Apache
etag: "7ab0d1e-352e-5b62bf8a6a2cc"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13614
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 37_bls_baner_2021.jpg
www.zdrave.net/bannerInside/ 11 KB
11 KB 99ms
92ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/37_bls_baner_2021.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

27c1eca2afe6e04c1b1dbf67f7737b1433f73abf5fd4218077cecf29ae81cc6f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Thu, 28 Oct 2021 07:56:59 GMT
server: Apache
etag: "7ab0cd9-2acc-5cf650e26e0fb"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10956
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 33_pr_care.jpg
www.zdrave.net/bannerInside/ 21 KB
21 KB 149ms
142ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/33_pr_care.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

5ba9ff8e083888645d374b506836d0d7824b45e7e77a16ed08c7c63c81141917

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Wed, 18 Dec 2019 10:22:47 GMT
server: Apache
etag: "7ab0616-541b-599f7d37e494d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21531
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 26_camp.gif
www.zdrave.net/bannerInside/ 105 KB
106 KB 149ms
143ms Image
image/gif 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/26_camp.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

5ab8a6d729d40258c07b55b51f4ee107727ac32c83f2475f875ad48cd0dcee9e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Thu, 21 Nov 2019 14:18:37 GMT
server: Apache
etag: "7ab05cb-1a583-597dbf9260bde"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 107907
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 24_BLS-baner.jpg
www.zdrave.net/bannerInside/ 27 KB
27 KB 149ms
143ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/24_BLS-baner.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

729d6b9a58b6c92007ccbd682ae0de886462e54c4966d4189f3f746214404198

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Fri, 15 Feb 2019 11:10:42 GMT
server: Apache
etag: "7ab3417-6a09-581ecd3660bc0"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27145
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 1_10_bba-1.jpg
www.zdrave.net/bannerInside/ 82 KB
83 KB 151ms
146ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/bannerInside/1_10_bba-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

84b871d5eb4a2dcc2a79dcddc492dfda7e095066914ef8e7fd481c2a31ffa9c8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 24 Jul 2017 12:41:08 GMT
server: Apache
etag: "7ab3909-148c9-5550f87658100"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 84169
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 1669288964-apple.jpg
www.zdrave.net/ImagesDB/News_24222/ 41 KB
41 KB 148ms
143ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_24222/1669288964-apple.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

ff49ef60cf91b017a1b745c0fd09acce50a695fd20aa0f27a3a60f274c19ad41

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Thu, 24 Nov 2022 11:22:44 GMT
server: Apache
etag: "9920643-a3a8-5ee359fc6adfc"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 41896
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 1644924027-pari.jpg
www.zdrave.net/ImagesDB/News_21096/ 49 KB
49 KB 149ms
144ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_21096/1644924027-pari.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

498288a8a7c75ee136fca9a5f1e6d2b5c451db4591d91418abfc16d2cfb67724

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Tue, 15 Feb 2022 11:20:27 GMT
server: Apache
etag: "7ff0025-c35c-5d80cb852e78d"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 50012
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 1620808033-podpis3.jpg
www.zdrave.net/ImagesDB/News_17635/ 24 KB
24 KB 149ms
144ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_17635/1620808033-podpis3.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

09f87e0fec746de870049d9fc6ff4e4edf1126968dce6fd0ca8892f7af2705c7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Wed, 12 May 2021 08:27:13 GMT
server: Apache
etag: "8740299-60f7-5c21dc71bbf2e"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24823
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 1617726323-covid-stop.jpg
www.zdrave.net/ImagesDB/News_17221/ 21 KB
21 KB 151ms
146ms Image
image/jpeg 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/ImagesDB/News_17221/1617726323-covid-stop.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

cbd23f377c6e6dec469785ffea8856431946fba633d036289af3b96c0ef8377c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Tue, 06 Apr 2021 16:25:23 GMT
server: Apache
etag: "a4c0039-54b4-5bf5042debd05"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21684
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 noframework.waypoints.min.js Show response
www.zdrave.net/js/ 10 KB
3 KB 48ms
48ms Script
application/javascript 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/js/noframework.waypoints.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2017 11:19:18 GMT
server: Apache
etag: "7b00c80-28ee-5527689f97980-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3132
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 none.png
www.zdrave.net/images/ 4 KB
4 KB 153ms
148ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/none.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

1369787835af869aff7b52ee93d7a13b1f92b3492e9a1f0bf03e32c41d5780e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "7af1323-f5e-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3934
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 64ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 27153979
cdn-cachedat: 2021-06-08 14:23:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 990eb37a8813a99367bd383681b974a4
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 774d8ad87b039066-FRA
cdn-requestpullsuccess: True

GET
H2 200 rrssb.css
www.zdrave.net/css/ 8 KB
2 KB 51ms
44ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/rrssb.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

e6776a7594a2024babdfe16f8085fb1b252f1abee124c62649765fb362aaa7d0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 07:03:29 GMT
server: Apache
etag: "7ae0a46-1f76-58ddb172d7719-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1507
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 bootstrap.min.css
www.zdrave.net/css/ 4 KB
1 KB 53ms
44ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

733714607acfa84239ae2242f87f105f82ca50b77ad89ab5063f6280bbae1d47

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Tue, 25 May 2021 05:59:37 GMT
server: Apache
etag: "7aec8bc-f23-5c3213b26ad92-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1084
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 common.css
www.zdrave.net/css/ 1 KB
747 B 48ms
46ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/common.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

a52e781c2a4db6781cc86beebc89d121a183b8a48dac796eca08de3b4c0b3260

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 07:03:29 GMT
server: Apache
etag: "7ae0a3d-5e9-58ddb1729aa6f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 685
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 theme.css
www.zdrave.net/css/ 17 KB
4 KB 51ms
49ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/theme.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

5f298c5f7b81a280b862dbf20a96c7bc4a5956bb3681180b27a505895da08291

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 14:02:12 GMT
server: Apache
etag: "7ae56c2-459a-5eb63a7c7d3e3-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3490
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 index.css
www.zdrave.net/css/ 11 KB
2 KB 49ms
48ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/index.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

fe33791d0ed4232d5f276eb5d3ee5b844128c79cd09722b338e43abed2695b26

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Sun, 15 Sep 2019 12:45:30 GMT
server: Apache
etag: "7ae56c3-2b3b-59296dccbfe00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2163
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 navigation.css
www.zdrave.net/css/ 5 KB
1 KB 48ms
47ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/navigation.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

d3a7933ceea5975f066f9787abf8b060585444d1cb6bf8d8d6993e8421cbe405

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 11:53:27 GMT
server: Apache
etag: "7ae0a43-15f7-5a0bb1e1236b9-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1406
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 images-slider.css
www.zdrave.net/css/ 1 KB
467 B 49ms
48ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/images-slider.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

396b648d43188cce8b04129d6084ef3581feecde5d7248f6b15621947d57c2f6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Wed, 17 Jul 2019 07:03:29 GMT
server: Apache
etag: "7ae0a3f-403-58ddb172a94cf-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 405
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 mobile.css
www.zdrave.net/css/ 13 KB
3 KB 50ms
50ms Stylesheet
text/css 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdrave.net/css/mobile.css

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/default.css?version=3.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

c406a9b6bbf5c1d7a070ca7d6d7c579cb57bacfd8b47c30f9598de88833937bd

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/default.css?version=3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2020 08:15:16 GMT
server: Apache
etag: "7ae0a42-358d-5a0cc2fa93dd7-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3120
x-xss-protection: 1; mode=block
expires: Wed, 04 Jan 2023 14:41:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 128ms
36ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 13:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5137
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 05 Dec 2022 15:15:46 GMT

GET
H2 200 6699u7okzw Show response
www.clarity.ms/tag/ 1 KB
1 KB 211ms
125ms Script
application/x-javascript 2620:1ec:49::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/6699u7okzw
Requested by: Host: www.zdrave.net
URL: https://www.zdrave.net/%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8/90--%D0%BE%D1%82--%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5,-%D0%BD%D0%B0-%D0%BA%D0%BE%D0%B8%D1%82%D0%BE-%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5---%D0%94%D0%B0-%D1%81%D0%B5-%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82-%D0%94%D0%A1%D0%93,-%D0%BD%D0%BE-%D0%BD%D0%B5-%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0,-%D0%B0-%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE/n23571
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f3de54ac1bd96d0aa3367f12fc533cc8afc9f84f36ea4e821bee98daac0308cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: application/x-javascript
date: Mon, 05 Dec 2022 14:41:23 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0EwOOYwAAAADF2BOkFiUSSKbZRzHbFzIKRlJBMjMxMDUwNDE4MDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 google-plus.png
www.zdrave.net/images/theme/ 518 B
575 B 146ms
141ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/google-plus.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

28410b7bcdf8824fa405fe091d2f401c5b71e36ee5e431dc6a944cc22464de0c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f77-206-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 518
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 twitter_active.png
www.zdrave.net/images/theme/ 4 KB
4 KB 149ms
144ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/twitter_active.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

0aecfb25b75ea853c7bdd9f2ae4620cc1f8f63942127014ff31f28564e006ecf

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Thu, 10 Jan 2019 14:46:44 GMT
server: Apache
etag: "2862126-fe9-57f1ba5b9f2fb"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4073
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 rss_active.png
www.zdrave.net/images/theme/ 3 KB
3 KB 148ms
144ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/rss_active.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

599411752c0cbc0680d552dce5faeda913b91f9e4879eed770533c30395a0ca7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 04 Dec 2017 19:16:05 GMT
server: Apache
etag: "2861f83-c46-55f888cbde740"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3142
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 facebook_active.png
www.zdrave.net/images/theme/ 14 KB
15 KB 145ms
141ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/facebook_active.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

f6e6967c12c98373a9bf1252d3491517032f8cfd9cd203885eb274df35180f1f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 04 Dec 2017 19:26:10 GMT
server: Apache
etag: "2861f74-3982-55f88b0cd7880"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14722
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans|Noto+Serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdrave.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 17:29:15 GMT
x-content-type-options: nosniff
age: 249128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:29:15 GMT

GET
H2 200 search.png
www.zdrave.net/images/theme/ 389 B
445 B 141ms
140ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/search.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/theme.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

46d5ada7d42ccd1d918e9097eb2e58f0fbb8d7ebf230bff43fee1946c669fde7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/theme.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:19 GMT
server: Apache
etag: "2861f85-185-54e752006a5c0"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 389
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 menu_inactive.png
www.zdrave.net/images/theme/ 1 KB
1 KB 140ms
139ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/menu_inactive.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/navigation.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

04b75c37a7d5b3be61e313fd0dc248329785547e15283a83ffbbb9886c0aac44

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/navigation.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f80-41a-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1050
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 menu_active.png
www.zdrave.net/images/theme/ 1 KB
1 KB 145ms
144ms Image
image/png 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/menu_active.png

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/navigation.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

e922c29650768eee04e952c7b49e2c80d181ae7d4c00044a18191936093cfd6a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/navigation.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f7f-41a-54e751ff76380"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1050
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v21/ 16 KB
16 KB 155ms
76ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans|Noto+Serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdrave.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:59:38 GMT
x-content-type-options: nosniff
age: 603705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:36:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 14:59:38 GMT

GET
H2 200 line1.gif
www.zdrave.net/images/theme/ 1 KB
1 KB 116ms
115ms Image
image/gif 193.107.36.30
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zdrave.net/images/theme/line1.gif

Requested by

Host: www.zdrave.net
URL: https://www.zdrave.net/css/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.107.36.30 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),

Reverse DNS

server25.superhosting.bg

Software

Apache /

Resource Hash

6847fba5c78232ebd70ccc160948b4290b21425ca15970e4fab8cd7b17148c73

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/css/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
last-modified: Mon, 01 May 2017 11:57:18 GMT
server: Apache
etag: "2861f7a-4af-54e751ff76380"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1199
x-xss-protection: 1; mode=block
expires: Tue, 05 Dec 2023 14:41:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/bg_BG/ 3 KB
2 KB 35ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7157d841ee10fef56904efe3f0188bcc891d408708fb82bc637a53f5f8a0aaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 14:41:23 GMT
content-md5: 55rw7DZ78rb7B+sckp/Vhg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 0JaFeqx3mmWc5IpOgo/QC6we98q9XHe4ymEptlyoEZHVXdqNWhPLTuPsiTujFCg0o5MHGWLZm+8p6S3rGXSVRw==
x-fb-trip-id: 686109401
x-fb-content-md5: ea069afe9777f9b7c19cbc859e9bf45c
cross-origin-opener-policy: same-origin-allow-popups
etag: "227077562f4026408f53edfa8e5906be"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 05 Dec 2022 14:47:59 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/bg_BG/ 301 KB
85 KB 22ms
10ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/bg_BG/sdk.js?hash=fd0c190987d99bb9645e5dfbd1511dbe

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/bg_BG/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

892f858e2c9479b6a3d53f9e66d02ab26cb2766e95205af3309166a6a7417830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.zdrave.net/
Origin: https://www.zdrave.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 14:41:23 GMT
content-md5: TiOA2NuTRjpJXOhiJnm5cg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87050
x-fb-rlafr: 0
x-fb-debug: nCXvUnrQuM5fwhmu83TZj7a6LUoq7N7opZc2RGp15zqVk43ipl3oXppgH5WI0FbG2uFyuxhpFJ/J2pV1d+92SA==
x-fb-content-md5: 6b11e48a9008ab0d280b24669791df44
cross-origin-opener-policy: same-origin-allow-popups
etag: "d442f94b437acd43e4d407aa70ff4d46"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 05 Dec 2023 12:00:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 131ms
50ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=22862176&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&ul=en-us&de=UTF-8&dt=90%25%20%D0%BE%D1%82%20%E2%80%9E%D0%BB%D0%B5%D0%BA%D0%B0%D1%80%D0%B8%D1%82%D0%B5%2C%20%D0%BD%D0%B0%20%D0%BA%D0%BE%D0%B8%D1%82%D0%BE%20%D0%B2%D1%8F%D1%80%D0%B2%D0%B0%D0%BC%D0%B5%E2%80%9C%3A%20%D0%94%D0%B0%20%D1%81%D0%B5%20%D0%B2%D1%8A%D0%B2%D0%B5%D0%B4%D0%B0%D1%82%20%D0%94%D0%A1%D0%93%2C%20%D0%BD%D0%BE%20%D0%BD%D0%B5%20%D0%B2%D0%B5%D0%B4%D0%BD%D0%B0%D0%B3%D0%B0%2C%20%D0%B0%20%D0%BF%D0%BE%D1%81%D1%82%D0%B5%D0%BF%D0%B5%D0%BD%D0%BD%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=317447569&gjid=235503163&cid=1615215912.1670251283&tid=UA-1859235-1&_gid=1360002131.1670251283&_r=1&_slc=1&z=1439214303

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdrave.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zdrave.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-d/s/0.6.43/ 54 KB
18 KB 12ms
9ms Script
application/javascript 2620:1ec:49::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-d/s/0.6.43/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/6699u7okzw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:23 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
etag: "1d9026a431ead4c"
x-azure-ref: 0EwOOYwAAAABqxf5Aj8CcQJZseSw96WI0RlJBMjMxMDUwNDE4MDMzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 187ms
109ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9342365088706924&plah=www.zdrave.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4987b8844e3d429aeab480c31e284cf1d440ec6392d284488876e461d2f505e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119171
x-xss-protection: 0
server: cafe
etag: 9163130177180404329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Dec 2022 14:41:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 6027 10 KB
5 KB 139ms
38ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:50:36 GMT
etag: 10353107486223812946
expires: Mon, 19 Dec 2022 08:50:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 63ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1859235-1&cid=1615215912.1670251283&jid=317447569&gjid=235503163&_gid=1360002131.1670251283&_u=IEBAAAAAAAAAACAAI~&z=1251902636

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zdrave.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 14:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zdrave.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
a.clarity.ms/ 0
164 B 318ms
115ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.zdrave.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: https://www.zdrave.net
date: Mon, 05 Dec 2022 14:41:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 150ms
62ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1859235-1&cid=1615215912.1670251283&jid=317447569&_u=IEBAAAAAAAAAACAAI~&z=5038474

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:41:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 142ms
62ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1859235-1&cid=1615215912.1670251283&jid=317447569&_u=IEBAAAAAAAAAACAAI~&z=5038474

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:41:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 341ms
282ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.zdrave.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: https://www.zdrave.net
date: Mon, 05 Dec 2022 14:41:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 145ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zdrave.net&callback=_gfp_s_&client=ca-pub-9342365088706924&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9342365088706924&plah=www.zdrave.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b57e4f1131682963eb683c5627440a07daeebf0157a572eb6a4471549c0a1ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 137ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdrave.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
47ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdrave.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B029 0
19 B 917ms
833ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&adk=1812271804&adf=3025194257&lmt=1670251284&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283570&bpp=4&bdt=555&idt=346&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6136536367740&frm=20&pv=2&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=396

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:41:24 GMT
expires: Mon, 05 Dec 2022 14:41:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5657 91 KB
32 KB 864ms
815ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=90&slotname=4277830557&adk=621980329&adf=921206747&pi=t.ma~as.4277830557&w=728&lmt=1670251284&format=728x90&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283574&bpp=1&bdt=559&idt=419&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lDp4wG7EUo&p=https%3A//www.zdrave.net&dtd=433

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98ab36271a2e758aab84b33632d15c46e5d114243336cadb38f38d354f62ab28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32593
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:41:24 GMT
expires: Mon, 05 Dec 2022 14:41:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F1B 116 KB
42 KB 635ms
604ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1670251284&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283575&bpp=1&bdt=559&idt=443&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=3438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rrZoBM5zRu&p=https%3A//www.zdrave.net&dtd=449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad489d6d74f212aa8eee95aaa7d99d6419ac5e1188ad74fd31a90c774b315834

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COX55PPa4vsCFVgjBgAdco8NXA&gqi=FAOOY-O2BMHFbpOyg4AJ&layout=/sadbundle/%24csp%253Der3%24/12826094258187981279/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42943
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COX55PPa4vsCFVgjBgAdco8NXA&gqi=FAOOY-O2BMHFbpOyg4AJ&layout=/sadbundle/%24csp%253Der3%24/12826094258187981279/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:41:24 GMT
expires: Mon, 05 Dec 2022 14:41:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/ Frame 6CBC 37 KB
7 KB 134ms
50ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1670251284&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283575&bpp=1&bdt=559&idt=443&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=3438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rrZoBM5zRu&p=https%3A//www.zdrave.net&dtd=449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1811b60ec4b47c7a5a781f0a6986d517e86caa966e54a5f1b413ccb54699a3db

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 233129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5324
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 21:55:55 GMT
expires: Sat, 02 Dec 2023 21:55:55 GMT
last-modified: Mon, 07 Nov 2022 15:17:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F1B 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6_-TFAOOY-WfBdjGmLAP8p624AXhjM7hbZXBudrwEMSOle6POBABIJDjsUlgleKQgqAHoAG-48exKMgBCakCK_61kuP6qD6oAwHIA0iqBOcDT9Cgw9YUDhK2HgouCqGiZ4jIikg73c3ZXQv2chg1Zc9HsWs4bdbvqUzROjjGO-TUVIsP93EkEU5nPZuXmnaL440v7_klWXILO0vN-CMQQvRyIN4CqfzNW7-NmmiC3IlgLufyFR2kKIr8BFzc7v8ZwWQEkwCO3gBgYOGSqzjmpvx2-Vg7eJEXynD9MB_BtDQhMFeaQ9cdC3JL7qJzDcjaMGC5Pvsu9JcRAmaAw3_Up-YRJdC6Uz_4rpBwup7XTiSLXDnJ2e2D8tvir_WyuJQ4W09p-V2ymvQhnKFJl1ghXGe8XMvt2ZHkAUeoZGejjtpDhdku4pHTh-6DIjkU-geUoeGFa4_zgwtGByF0czQolU_1gQDyvjNyQCMjomBhqwIf0PQr3zlz8CP3GY61xzi5ilKnaWUOIcNvQY1e9gJHRkNzYdB-dRuN0lpJ6dNBTsWLQOb_5I9KaCbBoe1guM6h1XJgj2F2GU1UgbqqNYapiKVy_JR80uncGg0_H8ZgLhaxdWr98xCOjDnV5-48szxi9nuBvMNL3CEodndo7p7M_E3vHEqZHVJLHETPQUZsKQgURxoN2dX34qPgUS_PKiw_xY7dBDeVi6109eGaghSWsfbIvzvfZcgSH_ewdVUQRO7kakWowqKtlcAEutS5w4YEkgUECAQYAZIFBAgFGASgBi6AB76bmJEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3sIQ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItOTM0MjM2NTA4ODcwNjkyNBgA&sigh=xOPE1Qo_XgQ&uach_m=[UACH]&cid=CAQSGwDq26N9AmLNLuVwVSOBwtvuHM_rcNiFJcTO7xgBIBM&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1670251284&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283575&bpp=1&bdt=559&idt=443&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=3438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rrZoBM5zRu&p=https%3A//www.zdrave.net&dtd=449
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 14:41:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 05 Dec 2022 14:41:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8F1B 23 KB
10 KB 117ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:25:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8F1B 3 KB
1 KB 127ms
47ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:41:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8F1B 18 KB
7 KB 121ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:25:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F1B 155 KB
48 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:41:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B98C 143 B
166 B 45ms
43ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=280&slotname=8447686695&adk=261382394&adf=1233009936&pi=t.ma~as.8447686695&w=336&lmt=1670251284&format=336x280&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283575&bpp=1&bdt=559&idt=443&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=3438&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=rrZoBM5zRu&p=https%3A//www.zdrave.net&dtd=449
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2699
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 13:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6CBC 6 KB
3 KB 113ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 06 Dec 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6CBC 34 KB
13 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 06 Dec 2022 09:40:58 GMT

GET
H3 200 9aeba36c5bbfae51573fc702efa43098.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/ Frame 6CBC 104 KB
30 KB 139ms
62ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/9aeba36c5bbfae51573fc702efa43098.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

000468e5aa11503b6f792310504e96a9924cdf4b0a54893475b29d2e4d37aafc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 09:38:33 GMT
age: 277371
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30220
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 15:17:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 09:38:33 GMT

GET
DATA 200
OK truncated
/ Frame 8F1B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acc36d8fc6122268599533d30249c2d44e97f3f62e74a55c848c4d97c4fbf168

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 5657 4 KB
621 B 121ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=90&slotname=4277830557&adk=621980329&adf=921206747&pi=t.ma~as.4277830557&w=728&lmt=1670251284&format=728x90&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283574&bpp=1&bdt=559&idt=419&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lDp4wG7EUo&p=https%3A//www.zdrave.net&dtd=433

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 14:21:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 14:41:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5657 2 KB
765 B 126ms
85ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:25:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 5657 23 KB
9 KB 94ms
53ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:25:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5657 3 KB
1 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:41:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5657 18 KB
7 KB 88ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:25:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5657 155 KB
47 KB 130ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:41:24 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 5657 34 KB
14 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 14:56:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5657 0
0 97ms
96ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtQi2FAOOY9ODBcrh1gak2oTIC8a-zd1tmJSLqJoRqorWlIcXEAEgkOOxSWCV4pCCoAegAcP72PADyAEJqQLHLe-sL7WxPqgDAcgDywSqBOUDT9BO3t5nL-ELyWMC8U5Ro8iz8jCvUXCO4ytsdyE5uHETT8ATtM1B3GTo-wI6R_G5HmaDog6Zqt59ThEdzhVVbKm6jhDQgqO-KYhlMe3LRIUf2UifKvPFj9pXvWxXEa6FMXY5yt2vKs9HNd_O0gk2n4OjQXGf74-0XMNcAcXupYodB_v_JSGnuj4OuvwuXT1lMALcUc_qABh9_vA7KXYtfaOdTERgNOtL9bbdHxxDWzJKiTeqNZH37FfwC4R7Cg8Eb_66relXgOHqY5oe0c2CPuk88gZNJr8BLEEhPGX_BPCI40qOm_hMuHm9zJFcebgoI7Fj7shiUxbS2UC_lff8oG6LnHCLjmpfdUN_5XoYq7JzLEfjx8XKNAfZElszU1YQBX-tp6ycAEs5V54PFTxbj93RfAu3zrQwEc8nou4A7lwjt0DsRbWCALoH9xBmoS92Qu6MEscuj0BsjfNU7WMU0B8m132d_Wm8YzVrZgy6bczqJ5apPErCaDBWWxWyWWKAGkovR5L2RPIQkem0uEYQ_XF_16wnlLLegzsPQF5_d8qeqDcQ8l3xlT7IS0Xwjzcs_XG8cNME5rfO82HKA1d7urDm4dwnuSwe0doYmwuJDLwVs369aalsd2QXI6JPOiDFo2rLPNHABMCkjPyxBJIFBAgEGAGSBQQIBRgEoAYugAelhKcPqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ3ZET0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMN0BUBmBYBgBcBshccChoIABIUcHViLTkzNDIzNjUwODg3MDY5MjQYAA&sigh=-3zbfzSwOtc&uach_m=[UACH]&cid=CAQSGwDq26N92ytmDTRWvvhT7-UTrf7OQ_8z1uUbaRgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9342365088706924&output=html&h=90&slotname=4277830557&adk=621980329&adf=921206747&pi=t.ma~as.4277830557&w=728&lmt=1670251284&format=728x90&url=https%3A%2F%2Fwww.zdrave.net%2F%25D0%259D%25D0%25BE%25D0%25B2%25D0%25B8%25D0%25BD%25D0%25B8%2F90--%25D0%25BE%25D1%2582--%25D0%25BB%25D0%25B5%25D0%25BA%25D0%25B0%25D1%2580%25D0%25B8%25D1%2582%25D0%25B5%2C-%25D0%25BD%25D0%25B0-%25D0%25BA%25D0%25BE%25D0%25B8%25D1%2582%25D0%25BE-%25D0%25B2%25D1%258F%25D1%2580%25D0%25B2%25D0%25B0%25D0%25BC%25D0%25B5---%25D0%2594%25D0%25B0-%25D1%2581%25D0%25B5-%25D0%25B2%25D1%258A%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25B0%25D1%2582-%25D0%2594%25D0%25A1%25D0%2593%2C-%25D0%25BD%25D0%25BE-%25D0%25BD%25D0%25B5-%25D0%25B2%25D0%25B5%25D0%25B4%25D0%25BD%25D0%25B0%25D0%25B3%25D0%25B0%2C-%25D0%25B0-%25D0%25BF%25D0%25BE%25D1%2581%25D1%2582%25D0%25B5%25D0%25BF%25D0%25B5%25D0%25BD%25D0%25BD%25D0%25BE%2Fn23571&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670251283574&bpp=1&bdt=559&idt=419&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6136536367740&frm=20&pv=1&ga_vid=1615215912.1670251283&ga_sid=1670251284&ga_hid=22862176&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=670&ady=45&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=1762430558328551&tmod=1358881243&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=lDp4wG7EUo&p=https%3A//www.zdrave.net&dtd=433
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 05 Dec 2022 14:41:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/5127583602654496563/ Frame 5657 63 KB
63 KB 63ms
63ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5127583602654496563/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9539bcac18bb3df4140dc408af377b5a69f2828f60ba3563f93967d3f2d2d189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:21:08 GMT
x-content-type-options: nosniff
age: 246016
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64691
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 15:49:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 18:21:08 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8537207053503751022/ Frame 5657 2 KB
2 KB 76ms
76ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8537207053503751022/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32cb5244dcc1dae88e7230eeaa535354337c5ac45b8e2fb27b95f3c8ee2544c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 11:54:47 GMT
x-content-type-options: nosniff
age: 269197
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2410
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 14:29:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 11:54:47 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B98C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:41:25 GMT
expires: Mon, 05 Dec 2022 14:41:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:41:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5657 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d12854992e7ff1377a6a8feed7bf7f177daf3a16debc32d882232b306d3934a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 6CBC 5 KB
657 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/9aeba36c5bbfae51573fc702efa43098.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 14:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 14:41:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Dec 2022 14:41:25 GMT

GET
H3 200 1a6de99c579a6d1d44097e051b40289a.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/media/ Frame 6CBC 13 KB
13 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/media/1a6de99c579a6d1d44097e051b40289a.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df83f564ac98893b1bf74c786184573e4cec96173e8d21df59ec470bd87e77e2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 03 Dec 2022 08:03:00 GMT
x-content-type-options: nosniff
age: 196705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12996
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 15:17:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 08:03:00 GMT

GET
H3 200 cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/media/ Frame 6CBC 349 B
288 B 40ms
39ms Image
image/svg+xml 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/media/cd2696fd4b4633d9b42115314ccf4590.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 17:46:16 GMT
age: 248109
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 15:17:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 17:46:16 GMT

GET
H3 200 a189493c552b4bcea97008fdbcf85262.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/media/ Frame 6CBC 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/media/a189493c552b4bcea97008fdbcf85262.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e0911afbac2ecfc9b9dade892932f29d4e1b911007bf023301382bea7f2e787

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 28 Nov 2022 15:35:22 GMT
x-content-type-options: nosniff
age: 601563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1996
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 15:17:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Nov 2023 15:35:22 GMT

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 6CBC 45 KB
45 KB 137ms
64ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:05:34 GMT
x-content-type-options: nosniff
age: 318951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 22:05:34 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6CBC 16 KB
16 KB 107ms
35ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 355305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 11:59:40 GMT

GET
H3 200 02c3e55aedbcdfe4097feec8ad757306.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/media/ Frame 6CBC 18 KB
18 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/media/02c3e55aedbcdfe4097feec8ad757306.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12826094258187981279/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b176f1e5927a2196a5cdde598579e61794e23246ca383835c09fe42573cf37c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 03 Dec 2022 08:03:00 GMT
x-content-type-options: nosniff
age: 196705
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18107
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 15:17:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 08:03:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5657 15 KB
16 KB 112ms
52ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 597393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5657 15 KB
15 KB 98ms
39ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 327550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 287F 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 09:30:51 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 3B03
Redirect Chain

https://www.facebook.com/v2.8/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f99f520b1585c%26domain%3Dwww.zdrave.net%26is...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fver...

0
0

118ms
106ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2f99f520b1585c%2526domain%253Dwww.zdrave.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.zdrave.net%25252Ffdeec2a5af2228%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdravenet-102162099889218%252F%253Ffref%253Dts%26locale%3Dbg_BG%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/bg_BG/sdk.js?hash=fd0c190987d99bb9645e5dfbd1511dbe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 05 Dec 2022 14:41:25 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: njrN4QNY/z6prIpplWtCCnmukk3Z30f8zEMHzcHsGAOQCcYSMw7mYzotC5cWt0pSy7rs7c1JULOyCJnKEdy3YQ==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 05 Dec 2022 14:41:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v9.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2f99f520b1585c%2526domain%253Dwww.zdrave.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.zdrave.net%25252Ffdeec2a5af2228%2526relation%253Dparent.parent%26container_width%3D0%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FZdravenet-102162099889218%252F%253Ffref%253Dts%26locale%3Dbg_BG%26sdk%3Djoey%26show_facepile%3Dfalse%26show_posts%3Dfalse%26width%3D300
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: 2hwyQAWqVXXz3E3ewoS5z2bWfrldTUOTMV+W1r8ZsJaKDsy01QDQibZozqITF4B1lC4r19BuQHnqAlEXb0Hepw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 171ms
88ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7acb9ed924e30fc154804d21ed7ef7197925ab0bbc27e9ab74b1792ee4a42806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11161
x-xss-protection: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CBC 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 09:30:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:41:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D84 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 13:29:43 GMT
expires: Tue, 05 Dec 2023 13:29:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0739 783 B
537 B 50ms
49ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3210319d2455648e2e22cd690fb35c559c5603e5fa4737e94aaa359c6d553751

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-35rQxsV4bzf7zGBSTJW3jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdrave.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-35rQxsV4bzf7zGBSTJW3jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 14:41:25 GMT
expires: Mon, 05 Dec 2022 14:41:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D84 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 09:30:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0739 0
0 181ms
181ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1762430558328551&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D84 0
12 B 36ms
36ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HzQzXQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 14:41:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 94ms
94ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.zdrave.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: https://www.zdrave.net
date: Mon, 05 Dec 2022 14:41:25 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5657 42 B
64 B 184ms
184ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssS1hQswJ5nF_FvalNNKilSobVWto7gucs54i31vwMBZXl0oDDbm4kcQfGGkIFWUjjRc4PzZBIc4Jh39YiTHlNeHwoq43aKYKRtvN_Tii__zhYtaYdJqFTjA4Tj0GdN-N-djbjk7w&sai=AMfl-YTlfW3JTKwOvSeoIzRlXgwzmb4CIbPz3477tPNWnAN7mPvZ53fSoNbxteB5z28bNajNefkvWWFGaTLEBJ0&sig=Cg0ArKJSzHDHNTV0RI_nEAE&cid=CAQSGwDq26N92ytmDTRWvvhT7-UTrf7OQ_8z1uUbaRgBIBM&id=lidar2&mcvt=1005&p=0,0,90,728&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=621980329&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670251284009&rpt=1246&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 14:41:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 188ms
188ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1762430558328551&bg=!jo2ljcnNAAbvMpMzzzI7ACkAdvg8WicOpt7bZv28NGHv8vXbpKJtqKI36F6KcOPavIYjQOnCsEji3AIAAABiUgAAAARoAQeZAqhdT3nB7m5_2oqSH6P2T2dwUf2rM_RTJXiuBaJa_vku5j3-_63ylk60XKOFicfOkniMmocqvo2FuUNyh2bAOhy5pHkOYjFznZPR_63-YpTFy7xrPjz852InIFMuKjks_cNIsVKtGlaMhHGVkA8jsh9lGj5jr_iRedrWMv_bZ0hNLIuNcVWPPZkbrU92xSg9r5gUrWx2mQmL6AEyXlN2XrHl1DJqigIvUr80iVyvhw4hY0ImVbKh38KTR5KAfPB_Yzgixmg0DIEvIAvFVmlQ61UUz6Vdp-I-rN7sui1xxGO9TfZmG8bBhH_Pdb9zCwYYuBNonhzvfFfmtoEUUAt1rUV5zYQpiNGNvgsJYq_xvfBPe0Vph0fuFZ11Hzy2s-h7I8u_yaa_6kmoW21To06zkyWrcBBSD2RWLyN3dpO540jA3Gv2XrlffPFPdIUSxNmceFmY0IZYk1SQDnqETUNzovdcnXVe3dXVneokB8AQMuQuJAzWs07w67heYK4YvXbJyAoT8Il1PvipwO4VrsjFEllydVOGg98OpYaP2sDJeuhEzyV5BgY5Pce7o9G-orSAsGQFvlk-YtrVlKuMx9Kusn34flvWWIswjSIEENmIi0F1i97PpRBXM4DRDzblPySQesZa9L2XBNS1vMeuX9veBPxIaGMt38m4g5xksCwIE2FxxGLte6p7uI11QJP3aimSUFLnONbNE-Ev2BHKd2ZArNm76QArTbEOEjS0Pwevgm96bngwPE2Tz7zq7Li7vdOXR_MzjsGZFL5VE0y7urp5afVlI1DUWX6IDwqrd_djGx159hZood9JktxBzoRdXfXex_AqmIPmUA9rkXXHs-ZwnvAhZYJLBOGXyLPz_guSGDci2ESvKIr0rPzXYPfTHGes4w-YfUFiCLeSUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zdrave.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

POST
H2 204 collect Show response
a.clarity.ms/ 0
48 B 105ms
104ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-d/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.zdrave.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: https://www.zdrave.net
date: Mon, 05 Dec 2022 14:41:29 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.zdrave.net/	1969-12-31 23:59:59	Name: zdrave.net Value: 35fmv41r60j48kornefubeprf7
.zdrave.net/	1970-01-20 17:33:31	Name: _ga Value: GA1.2.1615215912.1670251283
.zdrave.net/	1970-01-20 07:58:57	Name: _gid Value: GA1.2.1360002131.1670251283
.zdrave.net/	1970-01-20 07:57:31	Name: _gat Value: 1
.zdrave.net/	1970-01-20 17:19:07	Name: __gads Value: ID=49875047efc1cee4-223f1a144ed80002:T=1670251284:RT=1670251284:S=ALNI_MZ58Bs19UKH16QiG8mzaefLfyrEsQ
.zdrave.net/	1970-01-20 17:19:07	Name: __gpi Value: UID=00000b8dc5ef62ab:T=1670251284:RT=1670251284:S=ALNI_MbWJMMUljUyfh_JustxrLhayX8fYw
.doubleclick.net/	1970-01-20 17:19:07	Name: IDE Value: AHWqTUkwP58N9991awxEmH1QsnYGviOiToSloT9bUXo44bqgPa-3BlS3qIFUYOQN5qQ
.doubleclick.net/	1970-01-20 07:57:32	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 07:57:34	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
adservice.google.com
adservice.google.de
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.zdrave.net
zdrave.net
104.45.184.134
193.107.36.30
2606:4700::6812:acf
2620:1ec:49::44
2a00:1450:4001:806::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
000468e5aa11503b6f792310504e96a9924cdf4b0a54893475b29d2e4d37aafc
04b75c37a7d5b3be61e313fd0dc248329785547e15283a83ffbbb9886c0aac44
07a168823a66228242f1c214eee0ad58395acbd1eacc5fa5ae1e3e9816a22961
0878b7a70b07f41f8dffb16561bb8a07da29a2e21c353e30de2141cd90c298f5
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09f87e0fec746de870049d9fc6ff4e4edf1126968dce6fd0ca8892f7af2705c7
0aecfb25b75ea853c7bdd9f2ae4620cc1f8f63942127014ff31f28564e006ecf
0e0911afbac2ecfc9b9dade892932f29d4e1b911007bf023301382bea7f2e787
1309ddeec5bde7ef3550f4e95bd348d46211e52a3a62a2ad77fcf935f98dda0a
1369787835af869aff7b52ee93d7a13b1f92b3492e9a1f0bf03e32c41d5780e2
17eaee734a775f1f235ed9bd7776afdf4c75ca2bf4e39ace0edccb7a2a963bfb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1811b60ec4b47c7a5a781f0a6986d517e86caa966e54a5f1b413ccb54699a3db
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
27c1eca2afe6e04c1b1dbf67f7737b1433f73abf5fd4218077cecf29ae81cc6f
28410b7bcdf8824fa405fe091d2f401c5b71e36ee5e431dc6a944cc22464de0c
2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3210319d2455648e2e22cd690fb35c559c5603e5fa4737e94aaa359c6d553751
32cb5244dcc1dae88e7230eeaa535354337c5ac45b8e2fb27b95f3c8ee2544c7
396b648d43188cce8b04129d6084ef3581feecde5d7248f6b15621947d57c2f6
3a685bfca7b3da8b42fddd6f480ab33dc0ac3287d3bd7d08b96626140ad65223
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
40c8491dd8d25e206d281e7d8bec063037caef34d452809d1ddc08d0e6988eef
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
4480d5f8426748ec2e1d1e62daf66a66217223a23fbccd0415d966b12c524c01
46d5ada7d42ccd1d918e9097eb2e58f0fbb8d7ebf230bff43fee1946c669fde7
498288a8a7c75ee136fca9a5f1e6d2b5c451db4591d91418abfc16d2cfb67724
4987b8844e3d429aeab480c31e284cf1d440ec6392d284488876e461d2f505e4
4b176f1e5927a2196a5cdde598579e61794e23246ca383835c09fe42573cf37c
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
599411752c0cbc0680d552dce5faeda913b91f9e4879eed770533c30395a0ca7
5a5da5d4b4efc7e40e1165624e027145a6c38a0052e0b673fdcb8fc91951a3e0
5ab8a6d729d40258c07b55b51f4ee107727ac32c83f2475f875ad48cd0dcee9e
5ba9ff8e083888645d374b506836d0d7824b45e7e77a16ed08c7c63c81141917
5d12854992e7ff1377a6a8feed7bf7f177daf3a16debc32d882232b306d3934a
5f298c5f7b81a280b862dbf20a96c7bc4a5956bb3681180b27a505895da08291
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6847fba5c78232ebd70ccc160948b4290b21425ca15970e4fab8cd7b17148c73
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7157d841ee10fef56904efe3f0188bcc891d408708fb82bc637a53f5f8a0aaf9
729d6b9a58b6c92007ccbd682ae0de886462e54c4966d4189f3f746214404198
733714607acfa84239ae2242f87f105f82ca50b77ad89ab5063f6280bbae1d47
749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a
776caf23f2dd61692e8bf8ec85e98407dcdf172758472b2166b12e659853e098
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7acb9ed924e30fc154804d21ed7ef7197925ab0bbc27e9ab74b1792ee4a42806
84b871d5eb4a2dcc2a79dcddc492dfda7e095066914ef8e7fd481c2a31ffa9c8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
892f858e2c9479b6a3d53f9e66d02ab26cb2766e95205af3309166a6a7417830
8bbaf59d66080803e89d5759a5f0cffb3bb1d9b9569986a1bcc1285e0682fd84
94fa68fdd95ac855f8507740b330a861a3bce4c06427da75ad5853bb01e704ab
9539bcac18bb3df4140dc408af377b5a69f2828f60ba3563f93967d3f2d2d189
98ab36271a2e758aab84b33632d15c46e5d114243336cadb38f38d354f62ab28
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a2f9715182c9ec076818f9f7c3291f1d03da74d0edf4a12f7c69d62fa65481dc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52e781c2a4db6781cc86beebc89d121a183b8a48dac796eca08de3b4c0b3260
a5a177c215b89cccf0a6dc99c27e896853a287f0e822ff64682fe36a8e16d405
acc36d8fc6122268599533d30249c2d44e97f3f62e74a55c848c4d97c4fbf168
ad2d3eda55065150c5f357e5f97eee07ad613fe71a581d4f91cb76227a6942da
ad489d6d74f212aa8eee95aaa7d99d6419ac5e1188ad74fd31a90c774b315834
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57e4f1131682963eb683c5627440a07daeebf0157a572eb6a4471549c0a1ab8
b86d7688284b356fc73bf814453d2e5f81c3e42403967512a7b51516bb436892
c318714f0ec6a40faa4c30ae5c6beb71661d82568f18565219bfb1550224462f
c32886a5d00d2b4761daaa1cabb05eb082e41eb34943699ea64da7b27a8518a4
c3ddaa5eecec0e0081656dd442d14e03fcd302b4400d8b8af9e62d25b27a68b7
c406a9b6bbf5c1d7a070ca7d6d7c579cb57bacfd8b47c30f9598de88833937bd
c6b16c1f0ed9249a4c2c2da6b7ebc2e25aef5998ddb8b311e312a9cfe20247b4
cbd23f377c6e6dec469785ffea8856431946fba633d036289af3b96c0ef8377c
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
ceeb80cc9eaff5f737aa00110c4121e4ba6374db55ffd8bb227e56d01b3d6b94
d3a7933ceea5975f066f9787abf8b060585444d1cb6bf8d8d6993e8421cbe405
d7e56e7336c292a43f7630b098dcb604c4f9a9d6ad26bbb75fe3687797908692
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
df83f564ac98893b1bf74c786184573e4cec96173e8d21df59ec470bd87e77e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6776a7594a2024babdfe16f8085fb1b252f1abee124c62649765fb362aaa7d0
e922c29650768eee04e952c7b49e2c80d181ae7d4c00044a18191936093cfd6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3de54ac1bd96d0aa3367f12fc533cc8afc9f84f36ea4e821bee98daac0308cf
f449d1503fabfc8367b7e1698ae3d62c4a5b4c1cd88fe05d0b00881d6fcbb0c8
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e6967c12c98373a9bf1252d3491517032f8cfd9cd203885eb274df35180f1f
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
fe33791d0ed4232d5f276eb5d3ee5b844128c79cd09722b338e43abed2695b26
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff49ef60cf91b017a1b745c0fd09acce50a695fd20aa0f27a3a60f274c19ad41

www.zdrave.net Open in urlscan Pro 193.107.36.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

99 %HTTPS

90 %IPv6

14 Domains

21 Subdomains

21 IPs

4 Countries

1802 kBTransfer

3370 kBSize

9 Cookies

19 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdrave.net Open in urlscan Pro
193.107.36.30 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

99 %
HTTPS

90 %
IPv6

14
Domains

21
Subdomains

21
IPs

4
Countries

1802 kB
Transfer

3370 kB
Size

9
Cookies

119 HTTP transactions
2 data transactions