urlscan.io logo urlscan.io
SecurityTrails logo

zdrave.to Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Submission: On August 30 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 8 domains to perform 70 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is zdrave.to.
TLS certificate: Issued by WE1 on August 21st 2024. Valid for: 3 months.
This is the only time zdrave.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 188.114.97.3 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
19 142.250.185.98 15169 (GOOGLE)
1 104.19.229.21 13335 (CLOUDFLAR...)
2 4 146.59.21.26 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
2 6 146.59.28.220 16276 (OVH)
3 78.128.6.42 31083 (TELEPOINT)
1 104.19.230.21 13335 (CLOUDFLAR...)
1 146.59.30.104 16276 (OVH)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
70 14
22    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
zdrave.to
5    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
19    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
1    104.19.229.21 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hcaptcha.com
4    146.59.21.26 (France)

ASN16276 (OVH, FR)
PTR: ip26.ip-146-59-21.eu
blitzbg.adocean.pl
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    146.59.28.220 (France)

ASN16276 (OVH, FR)
PTR: ip220.ip-146-59-28.eu
blitzadbg.hit.gemius.pl
3    78.128.6.42 (Bulgaria)

ASN31083 (TELEPOINT, BG)
PTR: ip-6-42.telehouse.bg
gabg.hit.gemius.pl
1    104.19.230.21 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
1    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
ep1.adtrafficquality.google
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
22 zdrave.to
zdrave.to
549 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
334 KB
10 gemius.pl
blitzadbg.hit.gemius.pl — Cisco Umbrella Rank: 986456
gabg.hit.gemius.pl — Cisco Umbrella Rank: 225578
ls.hit.gemius.pl — Cisco Umbrella Rank: 24682
25 KB
8 gstatic.com
fonts.gstatic.com
177 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
4 KB
4 adocean.pl
blitzbg.adocean.pl
33 KB
2 adtrafficquality.google
ep1.adtrafficquality.google
ep2.adtrafficquality.google
19 KB
2 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 11084
newassets.hcaptcha.com — Cisco Umbrella Rank: 8953
52 KB
70 8
Domain Requested by
22 zdrave.to zdrave.to
19 pagead2.googlesyndication.com zdrave.to
pagead2.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
6 blitzadbg.hit.gemius.pl 2 redirects blitzbg.adocean.pl
5 fonts.googleapis.com zdrave.to
pagead2.googlesyndication.com
4 blitzbg.adocean.pl 2 redirects zdrave.to
3 gabg.hit.gemius.pl zdrave.to
gabg.hit.gemius.pl
1 tpc.googlesyndication.com ep2.adtrafficquality.google
1 ep2.adtrafficquality.google pagead2.googlesyndication.com
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 ls.hit.gemius.pl gabg.hit.gemius.pl
1 newassets.hcaptcha.com js.hcaptcha.com
1 js.hcaptcha.com zdrave.to
70 13
Subject Issuer Validity Valid
zdrave.to
WE1		 2024-08-21 -
2024-11-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
hcaptcha.com
WE1		 2024-07-10 -
2024-10-08		 3 months crt.sh
*.adocean.pl
Sectigo ECC Domain Validation Secure Server CA		 2024-01-29 -
2025-02-06		 a year crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2023-09-14 -
2024-09-25		 a year crt.sh
adtrafficquality.google
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Frame ID: 6C7ADD7638D7B42C6FA585165258B904
Requests: 59 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 08353BC4CDB76AF918958FCCF7B5166F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html
Frame ID: 324E42BA3CAE60C1FD229ED5A62702D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1725012396&plat=3%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_r&format=0x0&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395768&bpp=7&bdt=1829&idt=550&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5098570804216&frm=20&pv=2&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=639
Frame ID: 0864C74EB45CDEE9435BCE7E28FACE73
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=7965809726&adk=2755862428&adf=2512173744&pi=t.ma~as.7965809726&w=970&abgtt=5&lmt=1725012396&format=970x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395775&bpp=2&bdt=1836&idt=681&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=693
Frame ID: D173BD9BAC64E64E76BF016EEC8F2C1E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=7960946853&adk=681899983&adf=9006241&pi=t.ma~as.7960946853&w=300&abgtt=5&lmt=1725012396&format=300x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395777&bpp=1&bdt=1838&idt=723&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C970x250&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=313&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=731
Frame ID: 28585DD40759A96A620D31B2E9CFB887
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=1914413254&adk=3572525808&adf=1582542652&pi=t.ma~as.1914413254&w=300&abgtt=5&lmt=1725012396&format=300x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395778&bpp=1&bdt=1839&idt=747&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C970x250%2C300x250&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=768&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=752
Frame ID: 8595D5A425285E9F78DBAF053B5B6139
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=9140435884&adk=2316966183&adf=3725143025&pi=t.ma~as.9140435884&w=300&abgtt=5&lmt=1725012396&format=300x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395778&bpp=1&bdt=1839&idt=776&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C970x250%2C300x250%2C300x250&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=5&uci=a!5&fsb=1&dtd=781
Frame ID: 6F8FD09A0149C5E7B4A826C8949D2369
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=9522853658&adk=4102823793&adf=2748429769&pi=t.ma~as.9522853658&w=300&abgtt=5&lmt=1725012396&format=300x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395779&bpp=1&bdt=1840&idt=794&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C970x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=1378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=798
Frame ID: 11C873CA77B6BF903B3F7F531DBF8BC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2BF6E0445921284100A66943868CFE2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=280&adk=2580254993&adf=232497138&w=886&abgtt=5&fwrn=4&fwrnh=100&lmt=1725012397&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8180877581&ad_type=text_image&format=886x280&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&fwr=0&pra=3&rh=200&rw=886&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012397964&bpp=4&bdt=4025&idt=5&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3Db6451a763d526222%3AT%3D1725012396%3ART%3D1725012396%3AS%3DAA-AfjaJ-b1Eyh0n5_0MdfQ8nHD6&prev_fmts=0x0%2C970x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=2&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=247&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1408&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=20
Frame ID: 019B4A8A09E9399A342CF8FB472B734D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html
Frame ID: 2E1EE5D1075106B918CEB817B5166562
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html
Frame ID: 7F78AEDFAD4492C8235C95EA204BBAEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Това е най-опасната закуска за стомаха на възрастните хора - Здравни новини

Detected technologies

Overall confidence: 100%
Detected patterns
  • adocean\.pl/files/js/ado\.js
  • adocean\.pl
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

70
Requests

97 %
HTTPS

31 %
IPv6

8
Domains

13
Subdomains

14
IPs

6
Countries

1189 kB
Transfer

2717 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://blitzbg.adocean.pl/_1725012395017/ad.js?id=n87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7/adov=4.6.5/x=1600/y=1200/adult=0/aid=59800/cat=1/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D HTTP 301
  • https://blitzbg.adocean.pl/__/_1725012395017/ad.js?id=n87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7/adov=4.6.5/x=1600/y=1200/adult=0/aid=59800/cat=1/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D HTTP 301
  • https://blitzadbg.hit.gemius.pl/redataredir?url=https%3A%2F%2Fblitzbg.adocean.pl%2F___%2F_1725012395%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3Dn87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7%2Fadov%3D4.6.5%2Fx%3D1600%2Fy%3D1200%2Fadult%3D0%2Faid%3D59800%2Fcat%3D1%2Flptype%3D1%2Finner%3D_ch_mobile%253D0%257C_ch_brands%253D HTTP 301
  • https://blitzadbg.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fblitzbg.adocean.pl%2F___%2F_1725012395%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3Dn87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7%2Fadov%3D4.6.5%2Fx%3D1600%2Fy%3D1200%2Fadult%3D0%2Faid%3D59800%2Fcat%3D1%2Flptype%3D1%2Finner%3D_ch_mobile%253D0%257C_ch_brands%253D HTTP 301
  • https://blitzbg.adocean.pl/___/_1725012395/ad.js?hclsdata=&hcudata=KZcco2HLYOfdcjLqjwXsRqYGpEdPw_jdSlM3oHxPfjP.37&id=n87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7/adov=4.6.5/x=1600/y=1200/adult=0/aid=59800/cat=1/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora
zdrave.to/zdravni-novini/ 		123 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14aeaf76dc17c06dd162cc3559f092ec680882806cb74af8c212d5c7515569e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8bb3f804ae9666a3-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 10:06:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbcTqan9RdLHwjbhsBt4kZCLVetxrDsNo9tcYCp9deBJW0%2Bc6UlwBa1KO8kobNr0tLZn4Ea2NwsNpJx%2BUPdpYw%2BSLlhanHKRA4vyMQ4CJG2l4LJARqs%2FprEXvKk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-server
fe1
css2
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100..900;1,100..900&family=Source+Sans+3:ital,wght@0,200..900;1,200..900&display=swap
Requested by
Host: zdrave.to
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20e6b2e7a206dbd04ee91d935b2e4fbb0a286074c78a72896f9ce5306b742f86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 10:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 09:59:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 10:06:34 GMT
all.css
zdrave.to/assets/zdrave.to/css/ 		366 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Requested by
Host: zdrave.to
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b23da48d3279c949bfaf42c1b2a2d3383e0af32bcb50f6a1c4eaba7a25cabc5

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4861
cf-polished
origSize=388656
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Aug 2024 14:14:42 GMT
server
cloudflare
etag
W/"66bb6a52-5ee30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FaCgWyI5xI4HagP4vQ1onTgOTgndgimKHda6OcIQrSO5gCBAMBJL6gt6XhscEQ33NQL3arBgD%2B9cT3w8dFDiYXpuJRbOzDk%2BBcDC7jLtyMAER%2FmPFrti9OWtR1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
x-server
fe1
cf-ray
8bb3f806388766a3-AMS
logo.png
zdrave.to/assets/zdrave.to/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/assets/zdrave.to/images/logo.png?timer=1722005722
Requested by
Host: zdrave.to
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c0f7a22dcc0eab34715cbbe794c28b03cf6c4d19aa1132894137be06be23bf

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4861
alt-svc
h3=":443"; ma=86400
content-length
14408
last-modified
Fri, 26 Jul 2024 14:55:31 GMT
server
cloudflare
etag
"66a3b8e3-3848"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqFUVIgqsANlx%2BcTeAiW%2F39NMbNWfq%2FTJutydlEPaX%2FBZE5Myz%2FA4w27unWjKMXbFBDXpkjGMlIPNEonAy58BsTz7LSr1wUOZYGyFwEAVg7fi6jom13gDPLdAJU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
x-server
fe2
accept-ranges
bytes
cf-ray
8bb3f806388e66a3-AMS
logo-white.png
zdrave.to/assets/zdrave.to/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/assets/zdrave.to/images/logo-white.png?timer=1722005722
Requested by
Host: zdrave.to
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ec41eca235b085be2db09f9a17d7eb719522961f277e76b726f0d4b7d5f01db

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4861
alt-svc
h3=":443"; ma=86400
content-length
9322
last-modified
Fri, 26 Jul 2024 14:55:22 GMT
server
cloudflare
etag
"66a3b8da-246a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKHSz0fpaqkGqxFFcqnZsgrx1u0CAXZ5wysjV%2FpmOP8YWOjsQ%2BuBblKi2AmaQYwK4ngP38QAM5xRHZPgvYHpJTv3wpDX6klivVnRoZQXjqYtzk%2BDdVcj5%2BabGaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
x-server
fe1
accept-ranges
bytes
cf-ray
8bb3f806389966a3-AMS
960x540.jpg
zdrave.to/media/3/2023/11/09/151977/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/media/3/2023/11/09/151977/960x540.jpg?timer=1721090879
Requested by
Host: zdrave.to
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb868d01f8ee377df8a4d551dcff2bf54bec162a8da003bc1f59779984f83e8

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 16 Jul 2024 00:47:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6695c33f-fa65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLDfsWXwHUuiHaqGmBnxXz9RK25pe1%2BihDu9VfHD%2BddEj6jf5gXPt2TAPep61BA1mz%2F3USoO9TcDJUR4mIhKkrXp1%2BjA0oiMKoRznJTRL7kPSsvqgoEIb6Zkbmw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
x-server
fe1
accept-ranges
bytes
cf-ray
8bb3f80668cd66a3-AMS
alt-svc
h3=":443"; ma=86400
content-length
64101
rocket-loader.min.js
zdrave.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: zdrave.to
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2024 19:10:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66ce24be-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFbiYUfa5VsGcYr5a8oolNtjJO4Lvs%2BIdWbPxxFMOL248%2FoIPfVv1GhTpEdfSIhiHVNFWM%2Br2A82Q8XCcjw7RZxTvAgPvS49rkL7THlWu5nf9NwiufiX5GGGcdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8bb3f806995166a3-AMS
expires
Sun, 01 Sep 2024 10:06:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: zdrave.to
URL: https://zdrave.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
500b10564f2385731f7169b1ab56326035f3e72b774616cc84e5e84dc15f137f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52307
x-xss-protection
0
server
cafe
etag
5458840997042201613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 30 Aug 2024 10:06:34 GMT
api.js
js.hcaptcha.com/1/ 		147 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js?hl=bg
Requested by
Host: zdrave.to
URL: https://zdrave.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.229.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e6ed7d7d3dd6da61545f4fd2f94e8d524f68cbd5de09addd7267aa3a9c6b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
48033
server
cloudflare
etag
"4fc983012fe5adeceb251630c5b27c6a"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
cf-ray
8bb3f807a8189f81-AMS
all.js
zdrave.to/assets/general/js/ 		282 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/assets/general/js/all.js?timer=1723558482
Requested by
Host: zdrave.to
URL: https://zdrave.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8689662e3701724e8f6e56a0010f6df824b4cf9fecb49b3ae204389a709c0a

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4861
cf-polished
origSize=293448
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Aug 2024 14:14:56 GMT
server
cloudflare
etag
W/"66bb6a60-47a48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLw1OPQn%2Fd3qliwsJQ7Uxpqgls9QKYjwm9RJ6IrthWg5aXXB6kjOyIkUBqTCUSup6%2BzzsWFTXd%2Fsn5LusqAiYKGTXMA%2F9XYv9zck1v5auBRXIpSHUOZlRiDai9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
x-server
fe2
cf-ray
8bb3f8076abb66a3-AMS
ado.js
blitzbg.adocean.pl/files/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blitzbg.adocean.pl/files/js/ado.js
Requested by
Host: zdrave.to
URL: https://zdrave.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.21.26 , France, ASN16276 (OVH, FR),
Reverse DNS
ip26.ip-146-59-21.eu
Software
GAD /
Resource Hash
d1f8bba81644986ef5ec2d3c288efa166507fb8d1e74f6dafb4519e97020a6f4

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
content-encoding
gzip
last-modified
Thu, 25 Jul 2024 08:07:17 GMT
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
"66A207B500016B4A01957AAF"
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
public, must-revalidate, max-age=432000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
29352
expires
Wed, 04 Sep 2024 10:06:34 GMT
fa-solid-900.woff2
zdrave.to/assets/zdrave.to/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/assets/zdrave.to/webfonts/fa-solid-900.woff2
Requested by
Host: zdrave.to
URL: https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4998
alt-svc
h3=":443"; ma=86400
content-length
78268
last-modified
Tue, 25 Jun 2024 15:26:39 GMT
server
cloudflare
etag
"667ae1af-131bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0U%2BqN%2Fzv33PsfwBVdyDO%2BKxbukPl0V7weYTrOW7wiw1l4f9Ka%2Bfsz7ahTkSUeI5b3mLVowBJGOwE6T1jvsnrcHQ3RKP4uZPXfvuHpBGkqhY9HBQ1c9t3hwo3QQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
x-server
fe2
accept-ranges
bytes
cf-ray
8bb3f808fce066a3-AMS
nwpMtKy2OAdR1K-IwhWudF-R3woqY-LY1HY.woff2
fonts.gstatic.com/s/sourcesans3/v15/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesans3/v15/nwpMtKy2OAdR1K-IwhWudF-R3woqY-LY1HY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100..900;1,100..900&family=Source+Sans+3:ital,wght@0,200..900;1,200..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43b6f7ccef208303378866e261e4447d8353e294650a15e99d805a9d35df38e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 21:32:03 GMT
x-content-type-options
nosniff
age
304471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18716
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:26:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Aug 2025 21:32:03 GMT
nwpStKy2OAdR1K-IwhWudF-R3wsaZfrc.woff2
fonts.gstatic.com/s/sourcesans3/v15/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesans3/v15/nwpStKy2OAdR1K-IwhWudF-R3wsaZfrc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100..900;1,100..900&family=Source+Sans+3:ital,wght@0,200..900;1,200..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8add867842c10be467409ee4d9fd0436fdab56d783d0fa87e2d3d3015acb7f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 14:42:18 GMT
x-content-type-options
nosniff
age
242656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18456
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 14:42:18 GMT
weathericons-regular-webfont.woff
zdrave.to/assets/zdrave.to/font/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/assets/zdrave.to/font/weathericons-regular-webfont.woff
Requested by
Host: zdrave.to
URL: https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae03289bb26aefab9857ae4b0097652bc8a17643990dee384031c88775941ee9

Request headers

Referer
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2024 15:26:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
525
etag
W/"667ae1a3-bcf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ws28XisP1%2FMsJdwqzilefWyT6vyNIKH9%2BQxMmZtzpSyDaYX0BuqvKkhrJjWfdMmWauLqPDcehQuzg48b3Hx751NFuwQW8mPh5NV2QsDo%2FG8VKsFbHqpfe9SMwhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=2678400
x-server
fe1
cf-ray
8bb3f808fce366a3-AMS
alt-svc
h3=":443"; ma=86400
nwpStKy2OAdR1K-IwhWudF-R3w8aZQ.woff2
fonts.gstatic.com/s/sourcesans3/v15/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesans3/v15/nwpStKy2OAdR1K-IwhWudF-R3w8aZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100..900;1,100..900&family=Source+Sans+3:ital,wght@0,200..900;1,200..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9015686cf54e5e643e2bffe8cf0aa2c3140f56b0d84c1a315845e8a31601db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:11:38 GMT
x-content-type-options
nosniff
age
57296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28816
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:41:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:11:38 GMT
7cHmv4okm5zmbtYsK-4E4Q.woff2
fonts.gstatic.com/s/exo2/v21/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v21/7cHmv4okm5zmbtYsK-4E4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100..900;1,100..900&family=Source+Sans+3:ital,wght@0,200..900;1,200..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20ac558ae4e736f5a22d58c1bcdab41693e106fb485d0c582be711621ef6456d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:26:51 GMT
x-content-type-options
nosniff
age
56383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20400
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:26:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:26:51 GMT
fa-regular-400.woff2
zdrave.to/assets/zdrave.to/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/assets/zdrave.to/webfonts/fa-regular-400.woff2
Requested by
Host: zdrave.to
URL: https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4998
alt-svc
h3=":443"; ma=86400
content-length
13224
last-modified
Tue, 25 Jun 2024 15:26:27 GMT
server
cloudflare
etag
"667ae1a3-33a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWu4T472F7SwC4crygqxdtvz7uHHHAKm%2F797zh1W9lawN4C68GjgYQMyhUViaVnOuan3bpEFsPqIGQSwzhR93%2FJjccd1fwCUt88E9V3T0hahAPjV4ExJOcJtKa4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
x-server
fe1
accept-ranges
bytes
cf-ray
8bb3f808fce766a3-AMS
fa-brands-400.woff2
zdrave.to/assets/zdrave.to/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/assets/zdrave.to/webfonts/fa-brands-400.woff2
Requested by
Host: zdrave.to
URL: https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4998
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Tue, 25 Jun 2024 15:26:39 GMT
server
cloudflare
etag
"667ae1af-12bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqWkQUIY0BpFzEY9zWUJFtuTdOzMOK8giCIAjiJWdGsMOdGcH5URM40Hzv9%2BqMf0whpFMYr0ItqLr7r6UmbSF7XFCYW%2BX36TY9%2Be6lbVJxPkO07rqUOcPlKSdqY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2678400
x-server
fe2
accept-ranges
bytes
cf-ray
8bb3f808fce966a3-AMS
7cHmv4okm5zmbtYoK-4.woff2
fonts.gstatic.com/s/exo2/v21/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/exo2/v21/7cHmv4okm5zmbtYoK-4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100..900;1,100..900&family=Source+Sans+3:ital,wght@0,200..900;1,200..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9c1caceee24c82513919d61734ad3ccb66800fa0a92f71da617c49b8a872fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:04:07 GMT
x-content-type-options
nosniff
age
57747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40316
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:31:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:04:07 GMT
nwpMtKy2OAdR1K-IwhWudF-R3woqZ-LY.woff2
fonts.gstatic.com/s/sourcesans3/v15/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesans3/v15/nwpMtKy2OAdR1K-IwhWudF-R3woqZ-LY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100..900;1,100..900&family=Source+Sans+3:ital,wght@0,200..900;1,200..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509b3883b5264f804925208d1b6beb70e22c2f19ee3d5535769b9ed6dc95e383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 17:55:10 GMT
x-content-type-options
nosniff
age
58284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28524
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 02:09:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 17:55:10 GMT
ad.js
blitzbg.adocean.pl/___/_1725012395/
Redirect Chain
  • https://blitzbg.adocean.pl/_1725012395017/ad.js?id=n87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7/adov=4.6.5/x=1600/y=1200/adult=0/aid=59800/cat=1/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
  • https://blitzbg.adocean.pl/__/_1725012395017/ad.js?id=n87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7/adov=4.6.5/x=1600/y=1200/adult=0/aid=59800/cat=1/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
  • https://blitzadbg.hit.gemius.pl/redataredir?url=https%3A%2F%2Fblitzbg.adocean.pl%2F___%2F_1725012395%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3Dn87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgn...
  • https://blitzadbg.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Fblitzbg.adocean.pl%2F___%2F_1725012395%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3Dn87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1...
  • https://blitzbg.adocean.pl/___/_1725012395/ad.js?hclsdata=&hcudata=KZcco2HLYOfdcjLqjwXsRqYGpEdPw_jdSlM3oHxPfjP.37&id=n87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7/adov=4.6.5/x=1600/y=1200/adult=0/...
11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blitzbg.adocean.pl/___/_1725012395/ad.js?hclsdata=&hcudata=KZcco2HLYOfdcjLqjwXsRqYGpEdPw_jdSlM3oHxPfjP.37&id=n87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7/adov=4.6.5/x=1600/y=1200/adult=0/aid=59800/cat=1/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
Protocol
H2
Server
146.59.21.26 , France, ASN16276 (OVH, FR),
Reverse DNS
ip26.ip-146-59-21.eu
Software
GAD /
Resource Hash
55fde6910156dd1644db48c4e0b27845cd5eafa6a7365df454e56e2b9036336c

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 10:06:35 GMT
content-encoding
gzip
server
GAD
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
2683
expires
Thu, 29 Aug 2024 10:06:35 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Aug 2024 10:06:35 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://blitzbg.adocean.pl/___/_1725012395/ad.js?hclsdata=&hcudata=KZcco2HLYOfdcjLqjwXsRqYGpEdPw_jdSlM3oHxPfjP.37&id=n87wI1jY18GtNI1GrWTiNKI5HZ_v20bMx1x1kgnZswf.v7/adov=4.6.5/x=1600/y=1200/adult=0/aid=59800/cat=1/lptype=1/inner=_ch_mobile%3D0%7C_ch_brands%3D
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Thu, 29 Aug 2024 10:06:35 GMT
favicon.ico
zdrave.to/assets/zdrave.to/icons/ 		15 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/assets/zdrave.to/icons/favicon.ico?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b007702c0444c01c980a66ad1945adb910f10979b1e96b7f5fb58372ea6a54

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 14:14:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3029
etag
W/"66bb6a52-3aee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehdAFLvSMvH0UBWe04LKCuYIYGUEjbYUfTEr3wol%2F7rJVzhFryHljJoQ5aCgobrEF8K24teNRKR3%2FaS0PQAMROzdAtKu6%2BXh4mlLVYot5OYFIj0KvDgA9zEWplw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=2678400
x-server
fe1
cf-ray
8bb3f80d0a2766a3-AMS
alt-svc
h3=":443"; ma=86400
xgemius.js
gabg.hit.gemius.pl/ 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gabg.hit.gemius.pl/xgemius.js
Requested by
Host: zdrave.to
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
ip-6-42.telehouse.bg
Software
GHC /
Resource Hash
0cebaa4090e53cdf9ca6c1987ec2aea303793ead7adb2250ea72c69854b47db1

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
content-encoding
gzip
last-modified
Thu, 22 Aug 2024 08:27:20 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
20349
expires
Fri, 30 Aug 2024 22:06:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8989293511003643
Requested by
Host: zdrave.to
URL: https://zdrave.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
f31b6b0d42a198dfb09649e20e58b5a32e482ef4f105fdfda6056e86bd031937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52815
x-xss-protection
0
server
cafe
etag
17712108342126648851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 30 Aug 2024 10:06:35 GMT
extra=;
blitzadbg.hit.gemius.pl/_1725012395723/redot.js/id=p4A1vzMnOb8UMJd8x.NNpcWmPxNB5u8GS0KEFCA0HNT.k7/stparam=wgdikphqco/fastid=ntkhspocpastoqgursdrezqvqunz/sarg=66D199AB98224CA1;/inner=_ch_mobile%3D0%... 		2 B
531 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://blitzadbg.hit.gemius.pl/_1725012395723/redot.js/id=p4A1vzMnOb8UMJd8x.NNpcWmPxNB5u8GS0KEFCA0HNT.k7/stparam=wgdikphqco/fastid=ntkhspocpastoqgursdrezqvqunz/sarg=66D199AB98224CA1;/inner=_ch_mobile%3D0%7C_ch_brands%3D%7Cao_uniq%3Diuylqihipquvpjksdedgicfh%7C;/extra=;
Requested by
Host: blitzbg.adocean.pl
URL: https://blitzbg.adocean.pl/files/js/ado.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.28.220 , France, ASN16276 (OVH, FR),
Reverse DNS
ip220.ip-146-59-28.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 10:06:35 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin
https://zdrave.to
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
2
expires
Thu, 29 Aug 2024 10:06:35 GMT
views
zdrave.to/article/ 		15 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zdrave.to/article/views?id=59800
Requested by
Host: zdrave.to
URL: https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXy23WL876n9kqdGmcQ4cNksorJmTf5KJDuvJUnl6wBKJOwIOwmrF%2FU2CVM77fyWgykg4wpnr%2FQGxOEsvRdgTMc9%2FvY2QOAUEqeJ%2Bl2e9sPcWTnhAvPLOt%2FNWA4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
x-server
fe1
cf-ray
8bb3f811586966a3-AMS
alt-svc
h3=":443"; ma=86400
extra=;
blitzadbg.hit.gemius.pl/_1725012395725/redot.js/id=bIGaphgNIyY_RD9G.qSloKQP7xdGEUMrIOogU7LZZ6n.97/stparam=qcifkmdtqq/fastid=donvlfadlikdsslisqaqpcfkrbjx/sarg=66D199AB98224CA1;/inner=_ch_mobile%3D0%... 		2 B
473 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://blitzadbg.hit.gemius.pl/_1725012395725/redot.js/id=bIGaphgNIyY_RD9G.qSloKQP7xdGEUMrIOogU7LZZ6n.97/stparam=qcifkmdtqq/fastid=donvlfadlikdsslisqaqpcfkrbjx/sarg=66D199AB98224CA1;/inner=_ch_mobile%3D0%7C_ch_brands%3D%7Cao_uniq%3Diuylqihipquvpjksdedgicfh%7C;/extra=;
Requested by
Host: blitzbg.adocean.pl
URL: https://blitzbg.adocean.pl/files/js/ado.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.28.220 , France, ASN16276 (OVH, FR),
Reverse DNS
ip220.ip-146-59-28.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 10:06:35 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin
https://zdrave.to
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
2
expires
Thu, 29 Aug 2024 10:06:35 GMT
extra=;
blitzadbg.hit.gemius.pl/_1725012395728/redot.js/id=p4A1vzMnOb8UMJd8x.NNpcWmPxNB5u8GS0KEFCA0HNT.k7/stparam=unieikdryw/fastid=izofceldezpzoadymojahgahdmjs/sarg=66D199AB98224CA1;/inner=_ch_mobile%3D0%... 		2 B
474 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://blitzadbg.hit.gemius.pl/_1725012395728/redot.js/id=p4A1vzMnOb8UMJd8x.NNpcWmPxNB5u8GS0KEFCA0HNT.k7/stparam=unieikdryw/fastid=izofceldezpzoadymojahgahdmjs/sarg=66D199AB98224CA1;/inner=_ch_mobile%3D0%7C_ch_brands%3D%7Cao_uniq%3Diuylqihipquvpjksdedgicfh%7C;/extra=;
Requested by
Host: blitzbg.adocean.pl
URL: https://blitzbg.adocean.pl/files/js/ado.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.28.220 , France, ASN16276 (OVH, FR),
Reverse DNS
ip220.ip-146-59-28.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 10:06:35 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin
https://zdrave.to
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
2
expires
Thu, 29 Aug 2024 10:06:35 GMT
extra=;
blitzadbg.hit.gemius.pl/_1725012395729/redot.js/id=p4A1vzMnOb8UMJd8x.NNpcWmPxNB5u8GS0KEFCA0HNT.k7/stparam=qerhqvsuio/fastid=cmiqkzrhppwggmalaiirdwrhaiko/sarg=66D199AB98224CA1;/inner=_ch_mobile%3D0%... 		2 B
474 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://blitzadbg.hit.gemius.pl/_1725012395729/redot.js/id=p4A1vzMnOb8UMJd8x.NNpcWmPxNB5u8GS0KEFCA0HNT.k7/stparam=qerhqvsuio/fastid=cmiqkzrhppwggmalaiirdwrhaiko/sarg=66D199AB98224CA1;/inner=_ch_mobile%3D0%7C_ch_brands%3D%7Cao_uniq%3Diuylqihipquvpjksdedgicfh%7C;/extra=;
Requested by
Host: blitzbg.adocean.pl
URL: https://blitzbg.adocean.pl/files/js/ado.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.28.220 , France, ASN16276 (OVH, FR),
Reverse DNS
ip220.ip-146-59-28.eu
Software
GHC /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 10:06:35 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin
https://zdrave.to
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
2
expires
Thu, 29 Aug 2024 10:06:35 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/ 		428 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
75506cdfa48b4eaf00da9b24434ad637c265c352bdf43a099b830b7c90f79483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146443
x-xss-protection
0
server
cafe
etag
16232741667756898831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Aug 2024 10:06:35 GMT
prev.png
zdrave.to/assets/zdrave.to/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/assets/zdrave.to/images/prev.png
Requested by
Host: zdrave.to
URL: https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Referer
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1192
alt-svc
h3=":443"; ma=86400
content-length
1360
last-modified
Mon, 22 Jul 2024 14:57:04 GMT
server
cloudflare
etag
"669e7340-550"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=goJDjg7Fx5e85NAXrNQ1Mb7BYK7%2FILToXfwGpmBZipkFhhE%2BN4NUkfHSkqD6PwkxWPNeBpeXdEBoTotDcIb8yOIIaUJKKKFdLTFa0CweJtcL0bYPSOnR1ZH3Dxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
x-server
fe2
accept-ranges
bytes
cf-ray
8bb3f811e8ff66a3-AMS
next.png
zdrave.to/assets/zdrave.to/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/assets/zdrave.to/images/next.png
Requested by
Host: zdrave.to
URL: https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Referer
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1192
alt-svc
h3=":443"; ma=86400
content-length
1350
last-modified
Mon, 22 Jul 2024 14:57:04 GMT
server
cloudflare
etag
"669e7340-546"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoh72c4Kw7s%2Fd0j8wU5paJosLjgRW0bOshCfain2yQL89y2NbzRUmQOoRD2vP%2FecFcWqdZ%2BCLZqtQnWgBSRE0ZvTvHZth76dcetr52MKO0b8t8KaeClOE8p8Be4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
x-server
fe2
accept-ranges
bytes
cf-ray
8bb3f811e90266a3-AMS
loading.gif
zdrave.to/assets/zdrave.to/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/assets/zdrave.to/images/loading.gif
Requested by
Host: zdrave.to
URL: https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Referer
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4998
alt-svc
h3=":443"; ma=86400
content-length
8476
last-modified
Mon, 22 Jul 2024 14:56:44 GMT
server
cloudflare
etag
"669e732c-211c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K733g2Y5v9ssWFZ34IZxLWe%2FeZCI3QCZMdbNyYwyLw%2Fjqjfk7F5sNL3bojZnZR6r5KvfLF4PiDvEjOz1F5B5QU%2BNEJnOXwr2Cc4KtvLa%2BEWPpzMNhXy0W0xVSsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2678400
x-server
fe1
accept-ranges
bytes
cf-ray
8bb3f811e90a66a3-AMS
close.png
zdrave.to/assets/zdrave.to/images/ 		280 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/assets/zdrave.to/images/close.png
Requested by
Host: zdrave.to
URL: https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Referer
https://zdrave.to/assets/zdrave.to/css/all.css?timer=1723558482
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1192
alt-svc
h3=":443"; ma=86400
content-length
280
last-modified
Mon, 22 Jul 2024 14:57:04 GMT
server
cloudflare
etag
"669e7340-118"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pA5uHoOEpFS7hXtOivJ1cH%2FXuC5BgesrGv2GXAA9V4sDZ4a0WyDHu2hOkHqNs4xlwz%2Fj6S%2Foov0LX%2FhXqM3ie7NbdjQhIqug9ykwCP9KMpvFNFf2kfetNthB8gM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
x-server
fe2
accept-ranges
bytes
cf-ray
8bb3f811e90d66a3-AMS
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
320x180.jpg
zdrave.to/media/3/2023/11/09/151977/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/media/3/2023/11/09/151977/320x180.jpg?timer=1721081474
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc5820b199c870cc71e5fe01e4dfc3ae2d531ddfbbaf586aca2571489d6371ec

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4999
alt-svc
h3=":443"; ma=86400
content-length
13037
last-modified
Mon, 15 Jul 2024 22:11:14 GMT
server
cloudflare
etag
"66959e82-32ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P62%2FqlUl75e0uMT7yFMcTvHs0Wvqhp6S7rK0QsABmGQUdkcLhUDivEwzCvVEn1Zvoec0xVU1QOzdbqTe1Q3A8L9125GCv9wjr%2FqtK82geKaB4jZUUM5UW6tysDk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
x-server
fe1
accept-ranges
bytes
cf-ray
8bb3f8131acd66a3-AMS
320x180.jpg
zdrave.to/media/3/2020/10/22/83767/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/media/3/2020/10/22/83767/320x180.jpg?timer=1721084593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
135becf5d3fd137ecdd29a3a4872e0272a8fdcf1edac5a91c98020d2ec396cb3

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4999
alt-svc
h3=":443"; ma=86400
content-length
8560
last-modified
Mon, 15 Jul 2024 23:03:13 GMT
server
cloudflare
etag
"6695aab1-2170"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4o4BVFFTLYJWqZT8LtjC2Qz2pGWyLwjagxtIMKM1NNxoB9OI9XvVKlLCjjYSa4lDz3ttgAowhNmwbi8dkgBmW1V%2FP4%2BlGd9iHGuLgGIOR2mYQUhUFNgGTZbtbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
x-server
fe1
accept-ranges
bytes
cf-ray
8bb3f8131acf66a3-AMS
320x180.jpg
zdrave.to/media/3/2024/08/23/168574/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/media/3/2024/08/23/168574/320x180.jpg?timer=1724406369
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992f84b463c17d634dad3e0bd9e0deab4d8d8015fc03a4d17079dedebbf46282

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
487
alt-svc
h3=":443"; ma=86400
content-length
7782
last-modified
Fri, 23 Aug 2024 09:46:09 GMT
server
cloudflare
etag
"66c85a61-1e66"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvO5lb6SLExy3NccR0xbv6EOS7TBJCfbjLX0GF98KaX5B0S8KOJBowVWRyPP9x3HG7SWsreD1fe03TqOI8yyjGKydW9KOy5DAj5hfVN%2BpYH0rvj1fBW%2BFX2ee%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
x-server
fe1
accept-ranges
bytes
cf-ray
8bb3f8131ad066a3-AMS
320x180.jpg
zdrave.to/media/3/2024/08/28/168868/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/media/3/2024/08/28/168868/320x180.jpg?timer=1724844526
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cad128f25dc70ec03e82ce9af2a4a23cd050fb97340b9613b79060f921f4aeb

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3160
alt-svc
h3=":443"; ma=86400
content-length
13203
last-modified
Wed, 28 Aug 2024 11:28:46 GMT
server
cloudflare
etag
"66cf09ee-3393"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eu3nZqTKK2Tx5p8snZ3pgSh9kMrQDsnRFRvcYhRjL3RYF62J9r5a4uv3NQIz33Cj3yjN4KOH6SrbqZNR3CJWC62Sr8hPym3krgrd2hq20WpDN38X78OpzHmZCvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
x-server
fe1
accept-ranges
bytes
cf-ray
8bb3f8131ad166a3-AMS
320x180.jpg
zdrave.to/media/3/2024/08/28/168857/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zdrave.to/media/3/2024/08/28/168857/320x180.jpg?timer=1724839433
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35f99fa4f5b5657c0b1bab127d49101341f97bb9a1d017939b1e041afadb0a32

Request headers

Referer
https://zdrave.to/zdravni-novini/tova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora?preview=tru3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4999
alt-svc
h3=":443"; ma=86400
content-length
15237
last-modified
Wed, 28 Aug 2024 10:03:53 GMT
server
cloudflare
etag
"66cef609-3b85"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pp1Rzu5yDtpwFd54mdWuGQXmnp5PLC3alyDi29v3Pmn1H7yuqSLe5OUb0SRZH%2FxU9FUl%2BmKmc%2FnPS51S3yS8x7FE%2BRJc6jD5iMGajtWBCJLKTPbNZWdcOa7EC4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
x-server
fe2
accept-ranges
bytes
cf-ray
8bb3f8131ad366a3-AMS
bg.json
newassets.hcaptcha.com/captcha/v1/8fd4e18/static/i18n/ 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/8fd4e18/static/i18n/bg.json
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?hl=bg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.230.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d9b87cc5b115c5ac0d02f8a8f519e7faad82efa55ac3021fbba1de3270ede5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
content-length
4135
server
cloudflare
etag
"d513e67928fe47c0b2a481194b33994a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
8bb3f8136dfc671e-AMS
expires
Fri, 30 Aug 2024 11:06:36 GMT
fpdata.js
gabg.hit.gemius.pl/ 		280 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabg.hit.gemius.pl/fpdata.js?href=zdrave.to
Requested by
Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
ip-6-42.telehouse.bg
Software
GHC /
Resource Hash
33f9b523a9e19840aa56cb019533c363ab5f4436b06c23be28d4cc6a8e02a3a0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
280
expires
Sun, 29 Sep 2024 10:06:36 GMT
lsget.html
ls.hit.gemius.pl/ Frame 0835 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2809
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 10:06:36 GMT
etag
PRIVATE7520710249
expires
Sun, 29 Sep 2024 10:06:36 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/ Frame 324E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
57178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 18:13:38 GMT
etag
5947459844715414650
expires
Thu, 12 Sep 2024 18:13:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 0864 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1725012396&plat=3%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_r&format=0x0&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_25~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395768&bpp=7&bdt=1829&idt=550&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5098570804216&frm=20&pv=2&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=639
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
90197
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 10:06:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20240828&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
27071583a6d71dc22a8b41cced705b1b39bf911dde57eb50eb3edc999fe0b17c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12872
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame D173 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=7965809726&adk=2755862428&adf=2512173744&pi=t.ma~as.7965809726&w=970&abgtt=5&lmt=1725012396&format=970x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395775&bpp=2&bdt=1836&idt=681&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=693
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
302
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 10:06:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 2858 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=7960946853&adk=681899983&adf=9006241&pi=t.ma~as.7960946853&w=300&abgtt=5&lmt=1725012396&format=300x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395777&bpp=1&bdt=1838&idt=723&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C970x250&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=313&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=731
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
37891
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 10:06:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 8595 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=1914413254&adk=3572525808&adf=1582542652&pi=t.ma~as.1914413254&w=300&abgtt=5&lmt=1725012396&format=300x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395778&bpp=1&bdt=1839&idt=747&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C970x250%2C300x250&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=768&ady=2037&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=752
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
39948
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 10:06:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rexdot.js
gabg.hit.gemius.pl/_1725012396551/ 		169 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gabg.hit.gemius.pl/_1725012396551/rexdot.js?l=100&sendf=24&id=nSpA5.8lT2hdEFKh0nDWVJR6nFjiZyQfjvMeRu_GDmL.h7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=-120&fv=-&href=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=..ds.skAiDQgpFWcigjA0EGjkmMe1PXMWLcxr4tNQUz.s7AMhQoEDuiYMTpKb5kq0DvbpDB1eqWVZczSXz.CJFsv8nrH/ox8f3jJSB.Lte/&fpdata=BJnHnvXl2wX9mazzjp_0Ets4meulq0UZea.f8INc76j.o7%7C1725012396%7C2&ltime=240&fr=1&ref=&inner=_ver%3D353%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=66d199ac1085ffc0&brts=1725012396&fpcap=
Requested by
Host: gabg.hit.gemius.pl
URL: https://gabg.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
78.128.6.42 , Bulgaria, ASN31083 (TELEPOINT, BG),
Reverse DNS
ip-6-42.telehouse.bg
Software
GHC /
Resource Hash
19bdffd2fb958083ccdf3059cb5d1c57df2de74a7bf16709205a5de6b982fe4e

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 10:06:36 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Thu, 29 Aug 2024 10:06:36 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 6F8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=9140435884&adk=2316966183&adf=3725143025&pi=t.ma~as.9140435884&w=300&abgtt=5&lmt=1725012396&format=300x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395778&bpp=1&bdt=1839&idt=776&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C970x250%2C300x250%2C300x250&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=5&uci=a!5&fsb=1&dtd=781
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 10:06:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 11C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=250&slotname=9522853658&adk=4102823793&adf=2748429769&pi=t.ma~as.9522853658&w=300&abgtt=5&lmt=1725012396&format=300x250&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012395779&bpp=1&bdt=1840&idt=794&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C970x250%2C300x250%2C300x250%2C300x250&nras=1&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=1378&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1920&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=798
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
302
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 10:06:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
ep2.adtrafficquality.google/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 10:06:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
58310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 17:54:46 GMT
expires
Fri, 29 Aug 2025 17:54:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/ 		171 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/reactive_library_fy2021.js?bust=31086628
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
dfafd24bc8d5c5900ec2b2368898cbdda049bf3f4e1bf2fac85d86b776dcf64c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59016
x-xss-protection
0
server
cafe
etag
13093998006560773769
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Aug 2024 10:06:37 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/slotcar_library_fy2021.js?bust=31086628
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
f9c6b9dfbbc3bdf53d18a900b7a5ef74b5ca7b3471c6806fc6bcc1ce1731829c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 10:06:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30992
x-xss-protection
0
server
cafe
etag
11029697260850282653
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Aug 2024 10:06:37 GMT
css
fonts.googleapis.com/ 		1 KB
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15f3283de265c594c88ee0e2f9d59508794bfab8fd871d6f7eacbb0b77de653b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 10:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 10:06:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 10:06:37 GMT
css
fonts.googleapis.com/ 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 10:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 09:33:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 10:06:37 GMT
css2
fonts.googleapis.com/ 		656 B
463 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb7eecebfb0baf2e12327fa7bbc71532fef68b3786f8405b1aecbe971acde952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 10:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 10:06:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 10:06:37 GMT
css
fonts.googleapis.com/ 		4 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 10:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 08:43:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 10:06:37 GMT
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v22/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:53:18 GMT
x-content-type-options
nosniff
age
54800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15996
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 20:31:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:53:18 GMT
5aUu9-KzpRiLCAt4Unrc-xIKmCU5qE52i1dC.woff2
fonts.gstatic.com/s/googlesanstext/v22/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qE52i1dC.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba2249d2ee21ca9d96d7bf42df0d01ad5fbc8ef2876cbc9ae5a159e2c3ea46f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zdrave.to
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:36:01 GMT
x-content-type-options
nosniff
age
55837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8400
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 20:31:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:36:01 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 019B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-8989293511003643&output=html&h=280&adk=2580254993&adf=232497138&w=886&abgtt=5&fwrn=4&fwrnh=100&lmt=1725012397&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8180877581&ad_type=text_image&format=886x280&url=https%3A%2F%2Fzdrave.to%2Fzdravni-novini%2Ftova-e-nay-opasnata-zakuska-za-stomaha-na-vazrastnite-hora%3Fpreview%3Dtru3&fwr=0&pra=3&rh=200&rw=886&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725012397964&bpp=4&bdt=4025&idt=5&shv=r20240828&mjsv=m202408270101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3Db6451a763d526222%3AT%3D1725012396%3ART%3D1725012396%3AS%3DAA-AfjaJ-b1Eyh0n5_0MdfQ8nHD6&prev_fmts=0x0%2C970x250%2C300x250%2C300x250%2C300x250%2C300x250&nras=2&correlator=5098570804216&frm=20&pv=1&u_tz=120&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=247&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&oid=2&pvsid=4289680289744244&tmod=1818827754&uas=0&nvt=1&fc=1408&brdim=1040%2C1040%2C1040%2C1040%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=7&uci=a!7&btvi=4&fsb=1&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
41804
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 10:06:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44759842%2C31086546%2C31086548%2C42532523%2C44798934%2C95338228%2C95341664%2C31086628%2C31086139%2C95341519&hl=bg&pvc=4289680289744244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 10:06:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/ Frame 2E1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
57178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 18:13:38 GMT
etag
5947459844715414650
expires
Thu, 12 Sep 2024 18:13:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/ Frame 7F78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240828/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zdrave.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
57178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4111
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 18:13:38 GMT
etag
5947459844715414650
expires
Thu, 12 Sep 2024 18:13:38 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8989293511003643&plah=zdrave.to&bust=31086628
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://zdrave.to/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240828&jk=4289680289744244&bg=!eHulezTNAAakh3bWhIc7ADQBe5WfOE7Gfkm4YcqcezWNk5ZFhhnhFK93mwBZykrjYeDcKRTqx_s9t-TCqqfRmA-V-29zAgAAAoZSAAABAWgBB34ANqsS1Usqwi1e4vnjnGbGYyOOsB4GN6MpLTFwk-uK32VptAapZGrwj5s6XdW22t4heMIFNBe8DwoATtfMUrzuvpkqbImKECk0I6KpgwDIj3_XiI6EDGVjMOxfNwzx-gBww6h9s7Ct11eP1DnJxcA5gfGKxLZtG1AqLWDO2Uh_58Czwp0CV7UXm5kCoKEs59qWKiuSM-9uKKIOlzzRkKaOrXEmvsnCOD0CSuRuGp_a30QdzYkQ_TkYMesvTBDucs6Brla-2iE3AJmA-LZJEx7ETAuqQJUwm0pXcyB_-DAzU8ozOWQ2qAX3ICeLd4EtL2spROtTI-divgv3ptyjgs8zY7BaggK-YJtbSVNlz1ZZQLkEJPIrmigONHoNC16dH1xGZ-JelBonZPsbcMnBkTbTjKP_x5po_qcIQpdn0TuE5eeaQTCvIW0azFkcnBxx5lZXO3k8yfwQhKwtT3_sKSGdl0-NXMIG_X-pPgRH6M2ANH_7N3kBy40ILRTY_lTPjsVoS5qmsrfYGtpipgF3g5GwKVYhvgUCDN2Qgx6ll7z-YOWo5bNP1DRJQNdFboH2OL1ISfoMnJGNvft9Vvfggh57P6wr3aAKkXVz8XeZoTyN0Io21xWjj8eYCyIhLZkzt-b0nNa2JZk8hWIIcXklCsUzkd0ZDW0O85q1097rXzYoYFpp9QFNyoK_mJn0tsI5GF-Y9qsgAtA6Y2NwKZ-3NP55WLiQOsnCpz9qaC2LEeV0447iyq9NMbVDLTCQMwzdBh58JZK04kvVH0W9jc3_-cA_kYdD3zs1VyzzMmu0Y1pkQEoH99ASU2-eKoZmbx2cNLCI5zSBeNGlIpNQhb16x86Jw8_UVciFzFs6GeRe60Ege00RMZ4cH__ANbv-NU9Gc8E_L4XpAWszdaUpCnXHK4Ki1-T9oNbOlH54z7Yo-uL_NaAa7Ve12OkjXoUYO1MPxjrZZmPTaReRksVHpqlmLy5t04Fz25AXtSP5OmKoi5Khh_jgMxzEpyiYzp8gxMVjhT_EeM-C_IwTymp8Agsscbq2yn_ZnewjLRAGtjFyUiY-jJ6fysYv7FqggTeJlQ

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| __cfQR number| section_id number| article_id object| AOFIF object| Ado object| _adoGlobal function| AdoElement object| ado object| xado object| adocf object| _aoConsentBuffer function| adoceanblitzbgonnipoggeo function| adoceanblitzbgtgcmmqdrch function| adoceanblitzbgwflfjtjmhm function| adoceanblitzbgzeepfwphmr function| adoceanblitzbgpchtolphfz function| _AO_sendHits string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| $ function| jQuery number| uidEvent object| bootstrap object| Cookies function| ResizeSensor function| lazyload function| LazyLoad object| lightbox object| webpackChunk object| adserver_emissions object| adserver_emissions2 object| adsbygoogle function| fetchData boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| Raven object| hcaptcha string| google_user_agent_client_hint object| grecaptcha object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_llp object| google_pso_loaded_fonts object| google_image_requests object| googletag function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator

9 Cookies

Domain/Path Name / Value
.hit.gemius.pl/ Name: receive-cookie-deprecation
Value: 1
.blitzbg.adocean.pl/ Name: GAD
Value: Klxw6RMGQMQGRMbMin6IeUoUssGMXP8cfRySssX6xssGvaGpI7EPojVWL18GG7_D18yUu6aGmGvXGiL3uBeSsss6Ss8.
zdrave.to/ Name: XSRF-TOKEN
Value: eyJpdiI6InhnblNaV3U0Y3hCMkFUNXRHaEVXNHc9PSIsInZhbHVlIjoiYno3ekVyNXEycmx4eWg5bm0wRXJwMWFqNDFIQkhGanNaZTdKUUF2dEc5eVBSQ2Z5QWRIditFSEV5aHQ4aHlFd0V3U09YdlltRVNqekUzWDNQalRzL1dBVVFpb2NSMFI0c0w3cGRjVmQ4dHkvSWZmdW52a2VyL3JQS2dnZ05GbWYiLCJtYWMiOiI4NGJmZjcwMmQ5MTFiNDNlNjNmNzIxZTM4NmZjNzRlNzI1NzJlYzAzMzJlNzJiNTI4MTdiZmJjYzdhZGJkNmMwIiwidGFnIjoiIn0%3D
zdrave.to/ Name: blitzsites_session
Value: eyJpdiI6IlpHYW5zbjdRdkJ2K0pNOUlld3MwdVE9PSIsInZhbHVlIjoiTEtVc0lOUlh4dXphMStPVEVBRWMycnlWeW5DWWl0N3ZLUnA5OFFDcU9KdlVLMGRhcjYweWM5bGtjd005akY2ZENxcUpCQzcyaEVwNHY4TXBDNGtCbzdSS3d5T1JGSTU0L05XeVBlWGkwd01sUVFVSkkvR1ZQY0lZcGM4S2wzdXkiLCJtYWMiOiIxNjA0OGY0Y2U5MDg5ZGFjY2VlZGJiYzFhYzdmODVlZWY0YWY0YzIwOGYxM2YwNTM0ZjM3MTdkMTljZGIwMTQzIiwidGFnIjoiIn0%3D
zdrave.to/ Name: Ywirc2pfoAyF5DfbKQZuzTvBEMrrSXOM9O1ernTs
Value: eyJpdiI6InVod1IxR0RVWXRpeEJGL2RpM01Ya3c9PSIsInZhbHVlIjoibWJGMlk3UjNjeTdvU2FRM2k1cFFEVjJYbmhIYTFYbXpJZTlrS043aGp5d2o1b2VNL2dTYXZUdmF1cWJFSThubzUrUDA2dzI3eENmMGVneTdlbEdqQkJLVlhGT3orZ2xuanN5UDg0cHcwM2RjV3EwOHZxTDBOR2ZFWmhodGl2Z2cxYUN1UTQvMWtaNU9TY2R0OEpkd01mM2cyeFdsYzVyeGRNa05udHRubmFTVThLSFUzeFZJMkJ5eWJaak1BdmVLVVlrR3hreXUxUFY3ODdNWnVKMExoUnlPYVhKZmdQV1hSdmFMMkY2UFZSY2JLOTk4Sks1M2g0RDBIdFc3bS9ybUI5Z3pGNHlObkY4NXVQMy9LU1hjWElWTE9SekZyK3oxblQ5OVNyVVFaNWtvSG93cFdCV2tyaGxkVFNQakNnUWxoajlyb1dqNVZkKzRIWmpwTGw5NHhIV1RyZFNvMVB2d2I3NWd4eXFlMTJSckhWZnNpWmdlelZ6dzR4UnNqSklNNzhtQ21RYUJaRGNrckduZTYzUEowbkY5b25kWndOMUN1QVViVmwvZVlSTFFOa2EwNnEySW5JY3JoZ3Q5TUZ5SCIsIm1hYyI6ImI0Y2NmZTc5YWU4OGY0ODljZWIzZWIyZjFjMWMzYmQ3OWMxZGE2NWMxNDg5MmY5Mzg5Y2NjZmE2YmQwZDEwZDYiLCJ0YWciOiIifQ%3D%3D
.zdrave.to/ Name: __gfp_64b
Value: BJnHnvXl2wX9mazzjp_0Ets4meulq0UZea.f8INc76j.o7|1725012396|2
.hit.gemius.pl/ Name: Gdyn
Value: KlGU9RGGQMGGilSmWIJIeUoUssGM91goL6nxGsRP5x7tGKGGqCZvLGlsleX2sbfPgK4iGQaS-zVBCUVoXQG.
.hit.gemius.pl/ Name: Gdynp
Value: qpbHRuv0VWwzXkH9qhGJn9toqvlL5Q2fIeoQq3P99Pz.y7
.zdrave.to/ Name: __eoi
Value: ID=b6451a763d526222:T=1725012396:RT=1725012396:S=AA-AfjaJ-b1Eyh0n5_0MdfQ8nHD6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blitzadbg.hit.gemius.pl
blitzbg.adocean.pl
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
gabg.hit.gemius.pl
js.hcaptcha.com
ls.hit.gemius.pl
newassets.hcaptcha.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
zdrave.to
pagead2.googlesyndication.com
104.19.229.21
104.19.230.21
142.250.184.226
142.250.185.98
146.59.21.26
146.59.28.220
146.59.30.104
188.114.97.3
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
78.128.6.42
0a8689662e3701724e8f6e56a0010f6df824b4cf9fecb49b3ae204389a709c0a
0cad128f25dc70ec03e82ce9af2a4a23cd050fb97340b9613b79060f921f4aeb
0cebaa4090e53cdf9ca6c1987ec2aea303793ead7adb2250ea72c69854b47db1
135becf5d3fd137ecdd29a3a4872e0272a8fdcf1edac5a91c98020d2ec396cb3
14aeaf76dc17c06dd162cc3559f092ec680882806cb74af8c212d5c7515569e7
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
15f3283de265c594c88ee0e2f9d59508794bfab8fd871d6f7eacbb0b77de653b
19bdffd2fb958083ccdf3059cb5d1c57df2de74a7bf16709205a5de6b982fe4e
20ac558ae4e736f5a22d58c1bcdab41693e106fb485d0c582be711621ef6456d
20e6b2e7a206dbd04ee91d935b2e4fbb0a286074c78a72896f9ce5306b742f86
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
27071583a6d71dc22a8b41cced705b1b39bf911dde57eb50eb3edc999fe0b17c
33f9b523a9e19840aa56cb019533c363ab5f4436b06c23be28d4cc6a8e02a3a0
35f99fa4f5b5657c0b1bab127d49101341f97bb9a1d017939b1e041afadb0a32
3b23da48d3279c949bfaf42c1b2a2d3383e0af32bcb50f6a1c4eaba7a25cabc5
43b6f7ccef208303378866e261e4447d8353e294650a15e99d805a9d35df38e9
44c0f7a22dcc0eab34715cbbe794c28b03cf6c4d19aa1132894137be06be23bf
500b10564f2385731f7169b1ab56326035f3e72b774616cc84e5e84dc15f137f
509b3883b5264f804925208d1b6beb70e22c2f19ee3d5535769b9ed6dc95e383
54e6ed7d7d3dd6da61545f4fd2f94e8d524f68cbd5de09addd7267aa3a9c6b21
55fde6910156dd1644db48c4e0b27845cd5eafa6a7365df454e56e2b9036336c
598a1f72f98ff329c6bd94a380f8a41ff728c90e418100fff0eb4538d07ba41e
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66d9b87cc5b115c5ac0d02f8a8f519e7faad82efa55ac3021fbba1de3270ede5
75506cdfa48b4eaf00da9b24434ad637c265c352bdf43a099b830b7c90f79483
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
7ec41eca235b085be2db09f9a17d7eb719522961f277e76b726f0d4b7d5f01db
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8ba2249d2ee21ca9d96d7bf42df0d01ad5fbc8ef2876cbc9ae5a159e2c3ea46f
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
992f84b463c17d634dad3e0bd9e0deab4d8d8015fc03a4d17079dedebbf46282
ae03289bb26aefab9857ae4b0097652bc8a17643990dee384031c88775941ee9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8add867842c10be467409ee4d9fd0436fdab56d783d0fa87e2d3d3015acb7f6
bb7eecebfb0baf2e12327fa7bbc71532fef68b3786f8405b1aecbe971acde952
c9015686cf54e5e643e2bffe8cf0aa2c3140f56b0d84c1a315845e8a31601db4
c9c1caceee24c82513919d61734ad3ccb66800fa0a92f71da617c49b8a872fb1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1b007702c0444c01c980a66ad1945adb910f10979b1e96b7f5fb58372ea6a54
d1f8bba81644986ef5ec2d3c288efa166507fb8d1e74f6dafb4519e97020a6f4
dc5820b199c870cc71e5fe01e4dfc3ae2d531ddfbbaf586aca2571489d6371ec
dfafd24bc8d5c5900ec2b2368898cbdda049bf3f4e1bf2fac85d86b776dcf64c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
eeb868d01f8ee377df8a4d551dcff2bf54bec162a8da003bc1f59779984f83e8
f31b6b0d42a198dfb09649e20e58b5a32e482ef4f105fdfda6056e86bd031937
f9c6b9dfbbc3bdf53d18a900b7a5ef74b5ca7b3471c6806fc6bcc1ce1731829c