URL: http://zdorovia.com.ua/
Submission: On July 27 via api from GB — Scanned from GB

Summary

This website contacted 84 IPs in 15 countries across 81 domains to perform 479 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
57 91.210.190.92 48440 (AS-EKVIA)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a03:90c0:41:... 199524 (GCORE)
1 104.18.2.81 13335 (CLOUDFLAR...)
2 4 88.212.202.52 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
6 31 54.38.197.123 16276 (OVH)
1 3 2001:4860:480... 15169 (GOOGLE)
1 104.18.3.81 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 146.0.227.107 29066 (VELIANET-...)
4 22 146.0.227.109 20773 (GODADDY)
1 2a03:2880:f01... 32934 (FACEBOOK)
12 19 142.250.185.130 15169 (GOOGLE)
4 193.200.65.6 6681 (GIVEME-CLOUD)
4 198.47.127.18 62713 (AS-PUBMATIC)
1 3 185.184.8.90 204995 (RTB-HOUSE...)
10 14 185.89.210.180 29990 (ASN-APPNEX)
38 2a00:1450:400... 15169 (GOOGLE)
2 185.46.149.20 44600 (GT-AS)
5 77.123.132.26 35680 (VOLIA)
10 51.38.120.206 16276 (OVH)
4 209.205.207.234 55081 (24SHELLS)
1 9 46.249.52.248 50673 (SERVERIUS-AS)
4 216.52.2.19 30282 (AS-INAPCD...)
7 7 3.120.3.232 16509 (AMAZON-02)
1 1 168.119.168.187 24940 (HETZNER-AS)
4 8.2.108.175 46636 (NATCOWEB)
2 2 18.156.0.31 16509 (AMAZON-02)
2 82.145.213.8 39832 (NO-OPERA)
2 83.222.114.186 42632 (MNOGOBYTE...)
3 2a06:8640:464... 55081 (24SHELLS)
2 8.2.110.206 46636 (NATCOWEB)
1 183.110.238.136 4766 (KIXS-AS-K...)
3 3 188.42.191.196 7979 (SERVERS-COM)
3 3 104.18.19.126 13335 (CLOUDFLAR...)
3 3 199.115.119.227 30633 (LEASEWEB-...)
2 2 34.245.154.233 16509 (AMAZON-02)
1 2 168.119.9.59 24940 (HETZNER-AS)
1 2 194.247.175.19 196831 (BEMOBILE-AS)
8 24 52.205.204.29 14618 (AMAZON-AES)
8 5.178.65.252 50673 (SERVERIUS-AS)
6 6 23.75.240.210 16625 (AKAMAI-AS)
12 23.205.235.133 16625 (AKAMAI-AS)
8 23.35.236.201 16625 (AKAMAI-AS)
4 205.234.175.175 30081 (CACHENETW...)
1 19 2606:4700:10:... 13335 (CLOUDFLAR...)
3 185.64.190.78 62713 (AS-PUBMATIC)
15 2a00:1450:400... 15169 (GOOGLE)
3 4 35.227.248.159 15169 (GOOGLE)
6 8 37.157.2.234 198622 (ADFORM)
3 52.223.40.198 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.19.192.193 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
2 2 185.86.137.131 201081 (SMARTADSE...)
2 6 52.213.127.205 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 54.229.168.160 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 63.34.135.249 16509 (AMAZON-02)
1 162.55.233.28 24940 (HETZNER-AS)
2 2 151.101.194.49 54113 (FASTLY)
1 52.222.236.82 16509 (AMAZON-02)
1 1 52.20.189.152 14618 (AMAZON-AES)
1 2 52.95.126.138 16509 (AMAZON-02)
1 69.192.160.219 16625 (AKAMAI-AS)
4 4 52.209.144.248 16509 (AMAZON-02)
1 9 69.173.144.139 26667 (RUBICONPR...)
1 172.217.18.2 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 108.138.17.110 16509 (AMAZON-02)
4 212.129.3.112 12876 (Online SAS)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 25 23.227.139.243 55081 (24SHELLS)
2 67.202.105.32 32748 (STEADFAST)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 4 35.227.252.103 15169 (GOOGLE)
3 3 213.19.147.44 26120 (RHYTHMONE)
3 3 54.171.211.68 16509 (AMAZON-02)
28 2a00:1450:400... 15169 (GOOGLE)
1 2 54.155.3.166 16509 (AMAZON-02)
2 46.51.145.3 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 104.18.18.126 13335 (CLOUDFLAR...)
2 142.250.186.67 15169 (GOOGLE)
3 2600:9000:223... 16509 (AMAZON-02)
20 2600:1f18:1ac... 14618 (AMAZON-AES)
4 3.120.214.218 16509 (AMAZON-02)
1 142.250.185.102 15169 (GOOGLE)
2 172.217.16.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 18.192.108.196 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
1 2a00:1450:400... ()
1 2a00:1450:400... ()
479 84
Apex Domain
Subdomains
Transfer
66 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
972 KB
54 zdorovia.com.ua
zdorovia.com.ua
1 MB
36 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 6944
file.adpartner.pro — Cisco Umbrella Rank: 275505
61 KB
31 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
ad.doubleclick.net — Cisco Umbrella Rank: 202
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296
121 KB
30 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 44129
inv-nets.admixer.net — Cisco Umbrella Rank: 2646
content.admixer.net — Cisco Umbrella Rank: 253942
2 MB
27 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 759
pixel.adsafeprotected.com — Cisco Umbrella Rank: 570
static.adsafeprotected.com — Cisco Umbrella Rank: 559
dt.adsafeprotected.com — Cisco Umbrella Rank: 499
190 KB
27 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1045
eus.rubiconproject.com — Cisco Umbrella Rank: 598
token.rubiconproject.com — Cisco Umbrella Rank: 703
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2305
pixel.rubiconproject.com — Cisco Umbrella Rank: 333
66 KB
26 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 5107
sync.adtelligent.com — Cisco Umbrella Rank: 3848
14 KB
24 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2290
28 KB
21 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4932
s.e-planning.net — Cisco Umbrella Rank: 7278
u-ams02.e-planning.net — Cisco Umbrella Rank: 60309
i.e-planning.net — Cisco Umbrella Rank: 7322
12 KB
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1792
mwzeom.zeotap.com — Cisco Umbrella Rank: 1448
7 KB
16 go2net.com.ua
scripts.go2net.com.ua
ads.go2net.com.ua — Cisco Umbrella Rank: 354515
313 KB
15 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 587
ads.pubmatic.com — Cisco Umbrella Rank: 485
image6.pubmatic.com — Cisco Umbrella Rank: 634
47 KB
14 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 841
tags.crwdcntrl.net — Cisco Umbrella Rank: 1361
67 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234
12 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 10
adservice.google.com — Cisco Umbrella Rank: 96
4 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 811
8 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4506
cm.adform.net — Cisco Umbrella Rank: 1608
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
4 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
5 KB
6 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 4850
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5450
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
157 KB
5 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2912
adservice.google.co.uk — Cisco Umbrella Rank: 4623
2 KB
4 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 945
5 KB
4 gstatic.com
www.gstatic.com
p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com
28 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1686
620 B
4 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 6942
2 KB
4 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 37983
853 B
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 451
1 KB
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 5746
516 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 699
1 KB
4 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 87673
1 KB
4 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9515
3 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 650
866 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 462
usermatch.krxd.net — Cisco Umbrella Rank: 1248
935 B
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 447
d.agkn.com — Cisco Umbrella Rank: 568
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
793 B
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 4950
1 KB
3 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2101
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285
cms.analytics.yahoo.com — Cisco Umbrella Rank: 765
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 632
921 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
37 KB
3 nashamama.com
nashamama.com
40 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 622
572 B
2 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 5710
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4813
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 952
721 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1294
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 640
857 B
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1510
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22941
681 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1195
752 B
2 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 97129
466 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 19513
543 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2848
888 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 8743
1020 B
2 com.ru
rtb.com.ru — Cisco Umbrella Rank: 32432
480 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2408
838 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 132767
i.bigmir.net — Cisco Umbrella Rank: 283103
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 113
54 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 533494
r.i.ua — Cisco Umbrella Rank: 152663
4 KB
1 ipv6test.net
dzc-v6exp3-ds.metric.ipv6test.net
583 B
1 ipv6test.com
dzc-v6exp3-ds.metric.ipv6test.com
583 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1090
463 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
23 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 873
651 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 471
145 B
1 widespace.com
engine.widespace.com — Cisco Umbrella Rank: 62063
209 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1992
359 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 926
356 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1672
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7265
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 12187
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 629
163 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 2740
904 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 24672
221 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 564
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
9 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 303
30 KB
479 81
Domain Requested by
54 zdorovia.com.ua zdorovia.com.ua
38 pagead2.googlesyndication.com scripts.go2net.com.ua
pagead2.googlesyndication.com
file.adpartner.pro
googleads.g.doubleclick.net
zdorovia.com.ua
tpc.googlesyndication.com
ad.doubleclick.net
www.googletagservices.com
31 a4p.adpartner.pro 6 redirects zdorovia.com.ua
a4p.adpartner.pro
28 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
ad.doubleclick.net
24 a.audrte.com 8 redirects ads.us.e-planning.net
a.audrte.com
s.adtelligent.com
zdorovia.com.ua
22 sync.adtelligent.com 2 redirects s.adtelligent.com
ads.us.e-planning.net
s.console.adtarget.com.tr
22 inv-nets.admixer.net 4 redirects scripts.go2net.com.ua
zdorovia.com.ua
ads.us.e-planning.net
20 dt.adsafeprotected.com googleads.g.doubleclick.net
zdorovia.com.ua
19 cm.g.doubleclick.net 12 redirects spl.zeotap.com
googleads.g.doubleclick.net
15 mwzeom.zeotap.com 1 redirects spl.zeotap.com
14 ib.adnxs.com 10 redirects zdorovia.com.ua
spl.zeotap.com
scripts.go2net.com.ua
googleads.g.doubleclick.net
12 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
s.adtelligent.com
10 onetag-sys.com ads.go2net.com.ua
ads.us.e-planning.net
s.adtelligent.com
10 scripts.go2net.com.ua zdorovia.com.ua
scripts.go2net.com.ua
8 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 ads.pubmatic.com ads.us.e-planning.net
s.adtelligent.com
8 s.e-planning.net ads.us.e-planning.net
8 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
7 x.bidswitch.net 7 redirects
6 token.rubiconproject.com eus.rubiconproject.com
6 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
6 dmp.adform.net 5 redirects spl.zeotap.com
6 secure-assets.rubiconproject.com 6 redirects
6 ads.go2net.com.ua scripts.go2net.com.ua
zdorovia.com.ua
6 cdn.admixer.net zdorovia.com.ua
scripts.go2net.com.ua
cdn.admixer.net
5 www.googletagservices.com googleads.g.doubleclick.net
fw.adsafeprotected.com
5 ads.us.e-planning.net 1 redirects ads.go2net.com.ua
s.adtelligent.com
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
4 ps.eyeota.net s.adtelligent.com
zdorovia.com.ua
4 rtb.openx.net 3 redirects googleads.g.doubleclick.net
4 js.cookieless-data.com s.e-planning.net
4 adservice.google.com pagead2.googlesyndication.com
4 adservice.google.co.uk pagead2.googlesyndication.com
4 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 4 redirects
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 spl.zeotap.com ads.us.e-planning.net
4 i.e-planning.net ads.us.e-planning.net
4 u-ams02.e-planning.net ads.us.e-planning.net
4 us.ck-ie.com zdorovia.com.ua
4 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
4 s.adtelligent.com ads.go2net.com.ua
s.adtelligent.com
4 image8.pubmatic.com zdorovia.com.ua
4 m.trafmag.com zdorovia.com.ua
4 counter.yadro.ru 2 redirects zdorovia.com.ua
3 static.adsafeprotected.com googleads.g.doubleclick.net
pixel.adsafeprotected.com
3 sync.console.adtarget.com.tr 2 redirects s.console.adtarget.com.tr
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 ad.360yield.com 3 redirects
3 sync.1rx.io 3 redirects
3 match.adsrvr.org spl.zeotap.com
s.adtelligent.com
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
googleads.g.doubleclick.net
3 sync.lemmatechnologies.com 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 ads.betweendigital.com 3 redirects
3 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
3 creativecdn.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
2 id.rlcdn.com 2 redirects
2 d.agkn.com 1 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
2 p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com
2 cm.adform.net 1 redirects s.console.adtarget.com.tr
2 www.gstatic.com googleads.g.doubleclick.net
2 pixel.adsafeprotected.com googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 vid.vidoomy.com s.adtelligent.com
2 ic.tynt.com s.adtelligent.com
2 csync.loopme.me 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 sync-tm.everesttech.net 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 sync.smartadserver.com 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 pa.tns-ua.com 1 redirects zdorovia.com.ua
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 ads.avct.cloud 2 redirects
2 cs.mobfox.com zdorovia.com.ua
scripts.go2net.com.ua
2 rtb.com.ru zdorovia.com.ua
2 t.adx.opera.com zdorovia.com.ua
scripts.go2net.com.ua
2 ups.analytics.yahoo.com 2 redirects
2 content.admixer.net zdorovia.com.ua
2 www.youtube.com zdorovia.com.ua
www.youtube.com
1 dzc-v6exp3-ds.metric.ipv6test.net
1 dzc-v6exp3-ds.metric.ipv6test.com
1 cms.quantserve.com googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 ad.doubleclick.net www.googletagservices.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 engine.widespace.com spl.zeotap.com
1 sync.richaudience.com spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 idsync.admixer.co.kr zdorovia.com.ua
1 bidswitch-eu.splicky.com 1 redirects
1 static.xx.fbcdn.net www.facebook.com
1 www.google.co.uk zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 www.facebook.com zdorovia.com.ua
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
1 ajax.googleapis.com zdorovia.com.ua
479 116

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA
2021-11-15 -
2022-12-05
a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2022-06-08 -
2023-06-21
a year crt.sh
*.google.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-05-05 -
2022-08-03
3 months crt.sh
adpartner.pro
R3
2022-06-14 -
2022-09-12
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-06-01 -
2022-08-30
3 months crt.sh
ads.us.e-planning.net
R3
2022-07-12 -
2022-10-10
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2
2021-11-12 -
2022-12-14
a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-18
a year crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-14 -
2023-06-14
a year crt.sh
rtb.com.ru
R3
2022-05-26 -
2022-08-24
3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2022-05-28 -
2022-08-26
3 months crt.sh
*.mobfox.com
R3
2022-06-28 -
2022-09-26
3 months crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018
2022-04-29 -
2023-05-01
a year crt.sh
*.audrte.com
Amazon
2022-02-24 -
2023-03-24
a year crt.sh
*.e-planning.net
R3
2022-07-25 -
2022-10-23
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2022-02-23 -
2023-02-03
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-04 -
2023-06-03
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-29 -
2022-12-30
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
widespace.com
Amazon
2022-02-23 -
2023-03-24
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-23 -
2023-03-22
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-05-29 -
2022-08-27
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2021-09-23 -
2022-09-30
a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2021-08-06 -
2022-09-05
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
fw.adsafeprotected.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
static.adsafeprotected.com
Amazon
2021-09-05 -
2022-10-04
a year crt.sh
dt.adsafeprotected.com
Amazon
2022-04-10 -
2023-05-08
a year crt.sh
eyeota.net
GoGetSSL RSA DV CA
2022-03-18 -
2023-03-18
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2022-07-26 -
2022-10-24
3 months crt.sh
*.metric.ipv6test.com
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh
*.metric.ipv6test.net
GTS CA 1C3
2022-07-04 -
2022-09-26
3 months crt.sh

This page contains 111 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: 7D3270600C1600F31D171EFFB4734AD5
Requests: 131 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Frame ID: CA6164CB2DC99D17B47F8C241322215A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: CFCB577121E0C5BE82948833C8AB4487
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 278AB7D1D3707CEF385C00B6C099B876
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: 594490606AE5E58FD3DC14F43B2C9789
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=89805737921554770&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: E5ABAA0F7C9F07F660202F4498E19DFC
Requests: 3 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: 2306DA096F8E48475AAC62F419928BE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 557CBBAC64DFF0AB53C90FBE367D2B63
Requests: 8 HTTP requests in this frame

Frame: https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Frame ID: AF51F82197C5F35B2E4FBD0EEE762E80
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: A2967071DFA87E6DA4F5392FC2D3C161
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 198A66A4D0E3FCC89E76C818B5D9591C
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 09E1B1E3AD0B4ED64652A9F644EB96F3
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 931A2E92E8222CB7061FEE16FC646AC7
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: E0D97FEB4D5FF353E23464F182C2FA3B
Requests: 11 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: E83B6117598D915C5BC98769E638C814
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 30C1AF57B4288D1E7B0A7E511D9CA33E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 88970FBF04FD1F3B72E090A8D8F4ACFE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1185be8d6f1055ff%26uid%3D
Frame ID: B1EEA9694A580DA216BDA94B6FE7D943
Requests: 2 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: F4A8DB91CCFA556657B46878A0CDD2B3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 75AE856BB07674C625BF35A199380AAC
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 504C816878D2089AC7DCBFA45E2378C5
Requests: 28 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 1A6CE11D51D5C3D55C9B33811B822532
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=2&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 4E85A96E6392CA2BF25390B0FDCBE4E2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220725/r20190131/zrt_lookup.html
Frame ID: D55F6057CCB4C001C612630911A49633
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_89805737921554770&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D9838958080da5663594fc72f1f777da3
Frame ID: 674B55CB340A8ABD0DD9E81AF227CEAE
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 39776FF178D857A911D5406886DC5F48
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 4A99958EA30940A23D128C3BCFB01DED
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fa87056c1-ba30-482e-bd7e-9604ce87bfac%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY3LCJzaG93X2lkIjoiYTg3MDU2YzEtYmEzMC00ODJlLWJkN2UtOTYwNGNlODdiZmFjIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D5338717df765d55432ced9be2ccd0ff7&showId=a87056c1-ba30-482e-bd7e-9604ce87bfac&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Frame ID: EEE174111DEBA8DE9007B1B13F023471
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522a87056c1-ba30-482e-bd7e-9604ce87bfac%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522a87056c1-ba30-482e-bd7e-9604ce87bfac%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 9AD6C1255725925384EF05D71C234A64
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522a87056c1-ba30-482e-bd7e-9604ce87bfac%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522a87056c1-ba30-482e-bd7e-9604ce87bfac%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 47CEAB1A5282C2270A77A78633A9FF15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Frame ID: 38ACED1D69A1D86402BFEDE8F32B7007
Requests: 45 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: AC74F2D82E90347D4C0BC2B21236F601
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ABmS-bqVGTUX0usZ
Frame ID: E41B0B115CED5154FB4B25EBF889F593
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Frame ID: EE55277C0FEAC6BA36E5C7881A9A4EBF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Frame ID: 79F891D8FAE74B1C2CCABA831E729CDA
Requests: 11 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: E46917B6EB6B5017112FB996FDEC15DB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 0997428ACFDF5B46A351FE4567E53A96
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: B9C2BD8F7045AFF4641CC6554F40F9B2
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 2D05FD230B9C3E9D7C052DD60655FD69
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
Frame ID: 70C216084F35CA5DAF0B7657F32A5BF8
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
Frame ID: 74948F26F2CC74176E1F85F1B179CB07
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 96BDF3B8EDAF303FFE6802EDE53FB3B4
Requests: 11 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 4E02A4F637D1843251BEE3D648AD86A6
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 0CBF0AD6389B0E342D65FE8943398619
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 4F8A0D09F8E146C46CADDA2AEA450DBF
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 56D18A87FA02EFA8B6131497278D8CF9
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 61F48299338F894BC9C0490DC152E545
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 13A2CCAF8605347E325077EBF3D89823
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D42966876e79418d6%26uid%3D
Frame ID: 6C3A2002AB9242D39F4DB47C943BB7C0
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: F6F87D2553684893088BBA6E9B47F35A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: FD5CF2E8B5423BD211A732B33BAE0EBA
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: A5AD5142B047BE6A318BDA077DFEB918
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: FFC2F307B03F97B3BBE342C53F003C37
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D42966876e79418d6%26uid%3D
Frame ID: 2CE61F2215F35BE06B299B619C455998
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D268B7AE7C2ED192FBF94458A1ADCDB4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: F5B7CA59DD6760B537AB04E858FF6D8A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 5A6561E98F77602C89E4D8D53BF4C952
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820317&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867540&bpp=11&bdt=125&idt=122&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=1398804408309&frm=8&ife=1&pv=2&ga_vid=1084366611.1658896868&ga_sid=1658896868&ga_hid=1842642287&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1915221423&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763506%2C31067983%2C31068562%2C44769950&oid=2&pvsid=148654356446242&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.z97diytet2o2&fsb=1&dtd=140
Frame ID: 412F561E7C73C290904F4863D78C2292
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 489AFD5C4F8751FFA0F97540D626DC30
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=3&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 0101F7F94C4D7DB4E6EBAEDA3860E268
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGNujwcoBMAE&v=APEucNUn9Jpxjus1XhM8ZZpnse-jLc6Bp4N57PD1drLxnjdRKHCsD1OtP6Qhpw5yk6l_tLv3ZEd1-CLGOtbA8XnXk8SI4JsTEk_PRD4iqjeSf1JpNedyuZfkX9cHeAFcba2rhihnEVw-SO--I6YYLg-qmnzN6IupjkcNeP8lbV54CCgcN3RRkYU
Frame ID: 5DF5DEA6BDC2517A47825E24F82C97E0
Requests: 5 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 332C03BE0C5102517C7A8307E526FE1E
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABmS-bqVGTUX0usZ
Frame ID: ED8C6198AD2EAEDBDBEEF3561D09F4D1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: FD71F5F7D7457C34DF5BA8955D2DC586
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 4AF2DFE6721604252E029189DD9C06D1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 841EDF0C05C11AC3882D93264F433656
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 9FC39D464E1BA577B23260DFB49A57DE
Requests: 2 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ABmS-bqVGTUX0usZ
Frame ID: F9DD9A7622A96784E9063C11940DBE69
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7727736C56E498F368D480DC5A47DDE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34AF330F3AC430028B030757B066434E
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 5B1F4B7BDFCB142CCE709003C805592A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
Frame ID: D8418CFCBAC43C84E20BCC4896513466
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: E816C33CAE95E338137DB9B56DBF793C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 00BB0DD538B86C9E85B0960FC9D7BBD4
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 1DF4C1FC41AE0F8FE4BF56FDEB14F5BB
Requests: 11 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 783C9ABFE35C6C010D916BD0817AEDA4
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
Frame ID: 036117B4B529E32C229F3046E951A4FB
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: E0AAE090040B764680D5F9D9DC50CBAB
Requests: 2 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: DB27D5671CBD9C431B9CB66E537091E1
Requests: 1 HTTP requests in this frame

Frame: https://p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 5B74D763BAE4508A286B99DBD1690CC5
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 91E575546401F1D17D9FCC8210DBB09F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D42966876e79418d6%26uid%3D
Frame ID: 35C9AC5578DBB8964E831EEDDE0AA9D8
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: D5E6FD8AC4977B3167529D22E8B46533
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 5F202CB7D1303EC34EB4E5A7E635C7B2
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: CDC9AEDB74410147FE6CE3C256A46E8E
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 227E72356752C76E32E30FA658C35D3A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2AF636DCB8941A9542C195EF94A3E350
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Frame ID: EC7BC82497DE35C29C6E0AD90A540048
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F4a629537-39a0-47f6-b7a0-44ba88180403%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY3LCJzaG93X2lkIjoiNGE2Mjk1MzctMzlhMC00N2Y2LWI3YTAtNDRiYTg4MTgwNDAzIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd39b4fefa837b68406be24c69ba42048&showId=4a629537-39a0-47f6-b7a0-44ba88180403&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Frame ID: A9CE15A3EF89A7C2765B5338245198EE
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25224a629537-39a0-47f6-b7a0-44ba88180403%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224a629537-39a0-47f6-b7a0-44ba88180403%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 8727FFC31F8A0E1FCA29661AC23E976D
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25224a629537-39a0-47f6-b7a0-44ba88180403%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224a629537-39a0-47f6-b7a0-44ba88180403%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 2086C27BBE8DBFC11A75E61DAEE0AFE0
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 125C31AAEA75FEE9CF25DD2D687FC312
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABmS-bqVGTUX0usZ
Frame ID: 2A1B434C6880829748B8FCFBC96EDEDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05792F7F59E3B354961A2021F32681DE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B301D3E0D24DD8EFA69E40D43255F9B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 54F8DC0EE242B0787F71E9AB24C02012
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 45A7A402EBDEC88CB0C974669A1BFDBF
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 83CA3D1612A5CD475572EB80EB60DFE2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Frame ID: 7145D253F93991C017839DCB4F88D336
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823869&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896868660&bpp=14&bdt=260&idt=136&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=8047188943812&frm=8&ife=1&pv=2&ga_vid=1283070654.1658896869&ga_sid=1658896869&ga_hid=1444760284&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=767006191&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763506%2C44764001%2C21065725&oid=2&pvsid=3008588414355440&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.u86fp54zgi4h&fsb=1&dtd=151
Frame ID: D04A5C6B89DB85B622CD9E8974116C53
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E30CB6E41D0CD7E3E8760A0A7AB16D38
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 057BD2B08DF463BE799811F155DF9ECD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77B8E0E37007A09B3D08E313755B6239
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50352BF842D7DE0A351D9B6263B60B50
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 4D7A3BFB889E95A27F1B4EDD1BC0ED75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E8CDF094FD1BBAC17F3DC584DFAA023
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29EA37B6A657D76E748DB4DCFD80EB2F
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5321987192594941898
Frame ID: 55BAFB1D888C50FA6967B1F3DABB7D82
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: 74D031C28E9F0BCE42F087C28958E352
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=2&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 968C41A5A2F68A8685D6232051A8AC5E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=10&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=3&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 562E3DBA8C6ACF18B1B54D21EE692D58
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

479
Requests

72 %
HTTPS

26 %
IPv6

81
Domains

116
Subdomains

84
IPs

15
Countries

5696 kB
Transfer

9831 kB
Size

101
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • http://a4p.adpartner.pro/branding?id=1550&0.48764216165032614 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
Request Chain 59
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 60
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.6056807839437848 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.6056807839437848 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.6056807839437848
Request Chain 68
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n602991&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 73
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=594980137&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=1882440048&utmr=-&utmp=%2F&utmht=1658896866384&utmac=UA-37123827-1&utmcc=__utma%3D148597372.128748108.1658896866.1658896866.1658896866.1%3B%2B__utmz%3D148597372.1658896866.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1207920485&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=594980137&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=1882440048&utmr=-&utmp=%2F&utmht=1658896866384&utmac=UA-37123827-1&utmcc=__utma%3D148597372.128748108.1658896866.1658896866.1658896866.1%3B%2B__utmz%3D148597372.1658896866.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1207920485&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=128748108.1658896866&jid=1207920485&_v=5.7.2&z=594980137 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=128748108.1658896866&jid=1207920485&_v=5.7.2&z=594980137 HTTP 302
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=128748108.1658896866&jid=1207920485&_v=5.7.2&z=594980137&slf_rd=1&random=1877953135
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZTgyNGUyNzBhZmIwNDI1NGI4M2U5YzE1ZjY3ODdmNTc=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZTgyNGUyNzBhZmIwNDI1NGI4M2U5YzE1ZjY3ODdmNTc=&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESELm-q8-IkrHLdELjrRfl62U&google_cver=1
Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZTgyNGUyNzBhZmIwNDI1NGI4M2U5YzE1ZjY3ODdmNTc=&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZTgyNGUyNzBhZmIwNDI1NGI4M2U5YzE1ZjY3ODdmNTc=&google_cm=&google_tc= HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELZaozOVHofUAno6GGFmo1E&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
Request Chain 89
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 90
  • https://ib.adnxs.com/setuid?entity=533&code=e824e270afb04254b83e9c15f6787f57 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3De824e270afb04254b83e9c15f6787f57
Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEBWtSMxW6eoctq8ar3eJ3dE&google_cver=1 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
Request Chain 102
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 105
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 108
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Request Chain 109
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=e824e270afb04254b83e9c15f6787f57&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=e824e270afb04254b83e9c15f6787f57&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=cead257a-d2aa-4ac9-b963-9ead2c2ed025 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=cead257a-d2aa-4ac9-b963-9ead2c2ed025 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=cead257a-d2aa-4ac9-b963-9ead2c2ed025&gdpr=&consent=&gdpr_pd=
Request Chain 112
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-NBsHaWBE2uHOcrD3r.U7hezXEYJTEvb60BDNexU-~A
Request Chain 120
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=86f4d154-084d-52d0-8d70-f7cfef90362c
Request Chain 121
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YuDB42scgN9aRkmS8KfOggAAEbIAAAAB
Request Chain 122
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3De824e270afb04254b83e9c15f6787f57 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=54a05b8f-0d66-11ed-9b67-801844df0ab8 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d9f919bc-497f-49b8-b98f-8bee747d24d7&ssp=lemma HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=cead257a-d2aa-4ac9-b963-9ead2c2ed025 HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=54a05b8f-0d66-11ed-9b67-801844df0ab8 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlemma%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=86f4d154-084d-52d0-8d70-f7cfef90362c&ssp=lemma&expires=30&user_group=1&gdpr=&gdpr_consent= HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=cead257a-d2aa-4ac9-b963-9ead2c2ed025 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=e824e270afb04254b83e9c15f6787f5754a05b8f-0d66-11ed-9b67-801844df0ab8
Request Chain 124
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=e824e270afb04254b83e9c15f6787f57 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=e824e270afb04254b83e9c15f6787f57
Request Chain 125
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=e824e270afb04254b83e9c15f6787f57 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z31D73EF08E74023BBA1A777E872F2E0&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=e824e270afb04254b83e9c15f6787f57
Request Chain 132
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1185be8d6f1055ff%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1185be8d6f1055ff&uid=3537742351156846993
Request Chain 133
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 146
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f4a8c53e-575e-44d9-a932-e49bab2022ce&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Request Chain 152
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=37ca7eae-6b59-4bb4-899d-65c41dee4e24&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 153
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=89362772558022773962178290293932144422&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Request Chain 155
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7124907791208937627&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Request Chain 156
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
Request Chain 157
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361&bounce=1&random=2344032872 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=t0YtRbu3VgP4pE3iwt4K2.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Request Chain 158
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361&cklb=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=
Request Chain 159
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Request Chain 160
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-chGP545E2oo7rKIOy9_JrA_RF1b2fepeaQ--~A&zpartnerid=570&env=mWeb
Request Chain 161
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=WCJJIPin6H8u0Qh%2BBqQywk75d2gmnJAs%2BS41iYitP1U%3D
Request Chain 165
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361&_test=YuDB4wAB5yVJiwBC HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YuDB4wAB5yVJiwBC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361&_test=YuDB4wAB5yVJiwBC
Request Chain 167
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=O-0jX5qc&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
Request Chain 168
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361&dcc=t
Request Chain 170
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Request Chain 202
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
Request Chain 203
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
Request Chain 206
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3537742351156846993
Request Chain 208
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1e238c9e-fa76-43e6-ac8c-74e1953411e9
Request Chain 210
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Request Chain 211
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1658896867636 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1941149148
Request Chain 212
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ecfac498-3979-471e-b65e-993bf14ef236
Request Chain 213
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=e824e270afb04254b83e9c15f6787f57
Request Chain 215
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 233
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D42966876e79418d6%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Request Chain 234
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 241
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D42966876e79418d6%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Request Chain 242
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 255
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3Dff1b8035-0c02-4639-4c18-a6218975f999%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=ff1b8035-0c02-4639-4c18-a6218975f999&zdid=1361
Request Chain 265
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3Deb348fee-9aa0-40a1-5dce-7b09c32606b9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=eb348fee-9aa0-40a1-5dce-7b09c32606b9&zdid=1361
Request Chain 289
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 301
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
Request Chain 303
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7428937989
Request Chain 304
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ecfac498-3979-471e-b65e-993bf14ef236
Request Chain 306
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1e238c9e-fa76-43e6-ac8c-74e1953411e9
Request Chain 308
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3537742351156846993
Request Chain 310
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
Request Chain 312
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Request Chain 313
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=e824e270afb04254b83e9c15f6787f57
Request Chain 316
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBh2dPpw-fpH3VRM2kRT8k&google_cver=1
Request Chain 317
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuDB42scgN9aRkmS8KfOggAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBh2dPpw-fpH3VRM2kRT8k&google_cver=1
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECwQ7Syb8hL4OomX9lpQesc&google_cver=1
Request Chain 319
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUzNzc0MjM1MTE1Njg0Njk5Mw%3D%3D
Request Chain 326
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05abca02bb8f92fe
Request Chain 331
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D42966876e79418d6%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Request Chain 333
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 342
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145716/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D3279755405%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1658896867%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1658896867117%26bpp%3D4%26bdt%3D409%26idt%3D273%26shv%3Dr20220725%26mjsv%3Dm202207190101%26ptt%3D9%26saldr%3Daa%26correlator%3D4550118251236%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D128748108.1658896866%26ga_sid%3D1658896866%26ga_hid%3D1143662830%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C44763506%252C44769950%252C42531605%26oid%3D2%26pvsid%3D4094496418611775%26tmod%3D959607230%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.63jf67lsnky5%26fsb%3D1%26dtd%3D288&adsafe_type=d&adsafe_jsinfo=,id:8aa3631c-6fde-7688-41c7-ce90555ff63f,c:jxvzGh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-88cbdf49d-tvwbx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:48,oid:54d3df6b-0d66-11ed-a3e1-de57bc6e77c9,v:19.8.333,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6lSRXJ9vKRM-ZhEelWl3-IA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6lSRXJ9vKRM-ZhEelWl3-IA&gdpr=0&gdpr_consent=&google_gid=CAESEI8-CkFQ0KWNEHF0hE0VKeM&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 356
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4260939382344949487 HTTP 302
  • https://a.audrte.com/p
Request Chain 360
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3Da7954610-172d-42b3-5383-31e336b03e9b%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=a7954610-172d-42b3-5383-31e336b03e9b&zdid=1361
Request Chain 374
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 378
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1314255100305827079 HTTP 302
  • https://a.audrte.com/p
Request Chain 380
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6cD9zjcUfSMi4aav6IOerjg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6cD9zjcUfSMi4aav6IOerjg&gdpr=0&gdpr_consent=&google_gid=CAESEI8-CkFQ0KWNEHF0hE0VKeM&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 382
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5321987192594941898 HTTP 302
  • https://a.audrte.com/p
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent=&google_gid=CAESEI8-CkFQ0KWNEHF0hE0VKeM&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent=&google_gid=CAESEI8-CkFQ0KWNEHF0hE0VKeM&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 417
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5321987192594941898 HTTP 302
  • https://a.audrte.com/p
Request Chain 428
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEPpiNSyrDDPbp4Pzk_0atRE&google_cver=1&google_push=AehlK4BEWfQ9aNycA0BRiRtX0ckdRTWObwZTITpw9o3mJ9knzf7EXLAkHplLjc7O06cNPzxJtdvstrGlyQSQuf4R9Cs7okqyG02k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BEWfQ9aNycA0BRiRtX0ckdRTWObwZTITpw9o3mJ9knzf7EXLAkHplLjc7O06cNPzxJtdvstrGlyQSQuf4R9Cs7okqyG02k&google_hm=Q0FFU0VQcGlOU3lyRERQYnA0UHprXzBhdFJF
Request Chain 429
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4Az3iHlvcqQ50MEM-gmXaKg45FTdsMEpi8rv4ZyeLi7PKRcwChmrJIOPWp8fDAASKZdhzNlnZIyl2KBuyQImbLksASntAs&google_gid=CAESEFF3RqtF-H_TkjJXEke6c0g&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOWDg5cGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BZWhsSzRBejNpSGx2Y3FRNTBNRU0tZ21YYUtnNDVGVGRzTUVwaThydjRaeWVMaTdQS1Jjd0NobXJKSU9QV3A4ZkRBQVNLWmRoek5sblpJeWwyS0J1eVFJbWJMa3NBU250QXM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRGtNbXBFUExfY1RJQUZvSXIzTVVMVmZhSXluVmVXS2FsV3loRTRxNFY4Zw==&google_push
Request Chain 432
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJDNmq6uobREEy4Oce_5tD0&google_cver=1&google_push=AehlK4CryRORHy-D9RuBhyQoaFg5Q9bLSnU6BJ6DASEuGdlNLWzASuT7kG2nCC9eMhp5lRH_PfWI2k4I_RBqUS0xbxPY2cxvKPCL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzNEQ0QzgtMVItMldRNA==&google_push=AehlK4CryRORHy-D9RuBhyQoaFg5Q9bLSnU6BJ6DASEuGdlNLWzASuT7kG2nCC9eMhp5lRH_PfWI2k4I_RBqUS0xbxPY2cxvKPCL
Request Chain 433
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL6ENGmg1_2jhCacSxgHXsk&google_cver=1&google_push=AehlK4AwJ7TTQQaqWARPSErTKI_ZtNWndHpuiWg9C8CwqKf1K5YRCPA0zFPjrW6jz_5P17qL8vaqdHGVrFNaH2WZLysv-PSIQtzi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL6ENGmg1_2jhCacSxgHXsk&google_hm=YuDB42scgN9aRkmS8KfOggAAEbIAAAAB&google_nid=index&google_push=AehlK4AwJ7TTQQaqWARPSErTKI_ZtNWndHpuiWg9C8CwqKf1K5YRCPA0zFPjrW6jz_5P17qL8vaqdHGVrFNaH2WZLysv-PSIQtzi
Request Chain 469
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5321987192594941898
Request Chain 470
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05abca02bb8f92fe

479 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
zdorovia.com.ua/
88 KB
23 KB
Document
General
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
ae4511843102b233e7457ded5add74266fac47cf86d59e3ce73777569ead891d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Wed, 27 Jul 2022 04:41:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/
38 KB
39 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Fri, 26 Aug 2022 04:41:05 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/
27 KB
27 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Fri, 26 Aug 2022 04:41:05 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/
267 KB
267 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Fri, 26 Aug 2022 04:41:05 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/
12 KB
13 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Fri, 26 Aug 2022 04:41:05 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/
64 KB
64 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Fri, 26 Aug 2022 04:41:05 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/
84 KB
30 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 21 Jul 2022 09:22:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
501502
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
30082
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 21 Jul 2023 09:22:43 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/
4 KB
5 KB
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Fri, 26 Aug 2022 04:41:05 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/
16 KB
16 KB
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Fri, 26 Aug 2022 04:41:05 GMT
media.js
zdorovia.com.ua/templates/default3/js/
0
0
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/
13 KB
13 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Fri, 26 Aug 2022 04:41:05 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/
7 KB
8 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Fri, 26 Aug 2022 04:41:05 GMT
loader2.js
scripts.go2net.com.ua/scripts3/
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-27T03:34:18+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Thu, 19 May 2022 22:41:52 GMT
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-27T04:33:28+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:25 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/
2 KB
2 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Fri, 26 Aug 2022 04:41:06 GMT
01000gqr-iss.jpeg
zdorovia.com.ua/uploads/dsn/3d/d4/001/
21 KB
21 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/3d/d4/001/01000gqr-iss.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
9e4f4ae0958978d17fd321121918339d973f55992576b3192fba28d1047df4b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 25 Jul 2022 07:55:37 GMT
Server
nginx/1.12.1
ETag
"62de4c79-546f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21615
Expires
Fri, 26 Aug 2022 04:41:06 GMT
b85d14b0f4c7d3fb700dac03e99bee33db76a2261.jpg
zdorovia.com.ua/uploads/dsn/7d/26/001/
19 KB
19 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/7d/26/001/b85d14b0f4c7d3fb700dac03e99bee33db76a2261.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
5bae28411058bdc317781ecd7eab90fafa25c679a9eea8c325743547782f1feb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Fri, 22 Jul 2022 08:48:46 GMT
Server
nginx/1.12.1
ETag
"62da646e-4b9d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19357
Expires
Fri, 26 Aug 2022 04:41:06 GMT
00719d0ad446bb4c19231f089f18fa277556be6b1.jpg
zdorovia.com.ua/uploads/dsn/55/9b/001/
17 KB
17 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/55/9b/001/00719d0ad446bb4c19231f089f18fa277556be6b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2dc65860b89577cfe093a91964c5d8c0ca505f600e199b10ae4e034ff0cefbaf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Thu, 21 Jul 2022 09:18:50 GMT
Server
nginx/1.12.1
ETag
"62d919fa-4277"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17015
Expires
Fri, 26 Aug 2022 04:41:06 GMT
doucmduc.jpg
zdorovia.com.ua/uploads/dsn/9c/ca/001/
11 KB
11 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/9c/ca/001/doucmduc.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
c17937534b79fd1af365f2e98e4d8262edcb89c02158dc71f54a3dbba8e643df

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 19 Jul 2022 14:37:36 GMT
Server
nginx/1.12.1
ETag
"62d6c1b0-2aa9"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10921
Expires
Fri, 26 Aug 2022 04:41:06 GMT
f15292751a147b4f88daf10f4c5a94421.jpeg
zdorovia.com.ua/uploads/dsn/d2/aa/002/
11 KB
12 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d2/aa/002/f15292751a147b4f88daf10f4c5a94421.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
3c299d85c164bbdd6657d53566dd74cbc349508fc62a174f3674af234a8c0e2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 19 Jul 2022 07:43:13 GMT
Server
nginx/1.12.1
ETag
"62d66091-2d24"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11556
Expires
Fri, 26 Aug 2022 04:41:06 GMT
aux-head-1614344012-20210226_produkty_3601.jpg
zdorovia.com.ua/uploads/dsn/df/02/002/
25 KB
25 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/df/02/002/aux-head-1614344012-20210226_produkty_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
98152d185a09fed649566f5d43fc272b336d544a577d01475562388c6c697c8f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 18 Jul 2022 18:08:15 GMT
Server
nginx/1.12.1
ETag
"62d5a18f-63b6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25526
Expires
Fri, 26 Aug 2022 04:41:06 GMT
aux-head-1571144634-20191015_rabina_chai_3601.jpg
zdorovia.com.ua/uploads/dsn/1e/23/001/
20 KB
21 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/1e/23/001/aux-head-1571144634-20191015_rabina_chai_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
7d055a46ca72d163a1e5bf69108bd9fd0a2fb324bf17b2556c56f530f97a4279

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 17 Jul 2022 19:32:28 GMT
Server
nginx/1.12.1
ETag
"62d463cc-51b8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20920
Expires
Fri, 26 Aug 2022 04:41:06 GMT
zhuliasi.jpg
zdorovia.com.ua/uploads/dsn/42/c5/001/
12 KB
13 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/42/c5/001/zhuliasi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 06 Jun 2022 10:12:41 GMT
Server
nginx/1.12.1
ETag
"629dd319-31cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12749
Expires
Fri, 26 Aug 2022 04:41:06 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/
29 KB
29 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Fri, 26 Aug 2022 04:41:06 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/
30 KB
30 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Fri, 26 Aug 2022 04:41:06 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/
24 KB
24 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Fri, 26 Aug 2022 04:41:06 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/
13 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Fri, 26 Aug 2022 04:41:06 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/
22 KB
22 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Fri, 26 Aug 2022 04:41:06 GMT
kor.jpg
zdorovia.com.ua/uploads/dsn/3b/80/005/
20 KB
20 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/3b/80/005/kor.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Wed, 08 Sep 2021 08:44:53 GMT
Server
nginx/1.12.1
ETag
"61387805-4f89"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20361
Expires
Fri, 26 Aug 2022 04:41:06 GMT
doglyad.jpg
zdorovia.com.ua/uploads/dsn/dd/14/018/
18 KB
18 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/14/018/doglyad.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Fri, 29 Jan 2021 10:09:42 GMT
Server
nginx/1.12.1
ETag
"6013dee6-4655"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18005
Expires
Fri, 26 Aug 2022 04:41:06 GMT
shud.jpg
zdorovia.com.ua/uploads/dsn/9f/63/014/
16 KB
16 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/9f/63/014/shud.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Wed, 27 Jan 2021 13:56:56 GMT
Server
nginx/1.12.1
ETag
"60117128-3ff4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16372
Expires
Fri, 26 Aug 2022 04:41:06 GMT
5.jpg
zdorovia.com.ua/uploads/dsn/03/2b/055/
33 KB
34 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/03/2b/055/5.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Fri, 15 Jan 2021 10:50:41 GMT
Server
nginx/1.12.1
ETag
"60017381-84f8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34040
Expires
Fri, 26 Aug 2022 04:41:06 GMT
b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
zdorovia.com.ua/uploads/dsn/41/69/002/
15 KB
15 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/41/69/002/b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 18 Apr 2022 19:59:33 GMT
Server
nginx/1.12.1
ETag
"625dc325-3b39"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15161
Expires
Fri, 26 Aug 2022 04:41:06 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/
12 KB
12 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Fri, 26 Aug 2022 04:41:06 GMT
0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
zdorovia.com.ua/uploads/dsn/c2/6d/002/
32 KB
33 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/c2/6d/002/0d3fa784b550cf7d1a6afe00dd81dafa1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Thu, 06 Jan 2022 20:09:55 GMT
Server
nginx/1.12.1
ETag
"61d74c93-814b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33099
Expires
Fri, 26 Aug 2022 04:41:06 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/
14 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Fri, 26 Aug 2022 04:41:06 GMT
d8c527d-hlib1.jpg
zdorovia.com.ua/uploads/dsn/1b/55/004/
36 KB
37 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/1b/55/004/d8c527d-hlib1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
46b0ef7e741ff491d90a9e9fb67bba81f023ff2b07d488fbcda68732a7a7dc26

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sat, 02 Jul 2022 19:46:05 GMT
Server
nginx/1.12.1
ETag
"62c0a07d-91eb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37355
Expires
Fri, 26 Aug 2022 04:41:06 GMT
aoumi.jpg
zdorovia.com.ua/uploads/dsn/41/be/002/
19 KB
19 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/41/be/002/aoumi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f5c1252657d569220b7abaf36abd9d3c30550c7935f1af14d43a358d309c557a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 18 Jul 2022 06:27:33 GMT
Server
nginx/1.12.1
ETag
"62d4fd55-4c5a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19546
Expires
Fri, 26 Aug 2022 04:41:06 GMT
193685.jpg
zdorovia.com.ua/uploads/dsn/37/34/001/
27 KB
27 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/37/34/001/193685.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f94e8a28820779ae32f6699ed4c41bb2197c32360bca72919a55d962db4acf04

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 04 Jul 2022 06:26:10 GMT
Server
nginx/1.12.1
ETag
"62c28802-6aef"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27375
Expires
Fri, 26 Aug 2022 04:41:06 GMT
ovsyanaya-kasha1.jpg
zdorovia.com.ua/uploads/dsn/d3/81/004/
31 KB
31 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/81/004/ovsyanaya-kasha1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
366bd4dcbc5cb7bc3af8d7c0d046abdd245b6c33564393d89a7ff5334223faea

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 18 Jul 2022 18:33:46 GMT
Server
nginx/1.12.1
ETag
"62d5a78a-7c12"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31762
Expires
Fri, 26 Aug 2022 04:41:06 GMT
img_8304.jpg
zdorovia.com.ua/uploads/dsn/b4/45/002/
37 KB
37 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/b4/45/002/img_8304.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
abfde8fdf415962e66c31a475fa8c7929aba9bf645bf2218a08da2845817b16d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Wed, 29 Jun 2022 10:49:55 GMT
Server
nginx/1.12.1
ETag
"62bc2e53-93a1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37793
Expires
Fri, 26 Aug 2022 04:41:06 GMT
oduimi.jpg
zdorovia.com.ua/uploads/dsn/6d/d6/001/
37 KB
38 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/6d/d6/001/oduimi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dc7f27b7a0905f41416a9892af47f359c573062e9c28337f064aec8dd4af7563

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 26 Jul 2022 14:33:20 GMT
Server
nginx/1.12.1
ETag
"62dffb30-94d3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38099
Expires
Fri, 26 Aug 2022 04:41:06 GMT
evtkvp.jpg
zdorovia.com.ua/uploads/dsn/d6/eb/001/
22 KB
22 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d6/eb/001/evtkvp.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2ba588b46c39fc12e1b4abdd8bd8d8d4516c70259bd831017a8ecfff4a2ded72

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 26 Jul 2022 14:27:35 GMT
Server
nginx/1.12.1
ETag
"62dff9d7-58a4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22692
Expires
Fri, 26 Aug 2022 04:41:06 GMT
globe-and-books-near-sleeping-woman_23-21477673681.jpg
zdorovia.com.ua/uploads/dsn/e5/28/001/
27 KB
27 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/e5/28/001/globe-and-books-near-sleeping-woman_23-21477673681.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
615ca4edcb23412fc1922fde49764b75cb9ee4b407d294b1457ed0a2756ce172

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 26 Jul 2022 07:14:03 GMT
Server
nginx/1.12.1
ETag
"62df943b-6cac"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27820
Expires
Fri, 26 Aug 2022 04:41:06 GMT
vaiiv.jpg
zdorovia.com.ua/uploads/dsn/70/2f/003/
18 KB
19 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/70/2f/003/vaiiv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
47ef0b9822d7e798569241487f9033007c1c1be9a37c957ab028674e26509e16

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 26 Jul 2022 14:05:14 GMT
Server
nginx/1.12.1
ETag
"62dff49a-49b8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18872
Expires
Fri, 26 Aug 2022 04:41:06 GMT
_viber_2021-08-05_18-30-30-6501.jpg
zdorovia.com.ua/uploads/dsn/06/db/001/
15 KB
15 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/06/db/001/_viber_2021-08-05_18-30-30-6501.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4f83989b716d6a6ffa798e80070b0a157b5b74944b1e737b8a3a6e5037818339

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Mon, 18 Jul 2022 18:34:56 GMT
Server
nginx/1.12.1
ETag
"62d5a7d0-3af6"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15094
Expires
Fri, 26 Aug 2022 04:41:06 GMT
maxresdefault.jpg
zdorovia.com.ua/uploads/dsn/3f/b2/032/
23 KB
24 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/3f/b2/032/maxresdefault.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a9e56cd9fcf2b9999bbd4436073356b9acf7f0b8346f0ddff56d8a901092acb0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 17 Jul 2022 05:32:24 GMT
Server
nginx/1.12.1
ETag
"62d39ee8-5dda"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24026
Expires
Fri, 26 Aug 2022 04:41:06 GMT
uamus.jpg
zdorovia.com.ua/uploads/dsn/d7/c5/001/
34 KB
34 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d7/c5/001/uamus.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0101e0a81e77f6bfe990cc59ea481aab76f71b4eb6bc5c98dbb72640f2dfb07e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 17 Jul 2022 05:38:40 GMT
Server
nginx/1.12.1
ETag
"62d3a060-8877"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34935
Expires
Fri, 26 Aug 2022 04:41:06 GMT
izhlvmli.jpg
zdorovia.com.ua/uploads/dsn/84/dd/001/
15 KB
15 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/84/dd/001/izhlvmli.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
65bb4826e8d4ae1e25cef5cb0fcf3567bc9f00fae362ddb01f55e6c51927f059

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 17 Jul 2022 05:45:00 GMT
Server
nginx/1.12.1
ETag
"62d3a1dc-3ae2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15074
Expires
Fri, 26 Aug 2022 04:41:06 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/
5 KB
5 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Fri, 26 Aug 2022 04:41:05 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/
5 KB
5 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:05 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Fri, 26 Aug 2022 04:41:05 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/
30 KB
31 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Fri, 26 Aug 2022 04:41:06 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/
13 KB
13 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Fri, 26 Aug 2022 04:41:06 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/
13 KB
13 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Fri, 26 Aug 2022 04:41:06 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/
13 KB
14 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Fri, 26 Aug 2022 04:41:06 GMT
3_1_3.png
i.i.ua/r/
2 KB
3 KB
Image
General
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Age
40612
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7312b3658defe59b-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Tue, 25 Jul 2023 04:01:59 GMT
logo
counter.yadro.ru/
672 B
896 B
Image
General
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
672
Expires
Wed, 26 Jul 2023 21:00:00 GMT
iframe_api
www.youtube.com/
980 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e70fd5a92bf2f07bc4c5eda8f8417411835f8a935b2cb5f73a922cad65cddead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 27 Jul 2022 04:41:06 GMT
vast.js
cdn.admixer.net/scripts3/r/
136 KB
37 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/r/vast.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ID
fr5-up-gc33
Date
Wed, 27 Jul 2022 04:41:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 13:43:44 GMT
Server
nginx
ETag
W/"5a60a490-21e4b"
Vary
Accept-Encoding
X-Cached-Since
2022-05-16T12:27:20+00:00
Content-Type
application/javascript
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Wed, 17 May 2023 12:27:20 GMT
branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
  • https://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:06 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1085
date
Wed, 27 Jul 2022 04:23:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 27 Jul 2022 06:23:01 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.6056807839437848
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.6056807839437848
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Mon, 26 Jul 2021 21:00:00 GMT
s
r.i.ua/
43 B
852 B
Image
General
Full URL
http://r.i.ua/s?u152465&p0&n0.4592067684663472&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:06 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
7312b3657fa8549f-MAN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/
48 KB
48 KB
Image
General
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/
3 KB
3 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Fri, 26 Aug 2022 04:41:06 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/
26 KB
26 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Fri, 26 Aug 2022 04:41:06 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/
251 B
583 B
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Fri, 26 Aug 2022 04:41:06 GMT
link-arrow.png
zdorovia.com.ua/templates/default3/img/
3 KB
3 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Fri, 26 Aug 2022 04:41:06 GMT
page.php
www.facebook.com/plugins/ Frame CA61
15 KB
9 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20ebc17a69a3e036ac776ab4041caa9d4f828ab13bc99deaf94fbb667a77ab00
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 27 Jul 2022 04:41:06 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
8g+RRQDxbw9cFxImzOUKAddpf/au1Pz+GVGRPXP4/B6Z7Nf+3OS/3B9ma6KGXtIw/CT5zKvXaxWAcHuOftVDrQ==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n602991&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB
Image
General
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Sat, 30 Jul 2022 04:41:06 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
c.html
cdn.admixer.net/scripts3/46506/ Frame CFCB
738 B
519 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:06 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:25 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc30
a21031c0f6a0994b3314.b.js
scripts.go2net.com.ua/scripts3/46506/
23 KB
9 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-07-26T10:18:38+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 09:14:13 GMT
0a75d04ce9f53a1a35b6.b.js
scripts.go2net.com.ua/scripts3/46506/
75 KB
20 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-07-26T08:48:11+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Fri, 07 Jul 2023 08:33:23 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame 278A
738 B
405 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:06 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:25 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc30
ga-audiences
www.google.co.uk/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=594980137&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=594980137&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=128748108.1658896866&jid=1207920485&_v=5.7.2&z=594980137
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=128748108.1658896866&jid=1207920485&_v=5.7.2&z=594980137
  • https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=128748108.1658896866&jid=1207920485&_v=5.7.2&z=594980137&slf_rd=1&random=1877953135
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=128748108.1658896866&jid=1207920485&_v=5.7.2&z=594980137&slf_rd=1&random=1877953135
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.co.uk/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=128748108.1658896866&jid=1207920485&_v=5.7.2&z=594980137&slf_rd=1&random=1877953135
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/5784b7e4/www-widgetapi.vflset/
160 KB
52 KB
Script
General
Full URL
https://www.youtube.com/s/player/5784b7e4/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db65bb29d620a66afff4559ffeed1349dc3654bbbe66092fc8a3177a09f65d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 00:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
14503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52722
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 00:16:47 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Jul 2023 00:39:23 GMT
dsp.aspx
ads.go2net.com.ua/
7 KB
3 KB
Script
General
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2133553332747559.8&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22a7c5c8ae-4e2b-a18a-4fa5-d74c74c720ea%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22429190f3-f877-3d9c-09f2-f3667e07731f%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
91240a4d74195d51555316dc1a31aeea5d464e442a2e012ed35e57632098a203
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2098
X-Xss-Protection
0
dsp.aspx
inv-nets.admixer.net/
11 KB
4 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=2370533368579450.5&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2257c9313d-b049-df42-779b-ff20373587e1%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2272426865-7a34-7c7e-da20-51a4f978feb2%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2263c90281-d9d2-f286-7c8f-438da5070800%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2275d81b58-6a8e-a574-0afd-602bb2c98fa5%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
78d43d3f6642730d780f587f964fc7265ef7641493a062f085bf3c83f6beedaf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3237
X-Xss-Protection
0
A1AToBweXDz.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame CA61
19 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/A1AToBweXDz.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1845729106131a090ae9aed41312d0aaa950e749f2d19773aace365576a3c76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
t/jTZ/VZGsCng+Kbqn+raA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4910
x-fb-rlafr
0
x-fb-debug
lRB1d/Fqt2lwgAYQaacsp2jwI67/xTLbsQ8hjJXlJeHTWBQ+RE9YQjs0sTCoVl79QOV2ujIn+j3LtBH78ssdnw==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 26 Jul 2023 15:49:10 GMT
branding.min.js
a4p.adpartner.pro/apstc/
13 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:06 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 5944
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 27 Jul 2022 04:41:06 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame E5AB
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=89805737921554770&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
06ad599e102d16aead6371fe12111f0639cd995fc0871dcc3c88bf79d6cdabce

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 27 Jul 2022 04:41:06 GMT
server
nginx
e1eee23f36481a69453f.b.js
scripts.go2net.com.ua/scripts3/46506/
28 KB
11 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-07-26T08:48:12+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Fri, 07 Jul 2023 08:33:24 GMT
fdabe098f34289659a17.b.js
scripts.go2net.com.ua/scripts3/46506/
42 KB
18 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-07-26T08:48:12+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Fri, 07 Jul 2023 08:33:24 GMT
84011c43c3075e543c6d.b.js
scripts.go2net.com.ua/scripts3/46506/
13 KB
5 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-07-26T08:48:12+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Fri, 07 Jul 2023 08:33:24 GMT
7103cce7fa6705169441.b.js
scripts.go2net.com.ua/scripts3/46506/
11 KB
4 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-07-26T08:48:12+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Fri, 07 Jul 2023 08:33:24 GMT
5927ef40e4a80e0040be.b.js
scripts.go2net.com.ua/scripts3/46506/
215 KB
74 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-07-26T12:00:55+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 09:22:28 GMT
cm.aspx
inv-nets.admixer.net/gadx/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZTgyNGUyNzBhZmIwNDI1NGI4M2U5YzE1ZjY3ODdmNTc=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_emea&google_hm=ZTgyNGUyNzBhZmIwNDI1NGI4M2U5YzE1ZjY3ODdmNTc=&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESELm-q8-IkrHLdELjrRfl62U&google_cver=1
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESELm-q8-IkrHLdELjrRfl62U&google_cver=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_emea&google_gid=CAESELm-q8-IkrHLdELjrRfl62U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZTgyNGUyNzBhZmIwNDI1NGI4M2U5YzE1ZjY3ODdmNTc=&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZTgyNGUyNzBhZmIwNDI1NGI4M2U5YzE1ZjY3ODdmNTc=&google_cm=&google_tc=
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELZaozOVHofUAno6GGFmo1E&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
ImgSync
image8.pubmatic.com/AdServer/
0
42 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:06 GMT
content-length
0
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B
Image
General
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:06 GMT, Wed, 27 Jul 2022 04:41:06 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Wed, 27 Jul 2022 04:41:06 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=e824e270afb04254b83e9c15f6787f57
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3De824e270afb04254b83e9c15f6787f57
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3De824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:06 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
670af54f-095f-4c2f-81d5-aee02a1ff56e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:06 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
64226698-1f17-4793-be59-16cf7ee7c1ec
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3De824e270afb04254b83e9c15f6787f57
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEBWtSMxW6eoctq8ar3eJ3dE&google_cver=1
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
analytics.js
www.google-analytics.com/ Frame E5AB
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=89805737921554770&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2684
date
Wed, 27 Jul 2022 03:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 27 Jul 2022 05:56:22 GMT
branding
a4p.adpartner.pro/ Frame E5AB
1 KB
885 B
XHR
General
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=89805737921554770&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
b26f27bb79243e87a9b4c737ca3d6f8cfded9d03823a6a2e4413da9ed8d8395a

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=89805737921554770&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 27 Jul 2022 04:41:06 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
loader2.js
scripts.go2net.com.ua/scripts3/ Frame 2306
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-27T03:34:18+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Thu, 19 May 2022 22:41:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 557C
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19298322a945cdc2ebbb5a8c965cb28c587fa9a07ba7fc91985861bec759ef8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56665
x-xss-protection
0
server
cafe
etag
729287481244808908
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:41:07 GMT
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=e824e270afb04254b83e9c15f6787f57&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=ebefba94-646b-4503-b54d-9a30c64172aa&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9d104050-06f6-4747-9f07-576948c777f5&inst=ADS-EU-6&ts=637944936665393492&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=e824e270afb04254b83e9c15f6787f57&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=efef1cce-378e-4eb6-9921-0b0d7a0a4f41&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9d104050-06f6-4747-9f07-576948c777f5&inst=ADS-EU-6&ts=637944936665393492&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/ Frame AF51
962 KB
963 KB
Image
General
Full URL
https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
185.46.149.20 , Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
185-46-149-20.net.gigatrans.ua
Software
nginx /
Resource Hash
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 05 Jul 2022 13:58:02 GMT
Server
nginx
ETag
"62c4436a-f09be"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
985534
Expires
Fri, 28 Jul 2023 04:41:07 GMT
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=e824e270afb04254b83e9c15f6787f57&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&device=28&rule=AC37E472-A7BC-417C-9557-81E776BB6B82&requestId=17c29bd2-e2d9-45ab-8a25-e564a19eb497&hp=1048539382&page=zdorovia.com.ua%2F&segments=5%2C1%2C490&ts=637944936665393492&ap=MA%3D%3D&asign=486856189&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-6&pxl=0&pvid=9d104050-06f6-4747-9f07-576948c777f5&ip=217.138.196.109&item=58A999AB-FCB6-49A0-8F11-2519D7D53A56&crid=58A999AB-FCB6-49A0-8F11-2519D7D53A56&size=300x250&profile=01AC75C7-DAC0-4514-9393-6F973B39E04C&isopt=0&adv=N%2FA&dsp=Admixer+Display&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fbattlefront.vogue.ua%2Fen&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0&hold=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/
13 KB
13 KB
Image
General
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame A296
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 27 Jul 2022 04:41:06 GMT
expires
0
pragma
no-cache
server
nginx
media
a4p.adpartner.pro/ Frame 198A
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
/
onetag-sys.com/usync/ Frame 09E1
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2133553332747559.8&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22a7c5c8ae-4e2b-a18a-4fa5-d74c74c720ea%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22429190f3-f877-3d9c-09f2-f3667e07731f%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame 931A
3 KB
2 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2133553332747559.8&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22a7c5c8ae-4e2b-a18a-4fa5-d74c74c720ea%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22429190f3-f877-3d9c-09f2-f3667e07731f%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.207.234 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b0806c783ea9cd1c45094170b0f336e25ae67b2b7b130be18167f310f4135a60

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1258
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
Adtelligent
X-Robots-Tag
noindex
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame E0D9
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
1 KB
968 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=2133553332747559.8&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22a7c5c8ae-4e2b-a18a-4fa5-d74c74c720ea%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22429190f3-f877-3d9c-09f2-f3667e07731f%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
c27edad9d08cc1f4a0c405500156d44229522a0efd89305fcd1bb4d361cc2aa5

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:06 GMT
expires
Wed, 27 Jul 2022 04:41:06 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-745

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Wed, 27 Jul 2022 04:41:06 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-745
ev_view.aspx
ads.go2net.com.ua/
43 B
300 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=e824e270afb04254b83e9c15f6787f57&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=4dec00dd-ba16-4e69-bac8-a179bf10065d&hp=1048539382&page=zdorovia.com.ua%2F&pvid=6bddf706-01f9-4edf-adb7-0c95caa18dce&inst=ADS-EU-6&ts=637944936666741166&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
pixel
ap.lijit.com/
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:07 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:06 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
date
Wed, 27 Jul 2022 04:41:06 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=e824e270afb04254b83e9c15f6787f57&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=e824e270afb04254b83e9c15f6787f57&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=cead257a-d2aa-4ac9-b963-9ead2c2ed025
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=cead257a-d2aa-4ac9-b963-9ead2c2ed025
  • https://inv-nets.admixer.net/bs/cm.aspx?id=cead257a-d2aa-4ac9-b963-9ead2c2ed025&gdpr=&consent=&gdpr_pd=
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=cead257a-d2aa-4ac9-b963-9ead2c2ed025&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=cead257a-d2aa-4ac9-b963-9ead2c2ed025&gdpr=&consent=&gdpr_pd=
Date
Wed, 27 Jul 2022 04:41:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sfaf25.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
mmr445.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-NBsHaWBE2uHOcrD3r.U7hezXEYJTEvb60BDNexU-~A
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-NBsHaWBE2uHOcrD3r.U7hezXEYJTEvb60BDNexU-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-NBsHaWBE2uHOcrD3r.U7hezXEYJTEvb60BDNexU-~A
date
Wed, 27 Jul 2022 04:41:07 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
t.adx.opera.com/
35 B
463 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1px-matching-go2net.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
admixer-sync
rtb.com.ru/
0
240 B
Image
General
Full URL
https://rtb.com.ru/admixer-sync?uid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.186 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
ImgSync
image8.pubmatic.com/AdServer/
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3De824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-length
0
sync.html
s.console.adtarget.com.tr/
63 B
63 B
Image
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:464:0:92e2:baff:fe11:5b68 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/
42 B
510 B
Image
General
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=e824e270afb04254b83e9c15f6787f57&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
idsync
idsync.admixer.co.kr/
43 B
904 B
Image
General
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27-Jul-2022 13:41:08 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=86f4d154-084d-52d0-8d70-f7cfef90362c
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=86f4d154-084d-52d0-8d70-f7cfef90362c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=86f4d154-084d-52d0-8d70-f7cfef90362c
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YuDB42scgN9aRkmS8KfOggAAEbIAAAAB
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YuDB42scgN9aRkmS8KfOggAAEbIAAAAB
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK3DpG7jX228CFXThUGmFCvghWDAff3%2Be8gNR1UwVUGpRrwSzrsqxgUisn%2BZDOtQZhX%2FNP1IqKaonjKQF2Z75KTX8PROOPU1%2BCc%2FemwYRcIw%2FBM6DA12g55m3yaNlZI%2F4heb3R7z4zgR6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YuDB42scgN9aRkmS8KfOggAAEbIAAAAB
cache-control
no-cache
cf-ray
7312b36dea797529-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3De824e270afb0...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=54a05b8f-0d66-11ed-9b67-801844df0ab8
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dlemma
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d9f919bc-497f-49b8-b98f-8bee747d24d7&ssp=lemma
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=cead257a-d2aa-4ac9-b963-9ead2c2ed025
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=54a05b8f-0d66-11ed-9b67-801844df0ab8
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlemma%26expires%3D30%26user...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=86f4d154-084d-52d0-8d70-f7cfef90362c&ssp=lemma&expires=30&user_group=1&gdpr=&gdpr_consent=
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=cead257a-d2aa-4ac9-b963-9ead2c2ed025
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=e824e270afb04254b83e9c15f6787f5754a05b8f-0d66-11ed-9b67-801844df0ab8
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=e824e270afb04254b83e9c15f6787f5754a05b8f-0d66-11ed-9b67-801844df0ab8
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:09 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=e824e270afb04254b83e9c15f6787f5754a05b8f-0d66-11ed-9b67-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
1px-matching-admixer.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=e824e270afb04254b83e9c15f6787f57
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=e824e270afb04254b83e9c15f6787f57
43 B
130 B
Image
General
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
168.119.9.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.59.9.119.168.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=e824e270afb04254b83e9c15f6787f57
date
Wed, 27 Jul 2022 04:41:07 GMT
server
nginx
etag
W/"3bd3a01f6a6d05fc12fb3163f72cde6a2c5e8b56de28424f49b9fb8d35cb70aa"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=e824e270afb04254b83e9c15f6787f57
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z31D73EF08E74023BBA1A777E872F2E0&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=e824e270afb04254b83e9c15f6787f57
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z31D73EF08E74023BBA1A777E872F2E0&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z31D73EF08E74023BBA1A777E872F2E0&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=e824e270afb04254b83e9c15f6787f57
date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
c.html
cdn.admixer.net/scripts3/46506/ Frame E83B
738 B
405 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:06 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:25 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc30
loader2.js
scripts.go2net.com.ua/scripts3/
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Wed, 27 Jul 2022 04:41:06 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-07-27T03:34:18+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Thu, 19 May 2022 22:41:52 GMT
dsp.aspx
ads.go2net.com.ua/
7 KB
2 KB
Script
General
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4664817818377198&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%228b27fd66-17c0-4c98-3175-e3e2c3ba5bca%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22acc8e2bc-a8e4-af8f-c8f9-db997104c022%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
73292de6cdedb85b282697afecc1fff592592d043c0de5f479b8c0ea88c2571a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2066
X-Xss-Protection
0
c.html
cdn.admixer.net/scripts3/46506/ Frame 30C1
738 B
405 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:06 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:25 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc30
ptag
a.audrte.com/ Frame E0D9
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
47d536d82c051d394bbd52deb6886d69a895cc466d9fb6b19fa26a5a13a4d877

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame E0D9
566 B
521 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 26 Jul 2027 04:41:07 GMT
um
u-ams02.e-planning.net/ Frame E0D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1185be8d6f1055ff%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1185be8d6f1055ff&uid=3537742351156846993
42 B
104 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1185be8d6f1055ff&uid=3537742351156846993
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
86a1741d-10ff-4ec9-8ad5-29a6d30e9f87
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=1185be8d6f1055ff&uid=3537742351156846993
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 8897
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 27 Jul 2022 04:41:07 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B1EE
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1185be8d6f1055ff%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88447
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 28 Jul 2022 05:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame F4A8
1 KB
987 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"61ddbb71-5f5"
expires
Mon, 21 Jun 2027 11:13:51 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
20.214
x-cf-tsc
1655896432
x-cf1
29080:dB.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 75AE
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 504C
7 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c281da6b715106cdd1cabe0b633695548b9a42a72c38d1dbd7c92a60292451c0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7312b36b2dac2325-ZRH
content-encoding
br
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
media.min.js
a4p.adpartner.pro/apstc/ Frame 198A
15 KB
4 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 1A6C
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 27 Jul 2022 04:41:07 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 4E85
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=2&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
805a1011538d81274d5136104e9bcd6428d920bf094952b6ee11eb0695c3ca6d

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 27 Jul 2022 04:41:07 GMT
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame B1EE
0
42 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98836301&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1185be8d6f1055ff%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:05 GMT
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ Frame 557C
338 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6abd959d0250636ae8a8cd0367eeaefdcb459b3f1fa9a5636e9ba16aabbff08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121849
x-xss-protection
0
server
cafe
etag
5502360884321581370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:41:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220725/r20190131/ Frame D55F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220725/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
33307
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Jul 2022 19:26:00 GMT
etag
8616628553774171045
expires
Tue, 09 Aug 2022 19:26:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getuid
ib.adnxs.com/ Frame 504C
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 504C
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=f4a8c53e-575e-44d9-a932-e49bab2022ce&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=f4a8c53e-575e-44d9-a932-e49bab2022ce&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36d3f6d2325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=f4a8c53e-575e-44d9-a932-e49bab2022ce&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 504C
0
331 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 504C
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 504C
0
163 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
24
date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 varnish
server
nginx
x-timer
S1658896867.330675,VS0,VE24
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6949-MXP
u
dmp.v.fwmrm.net/ad/ Frame 504C
0
411 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:8513:7dd7:332b:6625 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 504C
0
163 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b2a3-ace6-4819-5acb-3f64edbc7f34%26reqId%3D0747de5b-3532-46c4-7efa-d5a09ffa9ce2%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=37ca7eae-6b59-4bb4-899d-65c41dee4e24&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=37ca7eae-6b59-4bb4-899d-65c41dee4e24&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36dcfda2325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=37ca7eae-6b59-4bb4-899d-65c41dee4e24&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=89362772558022773962178290293932144422&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=89362772558022773962178290293932144422&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36d7faa2325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v037-008053939.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+ylkhcDNTLM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=89362772558022773962178290293932144422&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 504C
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7124907791208937627&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-...
95 B
181 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7124907791208937627&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36d1f5d2325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7124907791208937627&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 504C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=t0YtRbu3VgP4pE3iwt4K2.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=t0YtRbu3VgP4pE3iwt4K2.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36e383a2325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:06 GMT
via
1.1 google
last-modified
Wed, 27 Jul 2022 04:41:07 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=t0YtRbu3VgP4pE3iwt4K2.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https://mwzeom.zeotap.com/mw?cid=[sas_uid]&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb...
  • https://mwzeom.zeotap.com/mw?cid=
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36e58542325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=
pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7ef...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36e98972325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.30.192
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-chGP545E2oo7rKIOy9_JrA_RF1b2fepeaQ--~A&zpartnerid=570&env=mWeb
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-chGP545E2oo7rKIOy9_JrA_RF1b2fepeaQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36e182b2325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-chGP545E2oo7rKIOy9_JrA_RF1b2fepeaQ--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=GBR&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=WCJJIPin6H8u0Qh%2BBqQywk75d2gmnJAs%2BS41iYitP1U%3D
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=WCJJIPin6H8u0Qh%2BBqQywk75d2gmnJAs%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36e383b2325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=GBR&zdid=1361&cid=WCJJIPin6H8u0Qh%2BBqQywk75d2gmnJAs%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 504C
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 504C
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-135-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1658896867
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 504C
95 B
359 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YuDB4wAB5yVJiwBC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YuDB4wAB5yVJiwBC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361&_test=YuDB4wAB5yVJiwBC
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b3702a162325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 varnish
server
Varnish
x-timer
S1658896868.807969,VS0,VE0
x-served-by
cache-lcy19281-LCY
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YuDB4wAB5yVJiwBC&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361&_test=YuDB4wAB5yVJiwBC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame 504C
0
209 B
Image
General
Full URL
https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-82.fra56.r.cloudfront.net
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 d04699b52d8873377c4b5f4e7dcf7068.cloudfront.net (CloudFront)
server
nginx/1.20.1
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
LliOuyP1r9Eh8yv8Tvi_6TTPuIbLuvzXXCdmDvq9azWHMflloZCJSQ==
x-cache
Miss from cloudfront
usermatch.gif
beacon.krxd.net/ Frame 504C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=O-0jX5qc&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
63.34.135.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-135-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1658896868
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 27 Jul 2022 04:41:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=92c0b2a3-ace6-4819-5acb-3f64edbc7f34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b370eac62325-ZRH
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame 504C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5ac...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5ac...
43 B
645 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4CY52A0A5YYM9MCQN3WN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZKXDNVJG1HX9D8BJVD7K
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 504C
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 504C
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b36ff9e52325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
date
Wed, 27 Jul 2022 04:41:07 GMT
cross-origin-resource-policy
cross-origin
content-length
0
media
a4p.adpartner.pro/ Frame 4E85
3 KB
1 KB
XHR
General
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=2&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
12105b01aca286674473ef81914ba4eb7fd909dda547d2ebbd08457c676e5cc0

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=2&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
zdorovia.com.ua_160x600_br1.html
file.adpartner.pro/2297/2297845/ Frame 674B
3 KB
1 KB
Document
General
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_89805737921554770&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D9838958080da5663594fc72f1f777da3
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"62947f06-cf9"
last-modified
Mon, 30 May 2022 08:23:34 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 3977
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 4A99
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e2c7ef85-27fe-4daa-ba36-04426f4dcd3a%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
0
pragma
no-cache
server
nginx
usync.js
eus.rubiconproject.com/ Frame 8897
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20738
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Wed, 27 Jul 2022 10:26:45 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 674B
118 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_89805737921554770&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D9838958080da5663594fc72f1f777da3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15ef0c65aa8be19d5d1d5333830902a485b3441608d24efb884353da154f5b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40083
x-xss-protection
0
server
cafe
etag
10455958532076305556
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:41:07 GMT
khaos.jpg
token.rubiconproject.com/ Frame 8897
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame EEE1
668 B
585 B
Document
General
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fa87056c1-ba30-482e-bd7e-9604ce87bfac%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY3LCJzaG93X2lkIjoiYTg3MDU2YzEtYmEzMC00ODJlLWJkN2UtOTYwNGNlODdiZmFjIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D5338717df765d55432ced9be2ccd0ff7&showId=a87056c1-ba30-482e-bd7e-9604ce87bfac&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 9AD6
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522a87056c1-ba30-482e-bd7e-9604ce87bfac%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522a87056c1-ba30-482e-bd7e-9604ce87bfac%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
0
pragma
no-cache
server
nginx
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ Frame 674B
338 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa2ce7b565d7437dd4fc2c2c904e40d206143b6a6097ec5a05d25faf581c8f2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121835
x-xss-protection
0
server
cafe
etag
8927671276667516283
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:41:07 GMT
if
a4p.adpartner.pro/tracker/ Frame 47CE
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522a87056c1-ba30-482e-bd7e-9604ce87bfac%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522a87056c1-ba30-482e-bd7e-9604ce87bfac%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
0
pragma
no-cache
server
nginx
cookie.js
partner.googleadservices.com/gampad/ Frame 557C
219 B
651 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
3beb702f860a08faa2be7fc4848a398dba0aa23844a10f8609ec3f763dae056d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
207
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 557C
107 B
165 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 557C
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 38AC
20 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e370949487f77f4ce81d2362b4a745cdad2832c5cc6c0aaa30838dd2969a7f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
10854
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 557C
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220725&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
088cfd4fab0da3f8535130139894c89cd842378da04544ee086e963222b8a95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10835
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame EEE1
118 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Fa87056c1-ba30-482e-bd7e-9604ce87bfac%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY3LCJzaG93X2lkIjoiYTg3MDU2YzEtYmEzMC00ODJlLWJkN2UtOTYwNGNlODdiZmFjIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D5338717df765d55432ced9be2ccd0ff7&showId=a87056c1-ba30-482e-bd7e-9604ce87bfac&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cf5de057e5fcf37209325a8d4f4a650209ef357c4ede29f44f46d51c5c9936b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40087
x-xss-protection
0
server
cafe
etag
1071907866567485100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:41:07 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame E0D9
49 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 20:08:41 GMT
content-encoding
gzip
etag
W/"df595edb87c4422264005b90da79ef4a"
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
age
30747
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
m4A9lrVFXLL1HnUHvUfvePOtYbjqt1BXNXTnfGDm403XSYw55HHmGQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame AC74
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"601b131c-27c"
expires
Mon, 26 Jul 2027 04:41:07 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame E41B
43 B
463 B
Document
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ABmS-bqVGTUX0usZ
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 27 Jul 2022 04:41:07 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 674B
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 674B
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EE55
79 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c11a7a39d795e0b853aeffb18440dc46617aef68582804bf60bc76caccc9178b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
30424
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 79F8
79 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bea0360538ea5b54559595972ddd9b73a5214ef99396878a920bb5595265b95c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
30499
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8897
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
GS.d
js.cookieless-data.com/ Frame AC74
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1658896867516
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/ Frame AF51
962 KB
963 KB
Image
General
Full URL
https://content.admixer.net/test1/b9302d1f-8813-4b01-bc1e-b35b3abf1984/33ed3ee9-5008-4a55-8fac-ee7027ef5e1a.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
185.46.149.20 , Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS
185-46-149-20.net.gigatrans.ua
Software
nginx /
Resource Hash
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 05 Jul 2022 13:58:02 GMT
Server
nginx
ETag
"62c4436a-f09be"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
content-range
Cache-Control
max-age=31622400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
985534
Expires
Fri, 28 Jul 2023 04:41:07 GMT
sync.html
s.adtelligent.com/ Frame E469
1 KB
1 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.207.234 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a3d9317a1b8c2aa2fb35ecb3abb1915d33bb75665a78cc9b9d04f41064600d93

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
781
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0997
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88447
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 28 Jul 2022 05:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame B9C2
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame 2D05
1 KB
1004 B
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:464:0:92e2:baff:fe11:5b68 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 70C2
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
0
407 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 27 Jul 2022 04:41:07 GMT
Etag
e1e041f8848158a6
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7312b36ef9152325-ZRH
content-length
0
date
Wed, 27 Jul 2022 04:41:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
server
cloudflare
csync
sync.adtelligent.com/ Frame 7494
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
0
390 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 27 Jul 2022 04:41:07 GMT
Etag
e1e041f8848158a6
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
423c5fe9-99d0-4ecc-8655-0335e3828e80
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
/
ads.us.e-planning.net/uspd/1/ Frame 96BD
1 KB
847 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ad054d7a20f50c7a7554bb6bc954e76da8c7bbe43d499aaa6e3c6fbe903d7944

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
Wed, 27 Jul 2022 04:41:07 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-745
d
ic.tynt.com/r/ Frame 4E02
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame 931A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3537742351156846993
0
390 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3537742351156846993
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
e1e041f8848158a6
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
e9e1a8ef-b949-45d9-8795-13cd92769cdd
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3537742351156846993
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
vid.vidoomy.com/ Frame 931A
0
0
Image
General
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

csync
sync.adtelligent.com/ Frame 931A
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1e238c9e-fa76-43e6-ac8c-74e1953411e9
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1e238c9e-fa76-43e6-ac8c-74e1953411e9
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
e1e041f8848158a6
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1e238c9e-fa76-43e6-ac8c-74e1953411e9
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
17siju3ogppnv9cjqie478v0m122mr8m
pixel
ap.lijit.com/ Frame 931A
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:07 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 931A
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
e1e041f8848158a6
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame 931A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1658896867636
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1941149148
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1941149148
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
RX8b10a03256fb4862a90540bcb2a4f76c003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1941149148
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 931A
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ecfac498-3979-471e-b65e-993bf14ef236
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ecfac498-3979-471e-b65e-993bf14ef236
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
e1e041f8848158a6
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ecfac498-3979-471e-b65e-993bf14ef236
date
Wed, 27 Jul 2022 04:41:07 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 931A
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=e824e270afb04254b83e9c15f6787f57
0
403 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
0

Redirect headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=e824e270afb04254b83e9c15f6787f57
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ Frame EEE1
338 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false&bust=31068562
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e2b746bc7d2ab132d36c20d63e4cd2cfb10d91fbf9322cd4a05c15050b8b976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121852
x-xss-protection
0
server
cafe
etag
1494534945390552919
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:41:07 GMT
media
a4p.adpartner.pro/ Frame 0CBF
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
sync
t.adx.opera.com/
35 B
375 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cm-notify
creativecdn.com/
42 B
243 B
Image
General
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT, Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=533&code=e824e270afb04254b83e9c15f6787f57
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b4b120a-bd1b-4cbe-ab75-f08672daef78
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/
42 B
510 B
Image
General
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=e824e270afb04254b83e9c15f6787f57&redir=[RED]
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
onetag-sys.com/usync/ Frame 4F8A
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4664817818377198&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%228b27fd66-17c0-4c98-3175-e3e2c3ba5bca%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22acc8e2bc-a8e4-af8f-c8f9-db997104c022%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame 56D1
3 KB
2 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4664817818377198&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%228b27fd66-17c0-4c98-3175-e3e2c3ba5bca%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22acc8e2bc-a8e4-af8f-c8f9-db997104c022%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.207.234 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e289e12a00971b53287bb4ca068d74e259157372d5ed5051f32fec59559eafbf

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1272
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
Adtelligent
X-Robots-Tag
noindex
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 61F4
1 KB
874 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=4664817818377198&cpv=07191512-bab5-b302-dc5d-52c32cbe8e94&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%228b27fd66-17c0-4c98-3175-e3e2c3ba5bca%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22acc8e2bc-a8e4-af8f-c8f9-db997104c022%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5e6dc903eea7912a86fe1321cdb1428d931d39dc75adeec77e40cb07f5aae611

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
Wed, 27 Jul 2022 04:41:07 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-745
ev_view.aspx
ads.go2net.com.ua/
43 B
300 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=e824e270afb04254b83e9c15f6787f57&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=202ba545-8531-42bd-97ae-bc52abf98c7a&hp=1048539382&page=zdorovia.com.ua%2F&pvid=6bddf706-01f9-4edf-adb7-0c95caa18dce&inst=ADS-EU-6&ts=637944936675028138&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
pixel
ap.lijit.com/
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:07 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sfaf25.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
admixer-sync
rtb.com.ru/
0
240 B
Image
General
Full URL
https://rtb.com.ru/admixer-sync?uid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.186 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
mmr445.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
ImgSync
image8.pubmatic.com/AdServer/
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:06 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3De824e270afb04254b83e9c15f6787f57
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 557C
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 04:41:07 GMT
ptag
a.audrte.com/ Frame 96BD
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
47d536d82c051d394bbd52deb6886d69a895cc466d9fb6b19fa26a5a13a4d877

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 96BD
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 26 Jul 2027 04:41:07 GMT
um
u-ams02.e-planning.net/ Frame 96BD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D42966876e79418d6%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
42 B
103 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fbb5225d-3897-462e-a16e-80d98febaf3f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 13A2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 27 Jul 2022 04:41:07 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6C3A
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D42966876e79418d6%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88447
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 28 Jul 2022 05:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame F6F8
1 KB
987 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"61ddbb71-5f5"
expires
Mon, 21 Jun 2027 11:13:51 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
20.214
x-cf-tsc
1655896432
x-cf1
29080:dB.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame FD5C
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A5AD
322 B
664 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99911641549a16137cd83a30cf1769beb4cb0b3ee2e94506bfdd0fa8e537545

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7312b36ed8f22325-ZRH
content-encoding
br
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
ptag
a.audrte.com/ Frame 61F4
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
47d536d82c051d394bbd52deb6886d69a895cc466d9fb6b19fa26a5a13a4d877

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 61F4
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 26 Jul 2027 04:41:07 GMT
um
u-ams02.e-planning.net/ Frame 61F4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D42966876e79418d6%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
42 B
103 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1651c32c-59ae-4658-8dd7-eae00a446006
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame FFC2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 27 Jul 2022 04:41:07 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2CE6
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D42966876e79418d6%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88447
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 28 Jul 2022 05:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D268
1 KB
987 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"61ddbb71-5f5"
expires
Mon, 21 Jun 2027 11:13:51 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
20.214
x-cf-tsc
1655896432
x-cf1
29080:dB.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame F5B7
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 5A65
322 B
676 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613c912db17259db955bdaaaa31857512b40a64f5fcbccd67c608bbd9ce1a79c

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7312b36ef90a2325-ZRH
content-encoding
br
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
integrator.js
adservice.google.co.uk/adsid/ Frame EEE1
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false&bust=31068562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EEE1
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false&bust=31068562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 412F
603 B
65 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820317&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867540&bpp=11&bdt=125&idt=122&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=1398804408309&frm=8&ife=1&pv=2&ga_vid=1084366611.1658896868&ga_sid=1658896868&ga_hid=1842642287&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1915221423&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763506%2C31067983%2C31068562%2C44769950&oid=2&pvsid=148654356446242&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.z97diytet2o2&fsb=1&dtd=140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false&bust=31068562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=e824e270afb04254b83e9c15f6787f57&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=efef1cce-378e-4eb6-9921-0b0d7a0a4f41&hp=1048539382&page=zdorovia.com.ua%2F&pvid=9d104050-06f6-4747-9f07-576948c777f5&inst=ADS-EU-6&ts=637944936665393492&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=e824e270afb04254b83e9c15f6787f57&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&device=28&rule=AC37E472-A7BC-417C-9557-81E776BB6B82&requestId=17c29bd2-e2d9-45ab-8a25-e564a19eb497&hp=1048539382&page=zdorovia.com.ua%2F&segments=5%2C1%2C490&ts=637944936665393492&ap=MA%3D%3D&asign=486856189&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&sync=88&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=5D3CBAA6-D0E0-46E1-BCB3-F86C6C80C2F1&inst=ADS-EU-6&pxl=0&pvid=9d104050-06f6-4747-9f07-576948c777f5&ip=217.138.196.109&item=58A999AB-FCB6-49A0-8F11-2519D7D53A56&crid=58A999AB-FCB6-49A0-8F11-2519D7D53A56&size=300x250&profile=01AC75C7-DAC0-4514-9393-6F973B39E04C&isopt=0&adv=N%2FA&dsp=Admixer+Display&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fbattlefront.vogue.ua%2Fen&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0&hold=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
mw
mwzeom.zeotap.com/ Frame A5AD
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=ff1b8035-0c02-4639-4c18-a6218975f999&zdid=1361
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=ff1b8035-0c02-4639-4c18-a6218975f999&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b3705a432325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=ff1b8035-0c02-4639-4c18-a6218975f999&zdid=1361
date
Wed, 27 Jul 2022 04:41:07 GMT
cross-origin-resource-policy
cross-origin
content-length
0
logcz.aspx
ads.go2net.com.ua/
0
220 B
Image
General
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
usync.js
eus.rubiconproject.com/ Frame 13A2
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20738
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Wed, 27 Jul 2022 10:26:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38AC
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AvNgxgFeAb7LjeKNoXki6FHR8pKyPpOhlm1stzyljg99ji-IWl_z6ME0Ys3fhkWWTKlhCv3xQRf_6KrUixmf40H5wInbMZjlVANjvKBekbpwDka8Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/1043867/63145716/dcm/ Frame 38AC
228 KB
70 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1043867/63145716/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.3.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-3-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
107a950e115d98f1054b2fc923ab82288792271f81827d87cee62271f171d719

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame 38AC
47 KB
13 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=52321546355&placementId=424694235&dealId=549644393847897261&adsafe_par&impId=ABAjH0jckQt4xLYtcR3q26IJWiKt&bidurl=http://zdorovia.com.ua/
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.145.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-145-3.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
495424ded4cac179a7c8c091f35faa36b36c1a42c29d8e92b928ad023dec538a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 38AC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2375
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:01:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 38AC
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7476
x-xss-protection
0
server
cafe
etag
17790590548613106194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:28:08 GMT
l
www.google.com/ads/measurement/ Frame 38AC
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7Zw4JSJlow4zj0ZrVc5U1uQn6JnXjOU9_DFwXgi3LdVO8N27R3otBvqkKaQzUIGkJfD9Bh9v3a0jKCQL6qtHVzW7lxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 38AC
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43394
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658749242091060"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 04:41:07 GMT
mw
mwzeom.zeotap.com/ Frame 5A65
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=eb348fee-9aa0-40a1-5dce-7b09c32606b9&zdid=1361
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=eb348fee-9aa0-40a1-5dce-7b09c32606b9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b3707a572325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=eb348fee-9aa0-40a1-5dce-7b09c32606b9&zdid=1361
date
Wed, 27 Jul 2022 04:41:07 GMT
cross-origin-resource-policy
cross-origin
content-length
0
media.min.js
a4p.adpartner.pro/apstc/ Frame 0CBF
15 KB
4 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store no-transform
last-modified
Tue, 15 Mar 2022 16:47:24 GMT
server
nginx
content-encoding
br
etag
W/"6230c31c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 489A
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 27 Jul 2022 04:41:08 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 0101
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=3&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
a617d51244d828daed8863ee87b550f26372937a064b6e151414c8e30265d338

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 27 Jul 2022 04:41:07 GMT
server
nginx
usync.js
eus.rubiconproject.com/ Frame FFC2
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20738
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Wed, 27 Jul 2022 10:26:45 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame EE55
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
401
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:34:26 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/ Frame EE55
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9370
x-xss-protection
0
server
cafe
etag
6407886451032183137
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:27:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame EE55
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 03:54:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 03:54:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE55
138 KB
42 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43394
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658749242091060"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 04:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame EE55
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7476
x-xss-protection
0
server
cafe
etag
17790590548613106194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:28:08 GMT
l
www.google.com/ads/measurement/ Frame EE55
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlTeFhybmNIuL6MwJCXvNAY7VbF2mtTmQhk0vQUmdW_pPQz5UlBR1-OSWejOvt90Si2f-CNTt4RWkbjk1d0O3i8AtowQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ab4c532c1fbaba50606c7d3c45560ace.js
www.gstatic.com/mysidia/ Frame EE55
30 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/ab4c532c1fbaba50606c7d3c45560ace.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 23:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12814
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 22:37:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 18 Oct 2022 23:14:02 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5DF5
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGNujwcoBMAE&v=APEucNUn9Jpxjus1XhM8ZZpnse-jLc6Bp4N57PD1drLxnjdRKHCsD1OtP6Qhpw5yk6l_tLv3ZEd1-CLGOtbA8XnXk8SI4JsTEk_PRD4iqjeSf1JpNedyuZfkX9cHeAFcba2rhihnEVw-SO--I6YYLg-qmnzN6IupjkcNeP8lbV54CCgcN3RRkYU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 38AC
27 KB
16 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An6hm0HacVe_d9TxxPFh-iOh2Ely3ZPyWtsOCNBCPN3fNxfj1AGwpTEt2qopbjETwpXB6mbsmS33wT3GpKf6zii3K1Z59w5y9GO0rX7Q2ApWN9S3szpgOC9EPbCZ0Vu4OuZA0DeCe_4RMRShGJQojoU-zz2g&cry=1&dbm_d=AKAmf-Dx4tS9qRpA7jDUmBxMZzZkezbyxY8LoHU2PcmavpxXwCDRuvSPA-IYbofxiXC6bJu4KKBmr7-7jlXrbjrtGxcq7G2H7EaggavqNuvBh69Q4mOorwLUT57M8A9GiSeXXuSJHl8tMJCWxWt1O0oVGiyP7A-AFcVwfIC45VGfzJ7dvX7zpRLkZDZWDlaio7uM172bq4kfiTjYkEPol1e51sP7UQkkwN1j44ZaWa1LQI-lV0NmkcsuXskQj_5Kh9LDxYXV9TfTEYVqqX6ihcRT3TLnK5PTrhbMu57nZNBOp4kkj7VFcBPO3tSNeRlAyOCRXHPWwgodq1ejXXSm2ii6AyBJD1ux96noKaUZUjoykpD6u3WwxJIezUfLwDUzGD4zvSW9A7Nw7IJbHbiOHTi5hV8KwiGbzGdWmVJkksznWWrx1PEq8kpiYjMyBFfWTnVftLdeB6xjtPWpLau6EiYT840S90QpO0ySTKKaQJfy9CK-S4KNVeE2rVC_aK9QLAXxk1KN3QjzO8X3OSF80o7P3YDGgWSv_n59CQ_StqDTq9xqFnoGJORsSGFpovid7VZQaVGe02kYz6l5YfGCBZkk6sGpIfR8f90ZDT4S__qGl6hQN7k1oL-2ioXRJ5FFr8Eyf7xTvqOiaLjzQAcKB6WlUfMBWLFmL8sAgER8X5aCqNsvFQB68UlAOJe_MEXO3TJK2i18-lrOlmRnMwkw14C3opzsQX0Wfn9lC-SrvMFrCLHz2MaDgYH-BqIegMv8gamV579RMI-LkW58BHa2yYZc-AEkOxCbRz5t7witxKE-F6_ilSo1iUYXHr7VH4YEPRaLa_KaZYblGZqhuWuD3NjbjCSlWIhCIAx8BePdxZ574cvK1lTWCXXyAeI7FU4FD-NPHcUacBI-n65BuKgB5FmyYnlDDoNVBRq46q5ZDYo0pEGVSbhwbqMKWLekkF3lwECcNsscASHYvTKEM30nbMqkuaxUqfjEFERZ_eDbSDOQILR9ilPut3KD70rI7BqPAliv3XdcU8JaFtZCkwREgh4EB5Z_NcypfnZc1mGkx2I0XQaqbB1uD6CrmLDfxqj62oPRwP8KSGOZwbRmSACk5BE9ergjX-40TZJdl3EZqEfhYsJrlhChZOIuBBis1uLjMTtyQ2ggD5kzQKnHOZ-uq-ZbVdKDmy9fHzaP4gQvz0KVUDmEhqIqeIktMZI4bbzspql4sW_Zo0n6bqiKsSbjU6Kz1bImSo2jivIavPDQcauTB-KVWduGA70xgg2XgIxP0U6IcRVaYEttkVVmTlHcIT39c5gRpE45RDw6Q6sW5Yz1c7xEX770YaomSh-Nx_wp01rUbSPuc4fcgJ93mDXxeLkwm27nsTp_BOXCUCRkHJ14uj2fGvq2DVEZw5YvDw1jUp_AzM5F9CHOHlK8HGIxA5sQlROQ_mmoUZWfOwJZ3jNLUGZwQcwO8zUizQwbaLDGOBzUwQPX5hOAEubomHsdzCE_swK2kaIe3JO8BHe4kBAMFmiLgVcb7EKObDbUPSQ-8PHh0rwGJDlsdFvtfyujrRdKCJcgw2UB9gM1FuC_i83l58o9dgMsGkbTo6HBl8w7uXydphyrpX1yGgLDi-gBBetQe0TmadDJtS8U4kf_uns1RcjUMCSd3tZL9AA2nVvmMP8uNvBWxslC3kUVaOIzOARdo1yzr9JVk6XtdmvyTOvHmOWMbIRf98h5Z_GaRyReYHi0jg9GSiwXFbNcLt93uNCwHY5peNrkPPeQwMzHT68IbI__Vkg0fxHddm9Kg9PXZ_DJUNhxAk2lL7ZggYLhXo1VlBZIY6FOv1nYNKy_SKnQaB0nT_zkgMIZzQ6AgnLqYv93OZQ5iXoT_0ajf9i29qojNBWlh0BKlTpTeCuOx5FAOVzxXo1BgjqGxS92eDnoIfFeJvaYd_oNZghFHfOBAk9bYSKRVpSfjjwAp_aTrzMgN3TWuUbx-DqCvFAlvs6sItrpwCYAwhjcbjYIrHgex2tg2ZIyAiv7vd1-9KlceM9IGdEr1JtthFi5NFruiFqNZWdNsH41ZS5n28MqK2xDikj8t_UzfADMVCzI76GBOr8keHYZBmtwOU0YBcKNVx3_azRr0jN8o0US-dxkxqgylAl_IYpWwYICsOS3RGsWyYmCJkDY-7vUirOK8PqY1JZTOxKhOJh73Q6trEyuK7zqgj9_DbOO6bZ34cbx_YnaSG5uphKRme7ECAoNOBwwxe6DP7tc56Ko3KcprBgt5jkSyYgzAqKi-LMaicHbRygsUrFqE25hA2XQ3zYZEo-8KhtGeNeKdX-sjCgpp6EAvQVR5Z1GGhHlHZWccX_py1jsLfrX7gnVSvz8rrbjU0S9qrxotvUGNPFdr-VGmSaLLJyV1SLwo9At7YIdhJVUzIYaHEZnDbmbHl7VvG4juauYuZ08tpLBZgL63ydv5qU0iDkxdppSV8mgW6yTBHNkK9vVfVyZBBfqt0FbX_XtdtP37D1MSnYqu1mlZ4lqNXaZ-ccyIBoFguhXFYgxF91Rxx5n6f76G7RQdZhvLLnC99v0iM_6XKQEgFG1pLMZJzb112kqfTufsz8oUzf-ji-UG11VqHlpp42KpObTEZhgXdHeiCBAfNr_9PuAhRivM2l7Ty4oM-X00J2MO1F2u0Ek5m2v0sHDipG_bFh7zgQyeqWQRFH9bHWLOQnJhlkphv1nYWCqnzGTkrW_RIhmNepOqh5lCSrqp_dk6vQeOWaslFYaY2_KSNdq557udrf1W_lI2n3VF0zXNRSZSPWTAVgQucCNo9pCdnteLQ9Bxnj6CmYx_x0hGZJ5aT9XCFHJlLh4Qkd35vRUnuPkj96T9PCmcIsvwCip8RPlE1kNfAFKnS71ptUJgtJJcfGkUqgMO51DW6aSJMJiPCpbjaQvk89EidAil-joTsQ0rxa7EL44qz-TbD9-rEyKKyvhVCv0tW0Z2SujF9oVsAZOdB_FNum9sVSrfdWqfguQ9-7UdN-gFw0MPgVuPrE4gv2yDcCifYx_X8WtOFo03oxvNwrjEkLGF3p-4eCjsCISdESsAqMEgjOlIYEtHqBnbkHS5UBjmE_TU_JvehpoTI8erHRDI01WBsDZZ6KLaEHb2zq07252EyQxC5ZcWBwXR6LurgadeWzYRkEUF8X-RILngJa4klwSMUQjCir4PYU230r97bUOiDu-OUQz7siv1pY1vmdH19rKbhjPFT9-AQnjz88EEGSuJo2ydkgja2AmuI56hnu8BVt-XB73lon3CY4mw4dsO5ixQIe6G8HcEVb58KuiuwHv-SGlHczotuTRzGlWTHE&cid=CAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56b6ef07c6ed9066840f4d57d9390a9e2f5bd9c374db01a5609be23fd08f4529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16584
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 96BD
49 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 20:08:41 GMT
content-encoding
gzip
etag
W/"df595edb87c4422264005b90da79ef4a"
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
age
30747
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
jV3GWVyxmO5bhHcRGLIyBxcKlRLgs_M8WZuv9YgLVlO7GIdUDTaDvg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 332C
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"601b131c-27c"
expires
Mon, 26 Jul 2027 04:41:07 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame ED8C
0
387 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABmS-bqVGTUX0usZ
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 27 Jul 2022 04:41:07 GMT
Etag
909b26b72718bd03
Server
VertaMedia 1.0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 79F8
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1178
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:21:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/ Frame 79F8
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9370
x-xss-protection
0
server
cafe
etag
6407886451032183137
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:27:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 79F8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 03:54:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 03:54:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 79F8
138 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43394
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658749242091060"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 04:41:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/ Frame 79F8
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220725/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7476
x-xss-protection
0
server
cafe
etag
17790590548613106194
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:28:08 GMT
l
www.google.com/ads/measurement/ Frame 79F8
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ93I1DBZGu4Y6zNMR91puXeR2OHIPG2V7uxlsQ3nL3ZaXWvEMxaa1Z87mDt-1Y_wuc_BTy-aUsxFcWO6MIuXtEdbuDpA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ab4c532c1fbaba50606c7d3c45560ace.js
www.gstatic.com/mysidia/ Frame 79F8
30 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/ab4c532c1fbaba50606c7d3c45560ace.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 23:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12814
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 22:37:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 18 Oct 2022 23:14:02 GMT
usync.html
eus.rubiconproject.com/ Frame FD71
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 27 Jul 2022 04:41:07 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 4AF2
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 841E
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88447
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 28 Jul 2022 05:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame E469
43 B
323 B
Image
General
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
e1e041f8848158a6
Content-Length
43
Content-Type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame 13A2
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 61F4
49 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 20:08:41 GMT
content-encoding
gzip
etag
W/"df595edb87c4422264005b90da79ef4a"
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
age
30747
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
YkU80mOQ_wrXFNrxMGpn0PFMKSALVHhaKhAntp4i3J2BWZjVDIHmkw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 9FC3
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"601b131c-27c"
expires
Mon, 26 Jul 2027 04:41:07 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
adxcm.aspx
inv-nets.admixer.net/ Frame F9DD
43 B
463 B
Document
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=ABmS-bqVGTUX0usZ
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 27 Jul 2022 04:41:07 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C772
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
33539
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Jul 2022 19:22:08 GMT
expires
Wed, 26 Jul 2023 19:22:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 34AF
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
79f456d547cc724971e9afb0e72f958b88febe39483b76d7855ed04157604377
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Cs27MPc__zIfZG4OBzsPLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Cs27MPc__zIfZG4OBzsPLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
Wed, 27 Jul 2022 04:41:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
khaos.jpg
token.rubiconproject.com/ Frame FFC2
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
/
onetag-sys.com/usync/ Frame 5B1F
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame D841
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
0
390 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 27 Jul 2022 04:41:07 GMT
Etag
e1e041f8848158a6
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
7ee909c5-009f-4176-9f73-703a46f6f2b4
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=3537742351156846993
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
d
ic.tynt.com/r/ Frame E816
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Wed, 27 Jul 2022 04:41:08 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
generic
match.adsrvr.org/track/cmf/ Frame 56D1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7428937989
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7428937989
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
RX8b10a03256fb4862a90540bcb2a4f76c003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7428937989
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 56D1
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ecfac498-3979-471e-b65e-993bf14ef236
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ecfac498-3979-471e-b65e-993bf14ef236
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=ecfac498-3979-471e-b65e-993bf14ef236
date
Wed, 27 Jul 2022 04:41:07 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 00BB
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88447
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 28 Jul 2022 05:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 56D1
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1e238c9e-fa76-43e6-ac8c-74e1953411e9
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1e238c9e-fa76-43e6-ac8c-74e1953411e9
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1e238c9e-fa76-43e6-ac8c-74e1953411e9
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
as1j1mmukhhkfjbcl3msd7oselkouloi
/
ads.us.e-planning.net/uspd/1/ Frame 1DF4
1 KB
847 B
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ad054d7a20f50c7a7554bb6bc954e76da8c7bbe43d499aaa6e3c6fbe903d7944

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
expires
Wed, 27 Jul 2022 04:41:07 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-745
csync
sync.adtelligent.com/ Frame 56D1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3537742351156846993
0
390 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3537742351156846993
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
353b507e-592f-4a3e-a279-6fd564408b4e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=3537742351156846993
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.html
s.console.adtarget.com.tr/ Frame 783C
1 KB
1004 B
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:464:0:92e2:baff:fe11:5b68 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:09 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 0361
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
0
407 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 27 Jul 2022 04:41:07 GMT
Etag
909b26b72718bd03
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7312b3712f830225-ZRH
content-length
0
date
Wed, 27 Jul 2022 04:41:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=abfe110a-bc9a-4cec-aceb-afb183f119a8
server
cloudflare
sync.html
s.adtelligent.com/ Frame E0AA
1 KB
1 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.207.234 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 56D1
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
0
407 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame 56D1
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=e824e270afb04254b83e9c15f6787f57
0
403 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=e824e270afb04254b83e9c15f6787f57
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
0

Redirect headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=e824e270afb04254b83e9c15f6787f57
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
pixel
ap.lijit.com/ Frame 56D1
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:07 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
vid.vidoomy.com/ Frame 56D1
0
0
Image
General
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

rum
dsum-sec.casalemedia.com/ Frame 5DF5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBh2dPpw-fpH3VRM2kRT8k&google_cver=1
43 B
964 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBh2dPpw-fpH3VRM2kRT8k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGNujwcoBMAE&v=APEucNUn9Jpxjus1XhM8ZZpnse-jLc6Bp4N57PD1drLxnjdRKHCsD1OtP6Qhpw5yk6l_tLv3ZEd1-CLGOtbA8XnXk8SI4JsTEk_PRD4iqjeSf1JpNedyuZfkX9cHeAFcba2rhihnEVw-SO--I6YYLg-qmnzN6IupjkcNeP8lbV54CCgcN3RRkYU
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7312b3716b4f71b4-LHR
pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3R46GFLTQ53J%2FDF%2BZaf%2B%2F5tvdsGS78v9Iqhq1DAR9LRwbS14CV3Dh3Ka%2FLjt1CF8VlYa9WZgNL7dyyNMeGzX9D%2BRbNMSeRmx%2B6%2FjBqxMzWiZvF2ylpj7tpWSBjy2aV14XkoB0pn%2BDWJ%2Fig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBh2dPpw-fpH3VRM2kRT8k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5DF5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuDB42scgN9aRkmS8KfOggAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBh2dPpw-fpH3VRM2kRT8k&google_cver=1
43 B
945 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBh2dPpw-fpH3VRM2kRT8k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGNujwcoBMAE&v=APEucNUn9Jpxjus1XhM8ZZpnse-jLc6Bp4N57PD1drLxnjdRKHCsD1OtP6Qhpw5yk6l_tLv3ZEd1-CLGOtbA8XnXk8SI4JsTEk_PRD4iqjeSf1JpNedyuZfkX9cHeAFcba2rhihnEVw-SO--I6YYLg-qmnzN6IupjkcNeP8lbV54CCgcN3RRkYU
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
7312b3731a0088b3-LHR
pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPusvV4J2uc3JtnrafW0zzOXV%2Fbs6ksiuIuujDBABzQ1tOTtT8U3ZykcMwF9cwHWRv%2BSfOwsib6zMySfEIeczgVvpdj%2FUO0MpN9sGE%2F0LXji8d1ZNJsURO9Pte%2FsbCkd83eGAB8Szj1tAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBBh2dPpw-fpH3VRM2kRT8k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5DF5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECwQ7Syb8hL4OomX9lpQesc&google_cver=1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECwQ7Syb8hL4OomX9lpQesc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGNujwcoBMAE&v=APEucNUn9Jpxjus1XhM8ZZpnse-jLc6Bp4N57PD1drLxnjdRKHCsD1OtP6Qhpw5yk6l_tLv3ZEd1-CLGOtbA8XnXk8SI4JsTEk_PRD4iqjeSf1JpNedyuZfkX9cHeAFcba2rhihnEVw-SO--I6YYLg-qmnzN6IupjkcNeP8lbV54CCgcN3RRkYU
Protocol
HTTP/1.1
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:08 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d099fcc-fbd6-4e3b-a538-756f4d7f52d7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECwQ7Syb8hL4OomX9lpQesc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5DF5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUzNzc0MjM1MTE1Njg0Njk5Mw%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUzNzc0MjM1MTE1Njg0Njk5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGNujwcoBMAE&v=APEucNUn9Jpxjus1XhM8ZZpnse-jLc6Bp4N57PD1drLxnjdRKHCsD1OtP6Qhpw5yk6l_tLv3ZEd1-CLGOtbA8XnXk8SI4JsTEk_PRD4iqjeSf1JpNedyuZfkX9cHeAFcba2rhihnEVw-SO--I6YYLg-qmnzN6IupjkcNeP8lbV54CCgcN3RRkYU
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
838487da-d8b3-4899-b438-084e9da505ed
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUzNzc0MjM1MTE1Njg0Njk5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
GS.d
js.cookieless-data.com/ Frame 332C
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1658896867958
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:07 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
media
a4p.adpartner.pro/ Frame 0101
3 KB
1 KB
XHR
General
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=3&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
4c790adbed79d5101afa77fb76c05192d6e35e6e7509b91b6db8e288699534df

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=3&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/ Frame 38AC
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An6hm0HacVe_d9TxxPFh-iOh2Ely3ZPyWtsOCNBCPN3fNxfj1AGwpTEt2qopbjETwpXB6mbsmS33wT3GpKf6zii3K1Z59w5y9GO0rX7Q2ApWN9S3szpgOC9EPbCZ0Vu4OuZA0DeCe_4RMRShGJQojoU-zz2g&cry=1&dbm_d=AKAmf-Dx4tS9qRpA7jDUmBxMZzZkezbyxY8LoHU2PcmavpxXwCDRuvSPA-IYbofxiXC6bJu4KKBmr7-7jlXrbjrtGxcq7G2H7EaggavqNuvBh69Q4mOorwLUT57M8A9GiSeXXuSJHl8tMJCWxWt1O0oVGiyP7A-AFcVwfIC45VGfzJ7dvX7zpRLkZDZWDlaio7uM172bq4kfiTjYkEPol1e51sP7UQkkwN1j44ZaWa1LQI-lV0NmkcsuXskQj_5Kh9LDxYXV9TfTEYVqqX6ihcRT3TLnK5PTrhbMu57nZNBOp4kkj7VFcBPO3tSNeRlAyOCRXHPWwgodq1ejXXSm2ii6AyBJD1ux96noKaUZUjoykpD6u3WwxJIezUfLwDUzGD4zvSW9A7Nw7IJbHbiOHTi5hV8KwiGbzGdWmVJkksznWWrx1PEq8kpiYjMyBFfWTnVftLdeB6xjtPWpLau6EiYT840S90QpO0ySTKKaQJfy9CK-S4KNVeE2rVC_aK9QLAXxk1KN3QjzO8X3OSF80o7P3YDGgWSv_n59CQ_StqDTq9xqFnoGJORsSGFpovid7VZQaVGe02kYz6l5YfGCBZkk6sGpIfR8f90ZDT4S__qGl6hQN7k1oL-2ioXRJ5FFr8Eyf7xTvqOiaLjzQAcKB6WlUfMBWLFmL8sAgER8X5aCqNsvFQB68UlAOJe_MEXO3TJK2i18-lrOlmRnMwkw14C3opzsQX0Wfn9lC-SrvMFrCLHz2MaDgYH-BqIegMv8gamV579RMI-LkW58BHa2yYZc-AEkOxCbRz5t7witxKE-F6_ilSo1iUYXHr7VH4YEPRaLa_KaZYblGZqhuWuD3NjbjCSlWIhCIAx8BePdxZ574cvK1lTWCXXyAeI7FU4FD-NPHcUacBI-n65BuKgB5FmyYnlDDoNVBRq46q5ZDYo0pEGVSbhwbqMKWLekkF3lwECcNsscASHYvTKEM30nbMqkuaxUqfjEFERZ_eDbSDOQILR9ilPut3KD70rI7BqPAliv3XdcU8JaFtZCkwREgh4EB5Z_NcypfnZc1mGkx2I0XQaqbB1uD6CrmLDfxqj62oPRwP8KSGOZwbRmSACk5BE9ergjX-40TZJdl3EZqEfhYsJrlhChZOIuBBis1uLjMTtyQ2ggD5kzQKnHOZ-uq-ZbVdKDmy9fHzaP4gQvz0KVUDmEhqIqeIktMZI4bbzspql4sW_Zo0n6bqiKsSbjU6Kz1bImSo2jivIavPDQcauTB-KVWduGA70xgg2XgIxP0U6IcRVaYEttkVVmTlHcIT39c5gRpE45RDw6Q6sW5Yz1c7xEX770YaomSh-Nx_wp01rUbSPuc4fcgJ93mDXxeLkwm27nsTp_BOXCUCRkHJ14uj2fGvq2DVEZw5YvDw1jUp_AzM5F9CHOHlK8HGIxA5sQlROQ_mmoUZWfOwJZ3jNLUGZwQcwO8zUizQwbaLDGOBzUwQPX5hOAEubomHsdzCE_swK2kaIe3JO8BHe4kBAMFmiLgVcb7EKObDbUPSQ-8PHh0rwGJDlsdFvtfyujrRdKCJcgw2UB9gM1FuC_i83l58o9dgMsGkbTo6HBl8w7uXydphyrpX1yGgLDi-gBBetQe0TmadDJtS8U4kf_uns1RcjUMCSd3tZL9AA2nVvmMP8uNvBWxslC3kUVaOIzOARdo1yzr9JVk6XtdmvyTOvHmOWMbIRf98h5Z_GaRyReYHi0jg9GSiwXFbNcLt93uNCwHY5peNrkPPeQwMzHT68IbI__Vkg0fxHddm9Kg9PXZ_DJUNhxAk2lL7ZggYLhXo1VlBZIY6FOv1nYNKy_SKnQaB0nT_zkgMIZzQ6AgnLqYv93OZQ5iXoT_0ajf9i29qojNBWlh0BKlTpTeCuOx5FAOVzxXo1BgjqGxS92eDnoIfFeJvaYd_oNZghFHfOBAk9bYSKRVpSfjjwAp_aTrzMgN3TWuUbx-DqCvFAlvs6sItrpwCYAwhjcbjYIrHgex2tg2ZIyAiv7vd1-9KlceM9IGdEr1JtthFi5NFruiFqNZWdNsH41ZS5n28MqK2xDikj8t_UzfADMVCzI76GBOr8keHYZBmtwOU0YBcKNVx3_azRr0jN8o0US-dxkxqgylAl_IYpWwYICsOS3RGsWyYmCJkDY-7vUirOK8PqY1JZTOxKhOJh73Q6trEyuK7zqgj9_DbOO6bZ34cbx_YnaSG5uphKRme7ECAoNOBwwxe6DP7tc56Ko3KcprBgt5jkSyYgzAqKi-LMaicHbRygsUrFqE25hA2XQ3zYZEo-8KhtGeNeKdX-sjCgpp6EAvQVR5Z1GGhHlHZWccX_py1jsLfrX7gnVSvz8rrbjU0S9qrxotvUGNPFdr-VGmSaLLJyV1SLwo9At7YIdhJVUzIYaHEZnDbmbHl7VvG4juauYuZ08tpLBZgL63ydv5qU0iDkxdppSV8mgW6yTBHNkK9vVfVyZBBfqt0FbX_XtdtP37D1MSnYqu1mlZ4lqNXaZ-ccyIBoFguhXFYgxF91Rxx5n6f76G7RQdZhvLLnC99v0iM_6XKQEgFG1pLMZJzb112kqfTufsz8oUzf-ji-UG11VqHlpp42KpObTEZhgXdHeiCBAfNr_9PuAhRivM2l7Ty4oM-X00J2MO1F2u0Ek5m2v0sHDipG_bFh7zgQyeqWQRFH9bHWLOQnJhlkphv1nYWCqnzGTkrW_RIhmNepOqh5lCSrqp_dk6vQeOWaslFYaY2_KSNdq557udrf1W_lI2n3VF0zXNRSZSPWTAVgQucCNo9pCdnteLQ9Bxnj6CmYx_x0hGZJ5aT9XCFHJlLh4Qkd35vRUnuPkj96T9PCmcIsvwCip8RPlE1kNfAFKnS71ptUJgtJJcfGkUqgMO51DW6aSJMJiPCpbjaQvk89EidAil-joTsQ0rxa7EL44qz-TbD9-rEyKKyvhVCv0tW0Z2SujF9oVsAZOdB_FNum9sVSrfdWqfguQ9-7UdN-gFw0MPgVuPrE4gv2yDcCifYx_X8WtOFo03oxvNwrjEkLGF3p-4eCjsCISdESsAqMEgjOlIYEtHqBnbkHS5UBjmE_TU_JvehpoTI8erHRDI01WBsDZZ6KLaEHb2zq07252EyQxC5ZcWBwXR6LurgadeWzYRkEUF8X-RILngJa4klwSMUQjCir4PYU230r97bUOiDu-OUQz7siv1pY1vmdH19rKbhjPFT9-AQnjz88EEGSuJo2ydkgja2AmuI56hnu8BVt-XB73lon3CY4mw4dsO5ixQIe6G8HcEVb58KuiuwHv-SGlHczotuTRzGlWTHE&cid=CAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1929
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11520
x-xss-protection
0
server
cafe
etag
16798029156924389348
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:08:59 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 38AC
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An6hm0HacVe_d9TxxPFh-iOh2Ely3ZPyWtsOCNBCPN3fNxfj1AGwpTEt2qopbjETwpXB6mbsmS33wT3GpKf6zii3K1Z59w5y9GO0rX7Q2ApWN9S3szpgOC9EPbCZ0Vu4OuZA0DeCe_4RMRShGJQojoU-zz2g&cry=1&dbm_d=AKAmf-Dx4tS9qRpA7jDUmBxMZzZkezbyxY8LoHU2PcmavpxXwCDRuvSPA-IYbofxiXC6bJu4KKBmr7-7jlXrbjrtGxcq7G2H7EaggavqNuvBh69Q4mOorwLUT57M8A9GiSeXXuSJHl8tMJCWxWt1O0oVGiyP7A-AFcVwfIC45VGfzJ7dvX7zpRLkZDZWDlaio7uM172bq4kfiTjYkEPol1e51sP7UQkkwN1j44ZaWa1LQI-lV0NmkcsuXskQj_5Kh9LDxYXV9TfTEYVqqX6ihcRT3TLnK5PTrhbMu57nZNBOp4kkj7VFcBPO3tSNeRlAyOCRXHPWwgodq1ejXXSm2ii6AyBJD1ux96noKaUZUjoykpD6u3WwxJIezUfLwDUzGD4zvSW9A7Nw7IJbHbiOHTi5hV8KwiGbzGdWmVJkksznWWrx1PEq8kpiYjMyBFfWTnVftLdeB6xjtPWpLau6EiYT840S90QpO0ySTKKaQJfy9CK-S4KNVeE2rVC_aK9QLAXxk1KN3QjzO8X3OSF80o7P3YDGgWSv_n59CQ_StqDTq9xqFnoGJORsSGFpovid7VZQaVGe02kYz6l5YfGCBZkk6sGpIfR8f90ZDT4S__qGl6hQN7k1oL-2ioXRJ5FFr8Eyf7xTvqOiaLjzQAcKB6WlUfMBWLFmL8sAgER8X5aCqNsvFQB68UlAOJe_MEXO3TJK2i18-lrOlmRnMwkw14C3opzsQX0Wfn9lC-SrvMFrCLHz2MaDgYH-BqIegMv8gamV579RMI-LkW58BHa2yYZc-AEkOxCbRz5t7witxKE-F6_ilSo1iUYXHr7VH4YEPRaLa_KaZYblGZqhuWuD3NjbjCSlWIhCIAx8BePdxZ574cvK1lTWCXXyAeI7FU4FD-NPHcUacBI-n65BuKgB5FmyYnlDDoNVBRq46q5ZDYo0pEGVSbhwbqMKWLekkF3lwECcNsscASHYvTKEM30nbMqkuaxUqfjEFERZ_eDbSDOQILR9ilPut3KD70rI7BqPAliv3XdcU8JaFtZCkwREgh4EB5Z_NcypfnZc1mGkx2I0XQaqbB1uD6CrmLDfxqj62oPRwP8KSGOZwbRmSACk5BE9ergjX-40TZJdl3EZqEfhYsJrlhChZOIuBBis1uLjMTtyQ2ggD5kzQKnHOZ-uq-ZbVdKDmy9fHzaP4gQvz0KVUDmEhqIqeIktMZI4bbzspql4sW_Zo0n6bqiKsSbjU6Kz1bImSo2jivIavPDQcauTB-KVWduGA70xgg2XgIxP0U6IcRVaYEttkVVmTlHcIT39c5gRpE45RDw6Q6sW5Yz1c7xEX770YaomSh-Nx_wp01rUbSPuc4fcgJ93mDXxeLkwm27nsTp_BOXCUCRkHJ14uj2fGvq2DVEZw5YvDw1jUp_AzM5F9CHOHlK8HGIxA5sQlROQ_mmoUZWfOwJZ3jNLUGZwQcwO8zUizQwbaLDGOBzUwQPX5hOAEubomHsdzCE_swK2kaIe3JO8BHe4kBAMFmiLgVcb7EKObDbUPSQ-8PHh0rwGJDlsdFvtfyujrRdKCJcgw2UB9gM1FuC_i83l58o9dgMsGkbTo6HBl8w7uXydphyrpX1yGgLDi-gBBetQe0TmadDJtS8U4kf_uns1RcjUMCSd3tZL9AA2nVvmMP8uNvBWxslC3kUVaOIzOARdo1yzr9JVk6XtdmvyTOvHmOWMbIRf98h5Z_GaRyReYHi0jg9GSiwXFbNcLt93uNCwHY5peNrkPPeQwMzHT68IbI__Vkg0fxHddm9Kg9PXZ_DJUNhxAk2lL7ZggYLhXo1VlBZIY6FOv1nYNKy_SKnQaB0nT_zkgMIZzQ6AgnLqYv93OZQ5iXoT_0ajf9i29qojNBWlh0BKlTpTeCuOx5FAOVzxXo1BgjqGxS92eDnoIfFeJvaYd_oNZghFHfOBAk9bYSKRVpSfjjwAp_aTrzMgN3TWuUbx-DqCvFAlvs6sItrpwCYAwhjcbjYIrHgex2tg2ZIyAiv7vd1-9KlceM9IGdEr1JtthFi5NFruiFqNZWdNsH41ZS5n28MqK2xDikj8t_UzfADMVCzI76GBOr8keHYZBmtwOU0YBcKNVx3_azRr0jN8o0US-dxkxqgylAl_IYpWwYICsOS3RGsWyYmCJkDY-7vUirOK8PqY1JZTOxKhOJh73Q6trEyuK7zqgj9_DbOO6bZ34cbx_YnaSG5uphKRme7ECAoNOBwwxe6DP7tc56Ko3KcprBgt5jkSyYgzAqKi-LMaicHbRygsUrFqE25hA2XQ3zYZEo-8KhtGeNeKdX-sjCgpp6EAvQVR5Z1GGhHlHZWccX_py1jsLfrX7gnVSvz8rrbjU0S9qrxotvUGNPFdr-VGmSaLLJyV1SLwo9At7YIdhJVUzIYaHEZnDbmbHl7VvG4juauYuZ08tpLBZgL63ydv5qU0iDkxdppSV8mgW6yTBHNkK9vVfVyZBBfqt0FbX_XtdtP37D1MSnYqu1mlZ4lqNXaZ-ccyIBoFguhXFYgxF91Rxx5n6f76G7RQdZhvLLnC99v0iM_6XKQEgFG1pLMZJzb112kqfTufsz8oUzf-ji-UG11VqHlpp42KpObTEZhgXdHeiCBAfNr_9PuAhRivM2l7Ty4oM-X00J2MO1F2u0Ek5m2v0sHDipG_bFh7zgQyeqWQRFH9bHWLOQnJhlkphv1nYWCqnzGTkrW_RIhmNepOqh5lCSrqp_dk6vQeOWaslFYaY2_KSNdq557udrf1W_lI2n3VF0zXNRSZSPWTAVgQucCNo9pCdnteLQ9Bxnj6CmYx_x0hGZJ5aT9XCFHJlLh4Qkd35vRUnuPkj96T9PCmcIsvwCip8RPlE1kNfAFKnS71ptUJgtJJcfGkUqgMO51DW6aSJMJiPCpbjaQvk89EidAil-joTsQ0rxa7EL44qz-TbD9-rEyKKyvhVCv0tW0Z2SujF9oVsAZOdB_FNum9sVSrfdWqfguQ9-7UdN-gFw0MPgVuPrE4gv2yDcCifYx_X8WtOFo03oxvNwrjEkLGF3p-4eCjsCISdESsAqMEgjOlIYEtHqBnbkHS5UBjmE_TU_JvehpoTI8erHRDI01WBsDZZ6KLaEHb2zq07252EyQxC5ZcWBwXR6LurgadeWzYRkEUF8X-RILngJa4klwSMUQjCir4PYU230r97bUOiDu-OUQz7siv1pY1vmdH19rKbhjPFT9-AQnjz88EEGSuJo2ydkgja2AmuI56hnu8BVt-XB73lon3CY4mw4dsO5ixQIe6G8HcEVb58KuiuwHv-SGlHczotuTRzGlWTHE&cid=CAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 12:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:49:27 GMT
usync.js
eus.rubiconproject.com/ Frame FD71
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20737
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Wed, 27 Jul 2022 10:26:45 GMT
cookie
cm.adform.net/ Frame DB27
43 B
106 B
Document
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Wed, 27 Jul 2022 04:41:08 GMT
server
nginx
csync
sync.adtelligent.com/ Frame 2D05
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05abca02bb8f92fe
0
387 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05abca02bb8f92fe
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05abca02bb8f92fe
Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
VertaMedia 1.0
Etag
05abca02bb8f92fe
Content-Length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame EEE1
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220725&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false&bust=31068562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
482fa27c6cd458bb4e897ad31c9fba1a2600ede2e55a5c382902c121ee9475cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10661
x-xss-protection
0
GS.d
js.cookieless-data.com/ Frame 9FC3
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1658896868036
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
ptag
a.audrte.com/ Frame 1DF4
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
47d536d82c051d394bbd52deb6886d69a895cc466d9fb6b19fa26a5a13a4d877

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1684
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 1DF4
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:07 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 26 Jul 2027 04:41:07 GMT
um
u-ams02.e-planning.net/ Frame 1DF4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D42966876e79418d6%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
42 B
103 B
Image
General
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:08 GMT
X-Proxy-Origin
217.138.196.109; 217.138.196.109; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
59d9c62f-8c07-4b9a-b208-13dcbea80fe5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=42966876e79418d6&uid=3537742351156846993
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir.html
p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 5B74
247 B
959 B
Document
General
Full URL
https://p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
cfe950cf2b964f3aa599a927ca074eec57ee540a4c8255f4ad90df6594aa0bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
202
content-security-policy-report-only
script-src 'nonce-hl1qO6oTk0Yu6zd2CxftvQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 91E5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:08 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 27 Jul 2022 04:41:08 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 35C9
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D42966876e79418d6%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88446
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 27 Jul 2022 04:41:08 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 28 Jul 2022 05:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame D5E6
1 KB
987 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Wed, 27 Jul 2022 04:41:08 GMT
etag
W/"61ddbb71-5f5"
expires
Mon, 21 Jun 2027 11:13:51 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
20.214
x-cf-tsc
1655896432
x-cf1
29080:dB.waw1:co:1585621119:cacheN.waw1-01:D
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 5F20
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame CDC9
322 B
673 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ef53dd07557753fbb29097d4a0ce902679eb4b2a892eb18c3fd8f5e325fe4f

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7312b371fba72325-ZRH
content-encoding
br
content-type
text/html
date
Wed, 27 Jul 2022 04:41:08 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EEE1
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=false&easai=false&bust=31068562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 04:41:08 GMT
khaos.jpg
token.rubiconproject.com/ Frame FD71
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
ptrack
a.audrte.com/ Frame 96BD
368 B
881 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.109&p=M1353665098&artime=2022-07-27T04:41:08.153Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6366acaf6b1c668b1512a3e60a20fd035d13d7862c17a9693a4f40a8e88d10f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 96BD
155 B
642 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Jul 2022 07:29:04 GMT
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
age
76325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
x-amz-cf-id
iaSI0MTxWk5P_QHnD2G1WpmbqWWE9gx3Pq21t-MLz68m3vWuyJjKag==
dcmads.js
www.googletagservices.com/dcm/ Frame 38AC
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145716/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_t...
  • https://www.googletagservices.com/dcm/dcmads.js
23 KB
9 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 27 Jul 2022 05:09:59 GMT

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 227E
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
6206795
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
lDjlqA7ZFweJf5DsJPFMu44bHyN5WIneRzBADhPgNoR4zVbzIX_eYg==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2AF6
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
57101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Jul 2022 12:49:27 GMT
expires
Wed, 26 Jul 2023 12:49:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 34AF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220725&jk=4094496418611775&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ptrack
a.audrte.com/ Frame 61F4
368 B
880 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.109&p=M1353665098&artime=2022-07-27T04:41:08.267Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
fe636ebc9ab8e42d82751434a70ab25345e6198aba0fcfbd11be9b77b50ae80d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
263
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 61F4
155 B
643 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Jul 2022 07:29:04 GMT
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
age
76325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
x-amz-cf-id
UD9UhBADP5Svn3xp9Bbu6sXlwAuBoE8kd41QKZ7jCvFeGnvOjcEKWA==
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame EC7B
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112128&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867354&bpp=12&bdt=97&idt=117&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=4280503418664&frm=22&ife=1&pv=2&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.2v0e3m8se18v&fsb=1&xpc=9v1XPNocUd&p=https%3A//file.adpartner.pro&dtd=133
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 19:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 19:20:20 GMT
ptrack
a.audrte.com/ Frame E0D9
368 B
882 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.109&p=M1353665098&artime=2022-07-27T04:41:08.275Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e85b3e256e3d9a0d35e808d7fc2f8cac843605082203e8347122ec48233ec200

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame E0D9
155 B
641 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Jul 2022 07:29:04 GMT
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
age
76325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
x-amz-cf-id
ZbBpAVQcMC8u4FsNrR09jM1bQfaqwA1BGF2xMXGW22D0_gn1kw41vg==
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvzHE,pingTime:-3,time:132,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:47%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B126~0%5D,as:%5B126~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame A9CE
668 B
585 B
Document
General
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F4a629537-39a0-47f6-b7a0-44ba88180403%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY3LCJzaG93X2lkIjoiNGE2Mjk1MzctMzlhMC00N2Y2LWI3YTAtNDRiYTg4MTgwNDAzIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd39b4fefa837b68406be24c69ba42048&showId=4a629537-39a0-47f6-b7a0-44ba88180403&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.423
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:08 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvzHW,pingTime:-6,time:150,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:150,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B145~0%5D,as:%5B145~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
data
bcp.crwdcntrl.net/6/ Frame 96BD
20 B
311 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.7.101
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
p
a.audrte.com/ Frame 96BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6lSRXJ9vKRM-ZhEelWl3-IA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6lSRXJ9vKRM-ZhEelWl3-IA&gdpr=0&gdpr_consent=&google_gid=CAESEI8-CkFQ0KWNEHF0hE0VKeM&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 96BD
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4260939382344949487
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 96BD
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3h6lSRXJ9vKRM-ZhEelWl3-IA&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
sync.php
pixel.rubiconproject.com/exchange/ Frame FD71
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 91E5
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20737
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Wed, 27 Jul 2022 10:26:45 GMT
mw
mwzeom.zeotap.com/ Frame CDC9
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D92c0b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=a7954610-172d-42b3-5383-31e336b03e9b&zdid=1361
95 B
283 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=a7954610-172d-42b3-5383-31e336b03e9b&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7312b3742dd12325-ZRH
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=a7954610-172d-42b3-5383-31e336b03e9b&zdid=1361
date
Wed, 27 Jul 2022 04:41:08 GMT
cross-origin-resource-policy
cross-origin
content-length
0
if
a4p.adpartner.pro/tracker/ Frame 8727
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25224a629537-39a0-47f6-b7a0-44ba88180403%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224a629537-39a0-47f6-b7a0-44ba88180403%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 27 Jul 2022 04:41:08 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 2086
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522b4d1de2c-0425-42bf-a28a-34f0c4b01fa6%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25224a629537-39a0-47f6-b7a0-44ba88180403%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25224a629537-39a0-47f6-b7a0-44ba88180403%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Wed, 27 Jul 2022 04:41:08 GMT
expires
0
pragma
no-cache
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvzII,pingTime:-2,time:198,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:408,mdZ:627,beA:772,beZ:773,mfA:775,cmA:776,inA:776,inZ:780,prA:780,prZ:813,si:820,poA:821,poZ:843,cmZ:843,mfZ:843,loA:922,loZ:925,ltA:969,ltZ:969%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:47%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:198,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B192~0%5D,as:%5B192~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:149,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame C772
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 19:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 19:20:20 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 1DF4
49 KB
15 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 20:08:41 GMT
content-encoding
gzip
etag
W/"df595edb87c4422264005b90da79ef4a"
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
age
30748
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
Ll01bJ-W96pLmUdGE0MaSB2klJQ6lrfhhBnGldgTo1B09hlNnr9Ajw==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 125C
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Emmer-Compascuum, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Wed, 27 Jul 2022 04:41:07 GMT
etag
W/"601b131c-27c"
expires
Mon, 26 Jul 2027 04:41:07 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
csync
sync.adtelligent.com/ Frame 2A1B
0
387 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ABmS-bqVGTUX0usZ
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 27 Jul 2022 04:41:08 GMT
Etag
909b26b72718bd03
Server
VertaMedia 1.0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0579
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
33540
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Jul 2022 19:22:08 GMT
expires
Wed, 26 Jul 2023 19:22:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8B30
783 B
536 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
02e6d1166ce99a5ffa51211e739ce661ee3f8d002e478a0711f9b8e9ec23ac6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4-5M6NSpAgyZXV7NqsHRBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-4-5M6NSpAgyZXV7NqsHRBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:08 GMT
expires
Wed, 27 Jul 2022 04:41:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
data
bcp.crwdcntrl.net/6/ Frame 61F4
20 B
311 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.17.96
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
iframe.html
p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 5B74
4 KB
2 KB
Document
General
Full URL
https://p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
e6d58896a202947c9f4eebb4b1050ec77a674b1bf9b81fc7b30c37b2561da7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1861
content-security-policy-report-only
script-src 'nonce-ZHcNkFHJc9JRnNqhqfkR_A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
data
bcp.crwdcntrl.net/6/ Frame E0D9
20 B
312 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.18.153
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 54F8
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88446
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 27 Jul 2022 04:41:08 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Thu, 28 Jul 2022 05:15:14 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 45A7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Jul 2022 04:41:08 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 27 Jul 2022 04:41:08 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 83CA
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame E0AA
43 B
323 B
Image
General
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
43
Content-Type
image/gif
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A9CE
118 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F4a629537-39a0-47f6-b7a0-44ba88180403%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY3LCJzaG93X2lkIjoiNGE2Mjk1MzctMzlhMC00N2Y2LWI3YTAtNDRiYTg4MTgwNDAzIiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3Dd39b4fefa837b68406be24c69ba42048&showId=4a629537-39a0-47f6-b7a0-44ba88180403&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcbf86d14d9ef8462b066830a2520cf0a18046ba0256a2532486d5d5e5706d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40083
x-xss-protection
0
server
cafe
etag
15835433669471052989
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:41:08 GMT
p
a.audrte.com/ Frame 61F4
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1314255100305827079
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 61F4
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3h6cD9zjcUfSMi4aav6IOerjg&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 61F4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6cD9zjcUfSMi4aav6IOerjg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6cD9zjcUfSMi4aav6IOerjg&gdpr=0&gdpr_consent=&google_gid=CAESEI8-CkFQ0KWNEHF0hE0VKeM&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
impl_v90.js
www.googletagservices.com/dcm/ Frame 38AC
54 KB
21 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1043867/63145716/dcm/dcmads.js?adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D3279755405%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1658896867%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1658896867117%26bpp%3D4%26bdt%3D409%26idt%3D273%26shv%3Dr20220725%26mjsv%3Dm202207190101%26ptt%3D9%26saldr%3Daa%26correlator%3D4550118251236%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D128748108.1658896866%26ga_sid%3D1658896866%26ga_hid%3D1143662830%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C44763506%252C44769950%252C42531605%26oid%3D2%26pvsid%3D4094496418611775%26tmod%3D959607230%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.63jf67lsnky5%26fsb%3D1%26dtd%3D288&adsafe_type=d&adsafe_jsinfo=,id:8aa3631c-6fde-7688-41c7-ce90555ff63f,c:jxvzGh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-88cbdf49d-tvwbx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:48,oid:54d3df6b-0d66-11ed-a3e1-de57bc6e77c9,v:19.8.333,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 18:25:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 18:25:01 GMT
p
a.audrte.com/ Frame E0D9
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5321987192594941898
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame E0D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent=&google_gid=CAESEI8-CkFQ0KWNEHF0hE0VKeM&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame E0D9
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
khaos.jpg
token.rubiconproject.com/ Frame 91E5
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame 2AF6
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 19:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 19:20:20 GMT
GS.d
js.cookieless-data.com/ Frame 125C
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1658896868577
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.129.3.112 , France, ASN12876 (Online SAS, FR),
Reverse DNS
212-129-3-112.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 45A7
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20737
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Wed, 27 Jul 2022 10:26:45 GMT
B27487152.336230191;dc_ver=90.265;sz=728x90;u_sd=1;dc_adk=608880710;ord=34esyt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34Qh48HgYqeKINXjx_AP6vmawAbkwri1aun63dahE...
ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/ Frame 38AC
53 KB
26 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230191;dc_ver=90.265;sz=728x90;u_sd=1;dc_adk=608880710;ord=34esyt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34Qh48HgYqeKINXjx_AP6vmawAbkwri1aun63dahEM_mor3AARABIKzk9ghgu4aAgNAKoAH4r_7LAsgBCakCGtRpkDsztD6oAwHIA5sEqgTtAU_QUN6JJwfPvsl90NSlxp0u1jvxFTtyYbR5t7sCsRbs36XCfEWkjK_H8CW3UCwk0GYq1_AwQdi78L0NvHXsPIOmcVhqY_iz6Xg26LeMVBQ-Z7o2rHqFrgeBowj5yW7o_C4TojqgtEiwfpMYn6afpMp6qNiWuN-dvD7RHAtdwAy-PhbG1iXaOVLu9udtaRBWf9lr_zaC9iXi13m8CSMk2yr3nsedfJH-66z5eE0FMBUnsfO-65P1PsUNo1cj2qJVXK7yszjaKpHG-d1OZh-DB-y7BBG2rez710yE5hgWvAurtvAYmy--_K5XeHJjM8AEsImr2tYD4AQDkAYBoAZNgAfwz4G0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbATh6rzD9ATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ%26sig%3DAOD64_1QX5-xozXVTowk83Hq9K4-i1YSGw%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-DNMVZoi3Fr_IAx8crXpQCaWY42PZ7TEy2qKmW1uCMLiSfme4GqW3ksrR0rKKIM6GOaH8J9f4zT3rR8XaeHk1YVXNSKsbrbHZtIEKo-TZxT7mX7lUKxfAvazYEujywoK9o3b9ixtFEmQxc3b-33gE1zFXEF5g%26cry%3D1%26dbm_d%3DAKAmf-D5Sdcqjj1kv6rs-05vEw4MeCuo634rNVk4dRYyNL3yycwWYev6HtogEs81quEQRQrT0eRbGt2MxvWjQyWfSyPNYrcDVuwE1Y9CqepnHikZ08kfCGr5p-fIkpcP-3akWuPuDb51AtjQr8PuE0Q0cB2xslvcPZIt03uQ1DwDLnZmTrURzMJ97iEZ_BeDnDqJ4Pu9Q_VvzchreNsYii3Ykd6XoIUlvcGc_-inNkLMfnZQY49Jzah_GykaG-qacnm_F-o7MVb7BZvXvyKXwvg_VpH6VjoeEvXfs6h43h1c0NItC7cWfLyjuNjgmqmdBO1Qd16hlsx9Q0HA7dm-2H2Jv42dK83hJ0S4S4XPe3ApdYv-9QxGhc4wubfbkmknHOVBEUWrZOX26KPoo0g4K7mWOZjXV6EDZuRUkwo6OeND7HlKymqJz6sGBM8wB-NrdsAJruvyDpD8C0qfDthpR76vVNDhngqU53qA11M6mSiSqXeahxna9W0%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=MyHpl9n.n0;stc=1;sttr=151;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
84d9acbe3c1868d7f3b6453e8658022986a354f5c36a80cbd68c7491e9590146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26402
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logcz.aspx
ads.go2net.com.ua/
0
220 B
Image
General
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 27 Jul 2022 04:41:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/ Frame A9CE
338 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa34a6edf9e8031e3d1e9bcc351c25af80670d837a9cc6bc408c30618cab7bd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121834
x-xss-protection
0
server
cafe
etag
13240344819295745986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 04:41:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8B30
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220725&jk=148654356446242&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

khaos.jpg
token.rubiconproject.com/ Frame 45A7
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
sodar
pagead2.googlesyndication.com/getconfig/ Frame 674B
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220725&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
711e216ab3e7aedd8271b2eaa9645e8c15f6dd93ad60bdc72285e57015336711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10628
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame 674B
13 KB
13 KB
Image
General
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_89805737921554770&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D9838958080da5663594fc72f1f777da3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
7195647504708195999
tpc.googlesyndication.com/daca_images/simgad/ Frame EE55
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/7195647504708195999?w=180&h=360
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7ef7f5c288c03acaf1da578549dc9dcddb5d0e0afe40df612d9ce3d2cd2397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9165
x-xss-protection
0
last-modified
Sun, 12 Jun 2022 14:13:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 03 Aug 2022 04:41:08 GMT
truncated
/ Frame EE55
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d87e88b7aadd332252cd54acd7e01872522b29f37925791045579b9a1e36c737

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
7195647504708195999
tpc.googlesyndication.com/daca_images/simgad/ Frame 79F8
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/7195647504708195999?w=180&h=360
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7ef7f5c288c03acaf1da578549dc9dcddb5d0e0afe40df612d9ce3d2cd2397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9165
x-xss-protection
0
last-modified
Sun, 12 Jun 2022 14:13:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 03 Aug 2022 04:41:08 GMT
truncated
/ Frame 79F8
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a17b2bd6c73cfc2afa8ba5e7ffeda1f687e7c14050d051ebbd8048b50a4d4271

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
ptrack
a.audrte.com/ Frame 1DF4
368 B
881 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=217.138.196.109&p=M1353665098&artime=2022-07-27T04:41:08.738Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
935a7ea852d6b4fea3400af0e6576f8eb7590b94b30eab3036d39c1c494f39bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 1DF4
155 B
642 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 26 Jul 2022 07:29:04 GMT
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
age
76325
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Tue, 19 Jul 2022 17:47:21 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
x-amz-cf-id
ibcxWdCb6bnAVNzEX1HcAlLIMqXoq6e39Uo8d01k7fDVkUP8RvlJ2Q==
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame 7145
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045958791&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_89805737921554770%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252Fe2c7ef85-27fe-4daa-ba36-04426f4dcd3a%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjU4ODk2ODY2LCJzaG93X2lkIjoiZTJjN2VmODUtMjdmZS00ZGFhLWJhMzYtMDQ0MjZmNGRjZDNhIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiYjRkMWRlMmMtMDQyNS00MmJmLWEyOGEtMzRmMGM0YjAxZmE2IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D9838958080da5663594fc72f1f777da3&wgl=1&dt=1658896867370&bpp=3&bdt=113&idt=135&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=4280503418664&frm=22&ife=1&pv=1&ga_vid=1943466559.1658896867&ga_sid=1658896867&ga_hid=825700347&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1775984419&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44763506%2C42531607&oid=2&pvsid=2071546987259796&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.yfqm27ed76a2&fsb=1&xpc=cdyPiEfoZt&p=https%3A//file.adpartner.pro&dtd=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 19:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 19:20:20 GMT
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame 0579
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 19:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 19:20:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 674B
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 04:41:08 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame A9CE
107 B
122 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A9CE
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D04A
603 B
65 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155823869&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896868660&bpp=14&bdt=260&idt=136&shv=r20220725&mjsv=m202207190101&ptt=5&saldr=sa&correlator=8047188943812&frm=8&ife=1&pv=2&ga_vid=1283070654.1658896869&ga_sid=1658896869&ga_hid=1444760284&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=767006191&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44763506%2C44764001%2C21065725&oid=2&pvsid=3008588414355440&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.u86fp54zgi4h&fsb=1&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
data
bcp.crwdcntrl.net/6/ Frame 1DF4
20 B
312 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.18.153
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvzR4,time:716,type:e,im:%7Bimprf:%7Bttecl:669,ecd:166,tsecr:91%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:716,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B710~0%5D,as:%5B710~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:405,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:08 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame C772
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?N0CI6Q
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/elements/html/ Frame 38AC
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220725/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230191;dc_ver=90.265;sz=728x90;u_sd=1;dc_adk=608880710;ord=34esyt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34Qh48HgYqeKINXjx_AP6vmawAbkwri1aun63dahEM_mor3AARABIKzk9ghgu4aAgNAKoAH4r_7LAsgBCakCGtRpkDsztD6oAwHIA5sEqgTtAU_QUN6JJwfPvsl90NSlxp0u1jvxFTtyYbR5t7sCsRbs36XCfEWkjK_H8CW3UCwk0GYq1_AwQdi78L0NvHXsPIOmcVhqY_iz6Xg26LeMVBQ-Z7o2rHqFrgeBowj5yW7o_C4TojqgtEiwfpMYn6afpMp6qNiWuN-dvD7RHAtdwAy-PhbG1iXaOVLu9udtaRBWf9lr_zaC9iXi13m8CSMk2yr3nsedfJH-66z5eE0FMBUnsfO-65P1PsUNo1cj2qJVXK7yszjaKpHG-d1OZh-DB-y7BBG2rez710yE5hgWvAurtvAYmy--_K5XeHJjM8AEsImr2tYD4AQDkAYBoAZNgAfwz4G0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbATh6rzD9ATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ%26sig%3DAOD64_1QX5-xozXVTowk83Hq9K4-i1YSGw%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-DNMVZoi3Fr_IAx8crXpQCaWY42PZ7TEy2qKmW1uCMLiSfme4GqW3ksrR0rKKIM6GOaH8J9f4zT3rR8XaeHk1YVXNSKsbrbHZtIEKo-TZxT7mX7lUKxfAvazYEujywoK9o3b9ixtFEmQxc3b-33gE1zFXEF5g%26cry%3D1%26dbm_d%3DAKAmf-D5Sdcqjj1kv6rs-05vEw4MeCuo634rNVk4dRYyNL3yycwWYev6HtogEs81quEQRQrT0eRbGt2MxvWjQyWfSyPNYrcDVuwE1Y9CqepnHikZ08kfCGr5p-fIkpcP-3akWuPuDb51AtjQr8PuE0Q0cB2xslvcPZIt03uQ1DwDLnZmTrURzMJ97iEZ_BeDnDqJ4Pu9Q_VvzchreNsYii3Ykd6XoIUlvcGc_-inNkLMfnZQY49Jzah_GykaG-qacnm_F-o7MVb7BZvXvyKXwvg_VpH6VjoeEvXfs6h43h1c0NItC7cWfLyjuNjgmqmdBO1Qd16hlsx9Q0HA7dm-2H2Jv42dK83hJ0S4S4XPe3ApdYv-9QxGhc4wubfbkmknHOVBEUWrZOX26KPoo0g4K7mWOZjXV6EDZuRUkwo6OeND7HlKymqJz6sGBM8wB-NrdsAJruvyDpD8C0qfDthpR76vVNDhngqU53qA11M6mSiSqXeahxna9W0%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=MyHpl9n.n0;stc=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:38:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 04:38:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 38AC
0
575 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEKODifdfNsxGvYu3DGYLsdPWmajBhraBOZxhus53jbyGGXfdUNJkejfOzNPbmNO1MgKjbvj6G4LueMPHTXtiDkFP96fb9pUzyNqDSIL9yMyKgjQSwq3xx0j8h6rVlL8k85VXiIKjdioqxCJ2p8t9IV3SE_3RFy0Q&sig=Cg0ArKJSzO82dfBVNA9cEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220725.84206&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230191;dc_ver=90.265;sz=728x90;u_sd=1;dc_adk=608880710;ord=34esyt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34Qh48HgYqeKINXjx_AP6vmawAbkwri1aun63dahEM_mor3AARABIKzk9ghgu4aAgNAKoAH4r_7LAsgBCakCGtRpkDsztD6oAwHIA5sEqgTtAU_QUN6JJwfPvsl90NSlxp0u1jvxFTtyYbR5t7sCsRbs36XCfEWkjK_H8CW3UCwk0GYq1_AwQdi78L0NvHXsPIOmcVhqY_iz6Xg26LeMVBQ-Z7o2rHqFrgeBowj5yW7o_C4TojqgtEiwfpMYn6afpMp6qNiWuN-dvD7RHAtdwAy-PhbG1iXaOVLu9udtaRBWf9lr_zaC9iXi13m8CSMk2yr3nsedfJH-66z5eE0FMBUnsfO-65P1PsUNo1cj2qJVXK7yszjaKpHG-d1OZh-DB-y7BBG2rez710yE5hgWvAurtvAYmy--_K5XeHJjM8AEsImr2tYD4AQDkAYBoAZNgAfwz4G0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbATh6rzD9ATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ%26sig%3DAOD64_1QX5-xozXVTowk83Hq9K4-i1YSGw%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-DNMVZoi3Fr_IAx8crXpQCaWY42PZ7TEy2qKmW1uCMLiSfme4GqW3ksrR0rKKIM6GOaH8J9f4zT3rR8XaeHk1YVXNSKsbrbHZtIEKo-TZxT7mX7lUKxfAvazYEujywoK9o3b9ixtFEmQxc3b-33gE1zFXEF5g%26cry%3D1%26dbm_d%3DAKAmf-D5Sdcqjj1kv6rs-05vEw4MeCuo634rNVk4dRYyNL3yycwWYev6HtogEs81quEQRQrT0eRbGt2MxvWjQyWfSyPNYrcDVuwE1Y9CqepnHikZ08kfCGr5p-fIkpcP-3akWuPuDb51AtjQr8PuE0Q0cB2xslvcPZIt03uQ1DwDLnZmTrURzMJ97iEZ_BeDnDqJ4Pu9Q_VvzchreNsYii3Ykd6XoIUlvcGc_-inNkLMfnZQY49Jzah_GykaG-qacnm_F-o7MVb7BZvXvyKXwvg_VpH6VjoeEvXfs6h43h1c0NItC7cWfLyjuNjgmqmdBO1Qd16hlsx9Q0HA7dm-2H2Jv42dK83hJ0S4S4XPe3ApdYv-9QxGhc4wubfbkmknHOVBEUWrZOX26KPoo0g4K7mWOZjXV6EDZuRUkwo6OeND7HlKymqJz6sGBM8wB-NrdsAJruvyDpD8C0qfDthpR76vVNDhngqU53qA11M6mSiSqXeahxna9W0%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=MyHpl9n.n0;stc=1;sttr=151;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 38AC
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230191;dc_ver=90.265;sz=728x90;u_sd=1;dc_adk=608880710;ord=34esyt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34Qh48HgYqeKINXjx_AP6vmawAbkwri1aun63dahEM_mor3AARABIKzk9ghgu4aAgNAKoAH4r_7LAsgBCakCGtRpkDsztD6oAwHIA5sEqgTtAU_QUN6JJwfPvsl90NSlxp0u1jvxFTtyYbR5t7sCsRbs36XCfEWkjK_H8CW3UCwk0GYq1_AwQdi78L0NvHXsPIOmcVhqY_iz6Xg26LeMVBQ-Z7o2rHqFrgeBowj5yW7o_C4TojqgtEiwfpMYn6afpMp6qNiWuN-dvD7RHAtdwAy-PhbG1iXaOVLu9udtaRBWf9lr_zaC9iXi13m8CSMk2yr3nsedfJH-66z5eE0FMBUnsfO-65P1PsUNo1cj2qJVXK7yszjaKpHG-d1OZh-DB-y7BBG2rez710yE5hgWvAurtvAYmy--_K5XeHJjM8AEsImr2tYD4AQDkAYBoAZNgAfwz4G0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbATh6rzD9ATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ%26sig%3DAOD64_1QX5-xozXVTowk83Hq9K4-i1YSGw%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-DNMVZoi3Fr_IAx8crXpQCaWY42PZ7TEy2qKmW1uCMLiSfme4GqW3ksrR0rKKIM6GOaH8J9f4zT3rR8XaeHk1YVXNSKsbrbHZtIEKo-TZxT7mX7lUKxfAvazYEujywoK9o3b9ixtFEmQxc3b-33gE1zFXEF5g%26cry%3D1%26dbm_d%3DAKAmf-D5Sdcqjj1kv6rs-05vEw4MeCuo634rNVk4dRYyNL3yycwWYev6HtogEs81quEQRQrT0eRbGt2MxvWjQyWfSyPNYrcDVuwE1Y9CqepnHikZ08kfCGr5p-fIkpcP-3akWuPuDb51AtjQr8PuE0Q0cB2xslvcPZIt03uQ1DwDLnZmTrURzMJ97iEZ_BeDnDqJ4Pu9Q_VvzchreNsYii3Ykd6XoIUlvcGc_-inNkLMfnZQY49Jzah_GykaG-qacnm_F-o7MVb7BZvXvyKXwvg_VpH6VjoeEvXfs6h43h1c0NItC7cWfLyjuNjgmqmdBO1Qd16hlsx9Q0HA7dm-2H2Jv42dK83hJ0S4S4XPe3ApdYv-9QxGhc4wubfbkmknHOVBEUWrZOX26KPoo0g4K7mWOZjXV6EDZuRUkwo6OeND7HlKymqJz6sGBM8wB-NrdsAJruvyDpD8C0qfDthpR76vVNDhngqU53qA11M6mSiSqXeahxna9W0%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=MyHpl9n.n0;stc=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 12:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jul 2023 12:49:27 GMT
17639470806551290774
s0.2mdn.net/simgad/ Frame 38AC
22 KB
23 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/17639470806551290774
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea2f1d240d00536d806a049fa2c7b2bc606daca1cfd03b37a81134deb63565e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 07:49:37 GMT
x-content-type-options
nosniff
age
75092
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22467
x-xss-protection
0
last-modified
Wed, 11 May 2022 12:46:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 26 Jul 2023 07:49:37 GMT
/
d.agkn.com/pixel/2387/ Frame 38AC
43 B
646 B
Image
General
Full URL
https://d.agkn.com/pixel/2387/?ct=UK&st=&city=0&dma=0&zp=&bw=4&che=1165754581&col=27487152,1108532,336230191,528114240,171227878
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.108.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-108-196.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
p
a.audrte.com/ Frame 1DF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent=&google_gid=CAESEI8-CkFQ0KWNEHF0hE0VKeM&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:09 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 27 Jul 2022 04:41:09 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 1DF4
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5321987192594941898
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
52.205.204.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-204-29.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:09 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 27 Jul 2022 04:41:09 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 1DF4
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=3h6o8jFb7GJQZWM0CA6TkwJYQ&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:08 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
main.19.8.333.js
static.adsafeprotected.com/ Frame 38AC
186 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.333.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=52321546355&placementId=424694235&dealId=549644393847897261&adsafe_par&impId=ABAjH0jckQt4xLYtcR3q26IJWiKt&bidurl=http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4da88d903e8ed2209a1d052c424216dc4940e6834327662028acc4fbe634510

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 16:16:29 GMT
content-encoding
gzip
age
131081
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 25 Jul 2022 14:27:08 GMT
server
AmazonS3
etag
W/"8131eccf23d75965c16879165e580ecc"
vary
Accept-Encoding
x-amz-version-id
P3WABRGheJ_dqUd7tL4TISRbbPJKtI65
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
lIe0_WpyZNcwK4T2n4lqyh4ID3IDT2QaS0TlhhwKns-X5sfvLQup0w==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E30C
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
57108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 26 Jul 2022 12:49:21 GMT
etag
48472445140208031
expires
Wed, 27 Jul 2022 12:49:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 38AC
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fda6eff292d6c86f327a3648495c7d87830df9cb60d37bdc5085ae26038ca56a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 057B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
33541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Jul 2022 19:22:08 GMT
expires
Wed, 26 Jul 2023 19:22:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 77B8
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6ef3dfeae2fa1ca20b5b09a22c9e0c36a44bfe999bf3262c4f5f48801ccbeb34
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ufMd86SvKbgyOiQ_szUdYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-ufMd86SvKbgyOiQ_szUdYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:09 GMT
expires
Wed, 27 Jul 2022 04:41:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvzTV,pingTime:-10,time:893,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1658896869071%7C%7C02133c5c015ea09c4bc62601e39e6f4c%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cbc98d3c4c51a13fa190e409a33389257%7C%7C08a4a86dee371d05dd9445e973fd00e6%7C%7C45437acc833026ca25434478f106c09c%7C%7C937505d79cb0517863a0e25a0d5363bd%7C%7C99323a1dea7094193dbb74e5e7359db2%7C%7C1629390669%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ Frame A9CE
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220725&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3419a0f24434a57e9f0d7ab4b641b532cbe9924aea2dc73b7bc1b50a95d1f048
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10710
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5035
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
57102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Jul 2022 12:49:27 GMT
expires
Wed, 26 Jul 2023 12:49:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame E30C
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOVZJXHhFGhaM6rrojdg2A8&google_cver=1&google_push=AehlK4COvwH5kdPLArRo0_mBqKMAcznxS6xzT71XOURREOh2Pr3XUmSUpnne9vSdg0pR3qRcQ-gBko_WegeO4_O5wkrd21EPeftx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E30C
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEPpiNSyrDDPbp4Pzk_0atRE&google_cver=1&google_push=AehlK4BEWfQ9aNycA0BRiRtX0ckdRTWObwZTITpw9o3mJ9knzf7EXLAkHplLjc7O06cNPzxJtdvstrGlyQSQuf4R9Cs7okqyG02k
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BEWfQ9aNycA0BRiRtX0ckdRTWObwZTITpw9o3mJ9knzf7EXLAkHplLjc7O06cNPzxJtdvstrGlyQSQuf4R9Cs7okqyG02k&google_hm=Q0FFU0VQcGlOU3lyRERQY...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BEWfQ9aNycA0BRiRtX0ckdRTWObwZTITpw9o3mJ9knzf7EXLAkHplLjc7O06cNPzxJtdvstrGlyQSQuf4R9Cs7okqyG02k&google_hm=Q0FFU0VQcGlOU3lyRERQYnA0UHprXzBhdFJF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 27 Jul 2022 04:41:08 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BEWfQ9aNycA0BRiRtX0ckdRTWObwZTITpw9o3mJ9knzf7EXLAkHplLjc7O06cNPzxJtdvstrGlyQSQuf4R9Cs7okqyG02k&google_hm=Q0FFU0VQcGlOU3lyRERQYnA0UHprXzBhdFJF
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E30C
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4Az3iHlvcqQ50MEM-gmXaKg45FTdsMEpi8rv4ZyeLi7PKRcwChmrJIOPWp8fDAASKZdhzNlnZIyl2KBuyQImbLksASntAs&google_gid=CAESEFF3RqtF-H_TkjJXEke6c0g&goog...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOWDg5cGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BZWhsSzRBejNpSGx2Y3FRNTBNRU0tZ21YYUtnNDVGVGRzTUVwaThydjRaeWVMaTdQS1Jjd0NobXJKSU9QV3A4ZkRBQVNLWmRoek5sblpJeWwyS0J1eV...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRGtNbXBFUExfY1RJQUZvSXIzTVVMVmZhSXluVmVXS2FsV3loRTRxNFY4Zw==&google_push
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRGtNbXBFUExfY1RJQUZvSXIzTVVMVmZhSXluVmVXS2FsV3loRTRxNFY4Zw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 27 Jul 2022 04:41:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRGtNbXBFUExfY1RJQUZvSXIzTVVMVmZhSXluVmVXS2FsV3loRTRxNFY4Zw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame E30C
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECXQqS3mYunMXYNbNPEY_h0&google_cver=1&google_push=AehlK4CwiHUD_JhyZotcWF5j_CvETqBgBABJQvVhWco4brVoo7Z02IgsMjoKHt5iM1F45YnSc6WMNIz5oQ524dbfxoK73-1YTBeB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
gh211k9klf03b1qhdu3gju59t0idd5ab
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E30C
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMS8zafUNIuMRarq1tCGsF0&google_cver=1&google_push=AehlK4D6qUAartGcYviUXsvxOI7WOJPmuu9XSHuERgF_4rREr6MFXhyuDFS954WM7p18pcKm3qRL06tZyFlJgMbDLM3towNJs9cc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E30C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJDNmq6uobREEy4Oce_5tD0&google_cver=1&google_push=AehlK4CryRORHy-D9RuBhyQoaFg5Q9bLSnU6BJ6DASEuGdlNLWzASuT7kG2nCC9eMhp5lRH_PfW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzNEQ0QzgtMVItMldRNA==&google_push=AehlK4CryRORHy-D9RuBhyQoaFg5Q9bLSnU6BJ6DASEuGdlNLWzASuT7kG2nCC9eMhp5lRH_PfWI2k4I_RBqUS0xbxPY2cxvKPCL
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzNEQ0QzgtMVItMldRNA==&google_push=AehlK4CryRORHy-D9RuBhyQoaFg5Q9bLSnU6BJ6DASEuGdlNLWzASuT7kG2nCC9eMhp5lRH_PfWI2k4I_RBqUS0xbxPY2cxvKPCL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzNEQ0QzgtMVItMldRNA==&google_push=AehlK4CryRORHy-D9RuBhyQoaFg5Q9bLSnU6BJ6DASEuGdlNLWzASuT7kG2nCC9eMhp5lRH_PfWI2k4I_RBqUS0xbxPY2cxvKPCL
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame E30C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL6ENGmg1_2jhCacSxgHXsk&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL6ENGmg1_2jhCacSxgHXsk&google_hm=YuDB42scgN9aRkmS8KfOggAAEbIAAAAB&google_nid=index&google_push=AehlK4AwJ7TTQQaqWARPSErTKI_ZtNWndHpui...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL6ENGmg1_2jhCacSxgHXsk&google_hm=YuDB42scgN9aRkmS8KfOggAAEbIAAAAB&google_nid=index&google_push=AehlK4AwJ7TTQQaqWARPSErTKI_ZtNWndHpuiWg9C8CwqKf1K5YRCPA0zFPjrW6jz_5P17qL8vaqdHGVrFNaH2WZLysv-PSIQtzi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNzEKGXByva9Idb%2B1IFuBdk3qDIDq3wgIpe%2F9YVgnxrr1TVTehnqugoYRYjk8mrx6mtsE%2FmB1hmhla0D6akI%2F%2BTyaNwlrCx5pTYXN8QG5YdinnALrqwN7tUCzCgGAmgXHaF56Qzw5jlSqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEL6ENGmg1_2jhCacSxgHXsk&google_hm=YuDB42scgN9aRkmS8KfOggAAEbIAAAAB&google_nid=index&google_push=AehlK4AwJ7TTQQaqWARPSErTKI_ZtNWndHpuiWg9C8CwqKf1K5YRCPA0zFPjrW6jz_5P17qL8vaqdHGVrFNaH2WZLysv-PSIQtzi
cache-control
no-cache
cf-ray
7312b3784b997529-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame E30C
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKSIreY_HmK8yyszpWMQj7J4tTYEKwxQf6AzbKxeZqnVLP_WG1BxwEas8ZMhcdF3ViEhKV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:09 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AF6
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BC2vT48HgYsXbNZiugAe324eAAwAAAAA4AeAEAg&bg=!MTKlMnbNAAacadVKvGk7ACkAdvg8WjAH1OjT7pfu15KKYtHgiXtnOkK0fxyxY3P9zfJNgCc078qW9AIAAAGhUgAAAAJoAQcKALba9l5dg9UShQLjxyod1FYSjqkgLWqpYpRQN0usplFugPhmsCnPBoqi0BvtHlNfI-kKJk1LiMExg4MLwVMaPndEN77cnywgOm26IwY9GYFYysJenObgRrKCDywJn0knGm5cLmdeE5luoQ6IKHtIctjdS6Ihj46iYc2Js5ge0gDvn8BrYNMs2LNJv7T-rU03sZvNJgLAqtM8oPBw0DxLktTvprRhq5h7G8Qcw5Rt_nWrmlXN5l7I9ZkC1tDlkPlxCUP-8UlpRxfI3GR0k703yYNo5edrKwqarnvkB69nY2prQF8Gbs0EyMoZeGcr7RRKAeytNL2Jt5KUArwFkOPTm8wOVK4PtKAfUxDDWqZZWokRZcNbtp2henj8v0D3pLLD2yoS9zd_E0HBktN9vZV4vIJ71z-OsMi9rJlhmKMfp2P0rNcgznX3JosDWEseQZbGH5JJJqmhHCYX343iD8VV_LcfiXqYXcDp5vd4G3U5P97kmLueJyGA5ff9YLcofm2_jlUvxi0NNoinmdwrbpP-nUtOyGPSoPUZ8u182NMat-azEPxHISmP2rr-Fza1ct9j0QntjTmrhPz1ggeowpwWOZqpWh2R8PL89hFgxtHvdaYSI-ADNtaCXS-9kM2vp54fMfKX7pysj8zu215sBTAZXwHG15ZlJ6NttkGsHB3xM-crTlff79_TYWYEgQ-ZOXx6-MNPvP_V7Vi55YuFw4G0PdRLL46N7RIhRobv1nDK80dIcGtyYcYmmkHzud3vMxWHSKPFoVKOD-Zb40QgED5BJtpJaGchkZBdrdqzuLmqX7N8tO_SZfGOX8QzNdHGhhYFCIGjoaZAdyGOEK3KiHophUhBffupmJp4aCLx21QiwYLR9zyRh6Sh8rfey_kfMyUg5jyrehbEUaFwjgxPotAdPkDTSGOCacBXkoGsvajxOF7SdRK-h8UaHaVqD2PTX8dGEX-gje37l-aVEJ-ZC67ld2k4_X3_UmlPoXE8NF3U8Ljvt4gJ0EORL1W_-R5tl23nqZZP5L0HDf2rgXpL0GtydMGB1GzIynBo6BjwVe77_653TvBg7sQQFZKd-TT3eKwbDPzsrLXjTkFanQI-4309TLju6iW6RirlWzBmzFzrJ1nKJAzWK0Q33ABLNx0JrCDVJKZBLcx91f0O-onXNj7b6qU5r3IDm8talOs2IjqZIGT_HTIuGbmphJAYMaVQieK8Sg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 38AC
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEKODifdfNsxGvYu3DGYLsdPWmajBhraBOZxhus53jbyGGXfdUNJkejfOzNPbmNO1MgKjbvj6G4LueMPHTXtiDkFP96fb9pUzyNqDSIL9yMyKgjQSwq3xx0j8h6rVlL8k85VXiIKjdioqxCJ2p8t9IV3SE_3RFy0Q&sig=Cg0ArKJSzO82dfBVNA9cEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&vt=11&dtpt=222&dett=2&cstd=0&cisv=r20220725.84206&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.336230191;dc_ver=90.265;sz=728x90;u_sd=1;dc_adk=608880710;ord=34esyt;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34Qh48HgYqeKINXjx_AP6vmawAbkwri1aun63dahEM_mor3AARABIKzk9ghgu4aAgNAKoAH4r_7LAsgBCakCGtRpkDsztD6oAwHIA5sEqgTtAU_QUN6JJwfPvsl90NSlxp0u1jvxFTtyYbR5t7sCsRbs36XCfEWkjK_H8CW3UCwk0GYq1_AwQdi78L0NvHXsPIOmcVhqY_iz6Xg26LeMVBQ-Z7o2rHqFrgeBowj5yW7o_C4TojqgtEiwfpMYn6afpMp6qNiWuN-dvD7RHAtdwAy-PhbG1iXaOVLu9udtaRBWf9lr_zaC9iXi13m8CSMk2yr3nsedfJH-66z5eE0FMBUnsfO-65P1PsUNo1cj2qJVXK7yszjaKpHG-d1OZh-DB-y7BBG2rez710yE5hgWvAurtvAYmy--_K5XeHJjM8AEsImr2tYD4AQDkAYBoAZNgAfwz4G0AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAYAMAbATh6rzD9ATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ%26sig%3DAOD64_1QX5-xozXVTowk83Hq9K4-i1YSGw%26client%3Dca-pub-4577254435597104%26dbm_c%3DAKAmf-DNMVZoi3Fr_IAx8crXpQCaWY42PZ7TEy2qKmW1uCMLiSfme4GqW3ksrR0rKKIM6GOaH8J9f4zT3rR8XaeHk1YVXNSKsbrbHZtIEKo-TZxT7mX7lUKxfAvazYEujywoK9o3b9ixtFEmQxc3b-33gE1zFXEF5g%26cry%3D1%26dbm_d%3DAKAmf-D5Sdcqjj1kv6rs-05vEw4MeCuo634rNVk4dRYyNL3yycwWYev6HtogEs81quEQRQrT0eRbGt2MxvWjQyWfSyPNYrcDVuwE1Y9CqepnHikZ08kfCGr5p-fIkpcP-3akWuPuDb51AtjQr8PuE0Q0cB2xslvcPZIt03uQ1DwDLnZmTrURzMJ97iEZ_BeDnDqJ4Pu9Q_VvzchreNsYii3Ykd6XoIUlvcGc_-inNkLMfnZQY49Jzah_GykaG-qacnm_F-o7MVb7BZvXvyKXwvg_VpH6VjoeEvXfs6h43h1c0NItC7cWfLyjuNjgmqmdBO1Qd16hlsx9Q0HA7dm-2H2Jv42dK83hJ0S4S4XPe3ApdYv-9QxGhc4wubfbkmknHOVBEUWrZOX26KPoo0g4K7mWOZjXV6EDZuRUkwo6OeND7HlKymqJz6sGBM8wB-NrdsAJruvyDpD8C0qfDthpR76vVNDhngqU53qA11M6mSiSqXeahxna9W0%26adurl%3D;dc_rfl=2,http%3A%2F%2Fzdorovia.com.ua$2,http%3A%2F%2Fzdorovia.com.ua%2F$0;xdt=1;crlt=MyHpl9n.n0;stc=1;sttr=151;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 27 Jul 2022 04:41:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/pagead/ Frame 77B8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220725&jk=2071546987259796&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sca.17.5.12.js
static.adsafeprotected.com/ Frame 4D7A
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
6206796
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
jVV25gwKOxt-_f6ZFwKKNZYHO48MLv75_JizMTcjq2UBK8VLNuAFjQ==
mon
pixel.adsafeprotected.com/ Frame 38AC
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=52321546355&placementId=424694235&dealId=549644393847897261&adsafe_par&impId=ABAjH0jckQt4xLYtcR3q26IJWiKt&bidurl=http://zdorovia.com.ua/&adsafe_url=http%3A%2F%2Fzdorovia.com.ua&adsafe_type=g&adsafe_url=http%3A%2F%2Fzdorovia.com.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4577254435597104%26output%3Dhtml%26h%3D90%26slotname%3D7553037928%26adk%3D3481491427%26adf%3D3279755405%26pi%3Dt.ma~as.7553037928%26w%3D728%26lmt%3D1658896867%26psa%3D0%26format%3D728x90%26url%3Dhttp%253A%252F%252Fzdorovia.com.ua%252F%26ea%3D0%26wgl%3D1%26dt%3D1658896867117%26bpp%3D4%26bdt%3D409%26idt%3D273%26shv%3Dr20220725%26mjsv%3Dm202207190101%26ptt%3D9%26saldr%3Daa%26correlator%3D4550118251236%26frm%3D23%26ife%3D5%26pv%3D2%26ga_vid%3D128748108.1658896866%26ga_sid%3D1658896866%26ga_hid%3D1143662830%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D542%26ady%3D61%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D3879291087%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C44763506%252C44769950%252C42531605%26oid%3D2%26pvsid%3D4094496418611775%26tmod%3D959607230%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.63jf67lsnky5%26fsb%3D1%26dtd%3D288&adsafe_type=d&adsafe_jsinfo=,id:f746c997-48fb-5063-211f-12458ed950f9,c:jxvzW1,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-88cbdf49d-ppbk9,rg:ie,pt:1-5-15,mu:10000,br:c,an:n,oam:0,scm:publ1.grpm1,mtim:155,mot:0,app:0,maw:0,fm:tcL8cFe+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:182,oid:54dbce3a-0d66-11ed-aac0-9ee832ecaf4e,v:19.8.333,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.145.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-145-3.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame 057B
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 19:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 19:20:20 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A9CE
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 27 Jul 2022 04:41:09 GMT
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvzWl,pingTime:-2.1,time:1044,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:47%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1044,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1038~0%5D,as:%5B1038~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:214,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.f746c997-48fb-5063-211f-12458ed950f9.31_10933%7C192*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:149,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 0579
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?tyGAKQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvzWA,pingTime:0,time:216,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:181%7D,%7Bpiv:100,vs:i,t:215%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:216,o:0,n:215,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:181,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcL8cFe+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvzWB,pingTime:-3,time:217,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:181%7D,%7Bpiv:100,vs:i,t:215%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:217,o:0,n:215,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:181,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcL8cFe+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvzWC,pingTime:-6,time:218,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:218,o:0,n:215,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:181,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~100%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcL8cFe+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:zdorovia.com.ua%2Czdorovia.com.ua&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvzX0,pingTime:-2,time:242,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1614,beZ:1615,mfA:1768,cmA:1770,inA:1770,inZ:1774,prA:1774,prZ:1789,si:1796,poA:1796,poZ:1809,cmZ:1809,mfZ:1809,loA:1832,loZ:1837,ltA:1855,ltZ:1855,mdA:1615,mdZ:1698%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:728.90,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:181%7D,%7Bpiv:100,vs:i,t:215%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:242,o:0,n:215,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:181,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B27~100%5D,as:%5B27~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.8aa3631c-6fde-7688-41c7-ce90555ff63f.24_1043867-63145716%7C192*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:58,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=3279755405&pi=t.ma~as.7553037928&w=728&lmt=1658896867&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1658896867117&bpp=4&bdt=409&idt=273&shv=r20220725&mjsv=m202207190101&ptt=9&saldr=aa&correlator=4550118251236&frm=23&ife=5&pv=2&ga_vid=128748108.1658896866&ga_sid=1658896866&ga_hid=1143662830&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44769950%2C42531605&oid=2&pvsid=4094496418611775&tmod=959607230&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.63jf67lsnky5&fsb=1&dtd=288
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame 5035
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 19:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 19:20:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E8C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
33541
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 26 Jul 2022 19:22:08 GMT
expires
Wed, 26 Jul 2023 19:22:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 29EA
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6f44e0d477c5272c6363d6da77b9825b5eb91ce73fb4f6c2a291619aeb7d01b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_mNvWTzY7ew_pDxTbdidYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-_mNvWTzY7ew_pDxTbdidYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 27 Jul 2022 04:41:09 GMT
expires
Wed, 27 Jul 2022 04:41:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 29EA
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220725&jk=3008588414355440&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame 1E8C
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 19:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
33649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Jul 2023 19:20:20 GMT
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvzZ7,time:1215,type:e,im:%7Bpci:%7Btdr:1028%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1209~0%5D,as:%5B1209~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:117,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.f746c997-48fb-5063-211f-12458ed950f9.31_10933%7C192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 057B
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?atLtCw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5035
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxWJ25MHgYtjuL9ON7_UP1PG7sAQAAAAAOAHgBAI&bg=!KCulK2_NAAacadVKvGk7ACkAdvg8Wtte-igo-VcSGsb0cELW5LEeqonFxT14jYdXpU9_UVRndvyqVgIAAACdUgAAAAJoAQeZAupzcWf4efxULpvqERq-OmFbptQCG-f9PKAktkzJ1E5xcetoHazVHuIQSbKMDVsqfbgRFa_DlfGKofxDCDogZ5p7K7T4vBQXrIcRZq8tjI205rqUnCre2pFOcR8e5zE6XUrrhySoSI3X9moJIeNCg7-gC6WJvg2rXcmG9xlZxRMOYzpwUhjLcUGQFBGu1-QCLAWSAYa5j8SsV1PIF20waSu1SNhq2ftaQm3MqIp6v2gOi6H-3sQWdmy8v5ONkS6b1TPxufDoahnwX4DRJ1mHGotwRO2M827SgC2jNhQl-VWhAyuukjy38cAgZTAsNjgPt_ziXn5PqNE34-tyMLOaA5-FQObcB093UDIX-S2_KKhpHc_-Q8GLeGzmTw_GqY0av07REw39RJipeR73Mbix4hYvmu7-pdFTCVz0_PkSaHM4mF0Bm21w-0R0-0D-hWC-h-UvUAdlk0Nn3XhBXQhjjiHaBddSt2Nu8O2OkUZaBD_yzkwTsCwOwT4lhy7E6K4lMd_A68bSoKLxaNRHn1xWOAK0MbqtlkOb1XICMopnPiqS7Ly00CA5m_85Sf6Q24MN2ZtR0YMN8bZJATfggkfV2cxB6Oi6RFKeuQMoC2O3i0cwqdXJ5_pBS4LMKtjJZCOk7iQXX06PxlN36N38XWGJ_2Rjxwwe4wpcA3Inv0S6z2AFr4sgSRvycZ_guZXibWSp83uswqJgFLRva6zkzwfNHU0pKVVUKeuH4bOpm23eqEzE3RVBvrghWE9XnNrA1dSxahZa1_5R_q_wbZo_0OZUCUvtoa1qvnS5ym_v8pGeHiQEN852Lk64LYeOo_05Xf9WBihKEJGpGbMVVV_LA1PYNEjwTo5a3u8vPvWspcUrgkEpJu08o643qQetQyZXbEpQshWSfT8oBV5sgqtBRzpO7a_B7QNujPsGIuaOMzi158DJvzFtrFLoH-BeHLeV173mFHwDasKWKODn8wJLg-OvWfu9twIQ7FkHQ-tgCA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 1E8C
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?WDCgIA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 04:41:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvA27,pingTime:-10,time:559,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1658896869579%7C%7Cf4e849f6e032b9d8e8f510fe6b2d3d23%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C77798f4fb964b58f414c18b53feaceed%7C%7C0d69c1bfcb3b22b42790919c2fd254a9%7C%7Cc0257e38b3702590ac87d7706cc0e5eb%7C%7C16dff60f2b58816d814594017ac1980e%7C%7C3b69452d6d06b8872a8caf9b66538872%7C%7C1629390669%7D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 557C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220725&jk=4094496418611775&bg=!HxylHFjNAAacadVKvGk7ACkAdvg8WhUr8Lo7BB3hDj41NLztgiUpa7hHxDItw3l3oZj6N7BiBr4YPQIAAAHrUgAAAAJoAQcKAPPz58wpX7OGBf5B3XKwu9men_CbQwEsu89YMQxYS_Ont87zXw2dyPaPfwDearSpZkKY_Gclatzi5VcYUIWwLxSwDEwwDkmt4hDsgxIs2MKmvNw5ToV5NcxlFwxJk7HPufjLH8oGKVTRR7vnLfE4YHbupqXlUpxMlbZJGZJLaZNLkzIxSc7zPCSmG7Hn1toCaXu7QD2Z86URo3C0MA9LabWhwBMh7YRtJNAMAaO4duP-q9tqNmAyKAnPtm4iTstdw-F4g_pkUqPsV52me0nOZpPnAKIvrW6pDE2jzPrYp8L9IXJNItvUHUZnwTUCFgVSqnAtzBWZAqUTCcOr24pQcJBYbPSEGQPzMOcavTtihMWOjKsDRc-KUif7HrFZenlku8edRWhYtbkVzwYCNEdtu9CRT6inQ8R3PMONAYw-icI5f-OQlnS6hKt1RmEgGKZ7HQuxZyzS0xBCFkuQOWzO_exuDuQm4u9Mc3aAarnrNoCrMkdnTBEpx3K4PpUPuYEGxAoHbUgeamL4mRCE1w5DAGAalT7OFRcSN0jbvq1-aDljFxVv9b44H7dPh3QgGb5DQc_xtV_Up4aDEIhGRIV6puyG7X0nf0sKoKMQiKGZ4jlHSXobjbBBbfhQEwZeCz_aJmZgCSmaC2Oy8O_QsFo2py0oCARd_SoQSrNRWNmnwKsGsfv-1KkFRVdEA0zhwNwFp8FJPP7N0EkwEv8NJ_MRnagsnzmmSr51XrkR0ZuEiDfQ2RZ9ti3wf-pokVDhj_0yMiNNC-Df7MQ7bngnbj49UNBUcBGW936It67cOh6Zkrj2JVUQOjHJ1X3bRYmKqyJx9_uLrLrGdhW_-4xoud3RisJI1AJENtMwHqmY8Eafu2HXYKZBKH8_AyQYUYJPJiGlgsyf6AkGOtTygif0tMW1fc5W8VdbargUXSzDcxmvcKdnamEx5LjvHLxv4wqM3zwLsW1_1fibP2s5BXiRqKIgZd3pOpPiX38hGpOJAWJa1a9kaUULg6RPcU2h1QYP8zJqeWaC99A0-YLFlupWKJ_bwfPkI1w_3x21RfWdHe8TZI6BAQuBlU7B1VVIepNLoPz-TX0cBBcGOPl8sTd4COi8AsnKXLiFFMkHhK4yd7VgX19HAR4HdU2xJXA6mlKc_KLeDKRvMO3CHjvYo4_-JqrlC_015Hlh4UZzZLYELP_IT1i1JUeOcZqXd6HUEYIu5crQaEzXo2VJSa9gH4FSfA
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 79F8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3TsFEyWI3FD3ZCRUqHGOvaJDs9yHLFg-iuRoaig3fXyjs7Kz0gx6SsJMpauWCq9RWI7wXxuWUGHij3YRdNRiK1arGTJ0OV2wQsTOfVWq5JTOcfEPEdOJOldZvxskWVksK-gqofW7X7VyeqxgGFmEyO8pl6j6rp_68v9XzZmsqu5Z8jJyhaZPI8-fT_i8_AgE6kzTflq3Nn1JlN-Y5YnDeaBEU9Tp5QuntQN1mQrfqfavxbmFGkUjkge14UO3nApATSekQjbpD4BU05_8YTSMX47IgDBn8GQ9T0WJ27AoM3B94_BIxoRc_-BTK7ILQbU7qBm_kPUfJfWATLKBmwudEaJWhf8lVa8KTA8Zbi47V8OG3vOF8BUylUBpXnVyPjwodIKkD4DEkAYmvsH3r9XQR42NgO_aPGiPplti_abjWBCMae_HELpHpWhkjkjpu4OTZ26-4JwPXQypeNutQREipKANMDjqbW5i9TnSQ-fZ3Kv9VCyjxKIvdb54ZS66G_yW0Hx0HAX129h4esnkP00fYhWyVz3eAY5avLMZo-mWgHjDZH-hY7LuLFt0AswW6fDTb2690y61ZlPa5z1Vcvuz5BMDJUMvrhnbxX0sAQwZUhVvz10MR6mWSMKSx-_TG5UcusnLGPHUDrpsOu5t5GF8_UeQD3d_DrXB_fBwEA3rYzWZAEbbOw5eDQeUSufxrqqjRMKcwK-zY16rqVyF0FafvtxHKoMhvayVkdyRNu3zy6DRk1XIpKwDVRmXr6VOh2Szl_wkEkg8QRmR_Vr7zuY2UlOR4kdQD0tg0YK6u3KnB1OdFq19ZL6xTWoXvG9m7jVPJNilAAdces1fpG1Pb9MpTkMBDVtHHU5oM9Zt19SxwLsXDQiRd_FRgHHhAAZCxbhEsQtawq19GmDk69y-IK4qAwA9k7A33AyFW5CcbdsVKfK3lxSLxhJtmTzr8j-0hDSf8BVG4-v2xyqtyjtTDzeLO7sJaaUGTFyLPYQ1nqdAeik8Y9PRXSZVNgPmDB6Ht2zWulHxvK2oJ3deSXcwHdPXKxfvAWUl-tFRr_S1kINKyrXWRg_Sif9XZhrbqZGlIqaupEyylNMegKjX1TclO00EkJ8x-Ff60VVDXhyYCi2_iQy2USxZJlPtJhAcB1qULsSm9H2Nft2Fr6_iNlJFJfQMJuadkbC-6PFjwwe_ZO181yFch2UTKn2clhMd9D4DOMkQnLzBTdWXsPsFb2atDfggZgSeh7gXQ1pIVSJJQuJkqewl-0EhQSYngY9Pbc8tFH5w3iIyUm_XtoZP2QKLlga3XtMP6fgvbOB-KtIuaNDN36Eiuwf3SDpWGsoQvK73FgPEkIEeE-o-Ysd7hLb-ztKV-5J21QB4DZCCroVGo7piKByw&sai=AMfl-YQaLTpI6K9ZrLvrl6VEy3nqFT-M6JEHd89YyciEKZM5P8qDmylZOxJGOX_YeY7CU_Msmu0FI_DuywiKYYIUoGjySkk47dYMh5dFMNcNa8XKzWl9XiDZRccO&sig=Cg0ArKJSzMVBYZcPD_KXEAE&cid=CAASF-Roy1K0cjAbV1DE3T3xyBadAFfwKSSJ&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1974494150&rs=2&la=0&cr=0&vs=4&r=v&rst=1658896867511&rpt=1213&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EE55
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1e5DLsoe2Qiml10eH4iYypro17zMKIl0QR8ixqkeHmWNjY_YiMOyp68NkwXugwFax3qJgE1kdtRLp2hez0Vz1AAhepvTnmW4FSqOB7r6ViOmPCwXwgn5chgDDwJuoZOorB4gfMWcDNF31KXmLuYmhyt3Y9_ZJ4YSate6aUEOTDE9oYy3F7VvF-onC2FnktFoQ0O3ig8MFdoBhOSDp39yTtZBxN81b2MBbv6ygzrhlfBPCLPUsspqa3GPlCUIsALDDz_VcsPU4Tfo6cqt9Tsr5pmrZR_nusfwxuvxUq8te2nzFe2uQkNlzij0uLyAWoZJPpojNXS6d7LThfJs13gy_uZ0Z8ZkWaijaNFqVHX_4UkwkjBPN0Bfd4PFBpGSiB2fyz_FLmLi_HOD-tNelcLrdBqC40mNIkwylsSBlgAGLBbArY-O1XObvnuuEEUoRB0YkYBl8bzbj1J8R1vJX8zIWLKuGe9uyfVugxG2wHVPIV05E9es_gMbCadN_3CtuP-TjX4UomLw8qoIQ83_PdGGxIFvsrsEJWHHJu6KsgAtIY1525yn8tiG8yqrS3bu4Z6xQY8siaBtcqIr-RKh5farTrmqSn-FXriiTO77Edgu9xw31TMNbdvD_4skiFUn0pAwlXIYalDJoEQHXgMbLsX7_HkbNzBEcmSePycrr7eu6eJj8RTM9sgTvlGPFYY5IbCwX26yAWMUkJz7a99_MjI5wY83wAuPkiHhisu2Q87kmJRhcfwQZkSiIoGwC_wSZeNwuNA9lOhxAnpCjOkfIbTnBJhiJnWGCX3Nx-rUi-87g_TaFas37XutGCuGxyzArv5AVgpE7UwYbJlE5-KKaVc37EPo6cUopNjFlxeSAORTuEKon7W1VB2SXZ-XmuuzZzAKlYG-5pbtoXKCwsNNd3nUIyzO-sXh8kbaRGw93wOT6aVUFpt648-YQzjOtJyLnr8jkJB9d30duPvp2zfR1CGybLFN5y0dyGH4zWiSwQj20orWGy_xxkAET-0u8_t5497eo8LWvdq6KSILQqbiRrzuyW-S5W8hkicFm9kID-OhjgY_I0YNWW8tUB0DCB9myl1DNBhuMUmOdj7O3ux2r2K9pLOt9yUbVrV-D3DkbnUIiekOxevvTaI3Rw5r0BUN3Ay_gkaHonb-ggbi3dC9NIYZn9FabAqkFYzm0ZUgVnRzH2rOU7itOFaS4_iaUa4ZSd2XHNLzIHHGAxCXuDgwzExTgBt2q4tfXLDJWC6OHXS9WJ1ub5ERAgImAQjqNmk5aB9odNcw-zpmAcna3029RanEModgftEwBHsFNueHKKobzCIlfGe2vujHJsGHGN47VkEfHsBpWw2vDFs8t0ujceYwulX_jtR5h8Ni0jQ-PdRyYxEs&sai=AMfl-YRbTD82sfnXRu5t5ZJO7T7wozN45ECUPK9cjixiZTjYiGDrh82vD2OgAyoxw5vSIypl8gay7nhwIy7IiwF-vQjO5hkwmKPtdL3qTLnT0aThNvIsDjTnc6cF&sig=Cg0ArKJSzNgt4Ks5v4TREAE&cid=CAASF-RofJYtGbd0_f-fMOz7a7O4zxjxbpaX&id=lidar2&mcvt=1006&p=0,0,600,160&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1620915178&rs=2&la=0&cr=0&vs=4&r=v&rst=1658896867489&rpt=682&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EEE1
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220725&jk=148654356446242&bg=!ammlaS3NAAacadVKvGk7ACkAdvg8WiOVyO_862pzPZX3a-np4cw5nGNQYHF29Z_SR_iqEELMr7b1RQIAAAFgUgAAAANoAQeZAth6tCsXCagUyLSP0UHyjaADvimECgIY1_kSh3bNg4acvhtxBQqALhVfN6qyxEYkWdeXDpMlA80bSpgkO-Ow201qDYrJ22IYV3QFOBj1aAJLC56k9_qiNTC8KsYa8rOKNHFuS7f042t90YMqb-GeojbkGZCcDrO8PI7gplNHnnwWUX84z2TsZm8lfwnBuQOXXM6Vt81k9Rps7dqepirBhkGe-ZI63ff4C6E6ZVC6w7Ak4sZb0253eL8BZHdlgG7ab4MRniigCPafpDpxGgGSpjstlmB5U13LUocSVUYU9m0hQOA54X4ZrtfAaUqu-g9lQAEp4RjTW-9HtBUdzTOCPxKM8V6v9akdr3xQnQaoIGCyyZG6-YL155LjpaaL6VDdAGNFaTFqw-dRao6G7UMI84koeAteX4y2Tvp7Tds3yZda2iAdnreKU59v6QXAvY-x9QnBgtsKVRHPT1928SWXeCG687k_CBrUd_iJPkqyzXnkZDtyxUe3mQlem-QtD0Ywni88O05Z0aZrUcp02QQL7S8LUwKSQDltvQp55FGYL8v1pszp9et-YZPovrQkeMvn3Xst7_Ems8ZqVoT8mqIAIa7VXALk_51Lxm6y8Bnr8uBVYbiolnDlJtkKGZE60Af-VYQDCyke93EuJfi_TbgR0z8Y9P533LvVOvv7i-3rUtE80uThy8MN5Ybl1VMrGfXHDyTM2n-DTR38UvDgKYXo1QyiJZuo7_N47ntQqjBfqKu8KnCB6UFThIG7oNmh4WmnFKL6ww2k5JJkt7Ts9og0o1hc-nAlNq6-qd-QmGcQh0woD3XNBY0IrXipLH24Y9FY2Kvup5j2qW2j_FT3dG1zZdVAzYFKfutTRHTbl5N4HhOyrdjb5YGuJgXN_cI2GqDk3gcahu98mD-NC-0sv8xntrjkIOsoh4QmicalhQMt-Yybc97ukXMQo2KAzgVUL_Ygn3op4bnYQu55Yw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 674B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220725&jk=2071546987259796&bg=!r6ylrOjNAAacadVKvGk7ACkAdvg8WlbvPAYq-wdzzLNOLPfYY0SyvVw5Gyl8poyvE34KNEbpLN-L0wIAAACYUgAAAAloAQeZArzqEheSHw_apEDMiTbdgi1RZedht-XC2nueAZ9ox1JrV-Yl9s9VZBq3Q1A7MsOrDLSOLbmo8lvw9isGEoVqk7OWqnQgN36LjQCAP7a3joXtkNgaannrDJpywAtH-9nqdgWp70i0PhJ3HTCf3yjkQc26P7IRVtZJCxj26I9sW0oHqajoggnOqEAkFIa0Sf5Eg9Q6tDcOyWZAfK7mMLeaxLaLT4KjWlY-owwoviWHALyO5CG4cMFi_rt-fpXkTUZjirj7zMXVWp98R-z_hVFGQJTu6f7rhA-LWIPVd53yO2cWkNWnTLWHJhCX5Si0Rv7j6QpA3tCzlQD_m8f5FXg2OW5guiyadQgEHipG7n0rKJLPEPFz-MBS6CyU2E_44auOOE0hbSgFTykV9567BZbuki6IMqnastz-rnAwczSeke5dGT2b51q-DFKiyurht2DYmWeOFHNj-2E5KDADK5wlh9LhUqIr1C8Zfnvpv4IbXOPXwW7ydA72JLn2K5qyR4B0qTRGU9iEMLd8RgcjCLbD06hOuwv-VKf7VdPUuoa6ZHxlZaLCxLYIJw7czj6WgtmMxrYDGPR-spOmzo1vU9YGHGnWRDCGi245P0IQ6SN5Yw1Y-520W4zOfZcoWgErh3_hfS-kDFA8sfomCmyzi8SFtdHJ_PaNCAVBbWUJl6HT18WSU9PV9VhYughT1jmupw33Fg-3O748ftxAU0Yb7caDHptN4IhENGTp9qNAdu0hxL0CGj48fWtiSgtFB5Oa31PSy-uxeXWThBjxbWQPcUuur48yVrn4YGgw04JhSRCO2v2yvRZkzW2fL-h8A8uFThrm-ACMIlrjPImWtcpcXZHWdkhvZ2_8KZv7j4ml6QT9xBFTcoLIraPIq_uPP82I4fM0i7pu_tYh_VZYv-YZQ3Kqijm3Kl8aS6taDhbAQVov
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame A9CE
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220725&jk=3008588414355440&bg=!v7ylvPjNAAacadVKvGk7ACkAdvg8Wm_fwQyDscPKYHyQ0eeGb-E8G5Ez1Ocl9DelheAVWiex8QUN3gIAAABrUgAAAAJoAQeZAtYvHN5zvX6-GWlNi6QubzSnYXg9B9v53XYrtKnPUVb3Nl1GVvZ1Q16rFb0LHLx8Ckct8pIJW5kfq77mVUeAn06fNwXhe6OGfJzXTt7PjFHTI-dU7ohSQ2L4t62pMh8rIKk2OgJDdNZjfsWjZDKUkH8hGaOIvf5NwXFbY2CXhKWBbveqdXH_7G2uBdZpnrQg-qGz4uf8FkzRQ7b4qoMfPteHG-nyqhmxzGw3Xv9_mI0deidK8OelpygxnYq0-XVq3qfZROqya1dxGyrLlR___r46umSbt60QpFPIgfEF23vdC4xT88wdnuPwiZhAZGiNaQjVcfupc8_vuZBHOsguc-4ththrIRy0P_mef4EgH4ZpIhpHHADSo_WX2DVB4Fni2E-qyDlKku-d9v4j2Iahv75A62W3nh0Cp7LLNQRNX_TWY_ti5zmcIWes51k_ekvY-VaKKWxo8hv0z5BM2aarcGg1js5Ct3cRMCiCgu9u9vWFzBNE_T9N9zMr-G6F5TXETf47g8WgJ83AknHuVYDn5TB5qD2_vO9R8pVmZmVl9RKa291OPlZY5jAeDWL5lKARVQg2tV2z-C0DwLI2J4gwwepK5IxMwpeel35yRvv8BJYWkzoKgOe-yKqvnu1R0Kh762ps_xZC4aC-20NwdwwBM6aoby_ZyyZJxgnYWxHvB8cTkkHr35CSyCTggw9ECmCs9UnIHSzUtBkoBfZH0bihyZ-CsUkByVpn-JSYLBCwbta9uZZrdzMfGv_fKmKOfxyfjZPL8iMCln27YwwciYMmsyBCSHCJ3-ijCpfjUtPCioCBHRjLU9abbdxxV8Dxyp5wzuOYjyRtwn2vOsf_ZIl4-C0GxxnR-GxeHMSPPVo05P07xjBJWic_64HCCJyL5-wSho8eHz7cc08HmhfZi7t-nF2U7_Ar-fK-zMkAwB0Q2FiWzVz22sbi_pZkGjI9vm6Op7laQGHIuDE
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 38AC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOreut0ws24lhW18vUZ5qSoICMne6V6IJRlOM5zSbO0MBSUvmtvq2PMHjwS_v9IblZZQ_0ZLXH_Mw6vOBTGL-d6ntMdd9FwA&sig=Cg0ArKJSzDQyQvk9fOc1EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=608880710&rs=6&la=0&cr=0&vs=4&r=v&rst=1658896867406&rpt=1756&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 38AC
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpuIc9ibGAV9ndHM36-_oiA_JuHW9zkiAY8h-OmY80cHxKEursDAp_D1YmkdTpJ8YQpqUox0bED9tvMtm9cieHPcgghDBoyeujzzhqu9sfCDOHf4Z22IaTPsGRM9L83LdfPbDPc4ciqNPm&sai=AMfl-YT2ynKouVGMrlv2lnbGtjixw4iXFMt-Gtv5obVE4CWXFQRAwA29ttgZOmCYLnQC0y36cXMy1YAWCw5PCbjNVr4PCRU0XjS8_7vB7k0&sig=Cg0ArKJSzC_1iN947iEmEAE&cid=CAASFeRodB5mvPWEZwMeZsXUUvWwInW8TQ&id=lidar2&mcvt=1003&p=0,0,94,728&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=3481491427&rs=2&la=0&cr=0&vs=4&r=v&rst=1658896867406&rpt=1752&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvAeg,pingTime:1,time:1312,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:181%7D,%7Bpiv:100,vs:i,t:215%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1312,o:0,n:215,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:181,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1097~100%5D,as:%5B1097~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:121,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.8aa3631c-6fde-7688-41c7-ce90555ff63f.24_1043867-63145716%7C192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:10 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvAeh,pingTime:1,time:1313,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:181%7D,%7Bpiv:100,vs:i,t:215%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1313,o:0,n:215,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:181,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1098~100%5D,as:%5B1098~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:121,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.8aa3631c-6fde-7688-41c7-ce90555ff63f.24_1043867-63145716%7C192*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:10 GMT
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvAeh,pingTime:1,time:1313,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:181%7D,%7Bpiv:100,vs:i,t:215%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1313,o:0,n:215,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:181,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1098~100%5D,as:%5B1098~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:121,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.8aa3631c-6fde-7688-41c7-ce90555ff63f.24_1043867-63145716%7C192*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:10 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 55BA
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5321987192594941898
0
406 B
Document
General
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5321987192594941898
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Wed, 27 Jul 2022 04:41:10 GMT
Etag
05abca02bb8f92fe
Server
VertaMedia 1.0

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 27 Jul 2022 04:41:10 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=5321987192594941898
server
nginx
csync
sync.adtelligent.com/ Frame 783C
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05abca02bb8f92fe
0
387 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05abca02bb8f92fe
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 27 Jul 2022 04:41:10 GMT
Server
VertaMedia 1.0
Etag
909b26b72718bd03
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=05abca02bb8f92fe
Date
Wed, 27 Jul 2022 04:41:10 GMT
Server
VertaMedia 1.0
Etag
05abca02bb8f92fe
Content-Length
0
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvAsS,pingTime:1,time:3060,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:47%7D,%7Bpiv:100,vs:i,r:,t:2059%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2059,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2053~0,0~100%5D,as:%5B2053~728.90%5D%7D%7D,%7Bsl:i,t:2059,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:110,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.f746c997-48fb-5063-211f-12458ed950f9.31_10933%7C192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:11 GMT
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvAsS,pingTime:1,time:3060,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:47%7D,%7Bpiv:100,vs:i,r:,t:2059%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2059,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2053~0,0~100%5D,as:%5B2053~728.90%5D%7D%7D,%7Bsl:i,t:2059,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:110,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.f746c997-48fb-5063-211f-12458ed950f9.31_10933%7C192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:11 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=f746c997-48fb-5063-211f-12458ed950f9&tv=%7Bc:jxvBgL,pingTime:5,time:5311,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:181%7D,%7Bpiv:100,vs:i,t:215%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5311,o:0,n:215,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:181,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:i,t:215,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5096~100%5D,as:%5B5096~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:110,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.10933%7C1921%7C1922%7C1923%7C1924%7C1925%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c321%7C1c33%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1i22%7C1i3%7C1i4%7C1j%7C1k%7C1l1%7C1l2%7C1l31%7C1l4%7C1l5%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n56%7C1n57%7C1n6%7C1n7%7C1n81%7C1n82%7C1n83%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.8aa3631c-6fde-7688-41c7-ce90555ff63f.24_1043867-63145716%7C192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:14 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvBvo,pingTime:5,time:7060,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:47%7D,%7Bpiv:100,vs:i,r:,t:2059%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:2059,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2053~0,0~100%5D,as:%5B2053~728.90%5D%7D%7D,%7Bsl:i,t:2059,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.f746c997-48fb-5063-211f-12458ed950f9.31_10933%7C192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:15 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 38AC
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1043867&asId=8aa3631c-6fde-7688-41c7-ce90555ff63f&tv=%7Bc:jxvBvr,pingTime:5,time:7063,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:47%7D,%7Bpiv:100,vs:i,r:,t:2059%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5004,o:2059,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:47,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2053~0,0~100%5D,as:%5B2053~728.90%5D%7D%7D,%7Bsl:i,t:2059,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5005~100%5D,as:%5B5005~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tcL8crE+11%7C12%7C13%7C14%7C15%7C16%7C17%7C181%7C182%7C191%7C192*.1043867-63145716%7C1921%7C193%7C194%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c4%7C1c5%7C1d%7C1e11%7C1e12%7C1e13%7C1e2%7C1e3%7C1e41%7C1e5%7C1e6%7C1e71%7C1e72%7C1e73%7C1e74%7C1e75%7C1e76%7C1e77%7C1e8%7C1f1%7C1f2%7C1f3%7C1f4%7C1f5%7C1f6%7C1f7%7C1g%7C1h%7C1i11%7C1i21%7C1j%7C1k%7C1l1%7C1l2%7C1m%7C1n1%7C1n2%7C1n3%7C1n4%7C1n51%7C1n52%7C1n53%7C1n54%7C1n55%7C1n6%7C1n7%7C1n8%7C1o1%7C1o2%7C1o3%7C1o4%7C1o5%7C1o6%7C1o7,idMap:192.f746c997-48fb-5063-211f-12458ed950f9.31_10933%7C192*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b29f:99a2:a424:4d90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:15 GMT
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
tt
a4p.adpartner.pro/ Frame 74D0
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=1&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.48764216165032614
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 27 Jul 2022 04:41:16 GMT
server
nginx
tt
a4p.adpartner.pro/ Frame 968C
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=2&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 27 Jul 2022 04:41:17 GMT
server
nginx
tt
a4p.adpartner.pro/ Frame 562E
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=10&apuid=b4d1de2c-0425-42bf-a28a-34f0c4b01fa6&session_pageview=3&session_id=e113917a-2e06-4742-bb22-74bcca382a4f&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Wed, 27 Jul 2022 04:41:18 GMT
server
nginx
6.gif
dzc-v6exp3-ds.metric.ipv6test.com/v6exp3/ Frame 5B74
35 B
583 B
Image
General
Full URL
https://dzc-v6exp3-ds.metric.ipv6test.com/v6exp3/6.gif?ipv6exp=dzc&p=p4&rnd=cclojpycvqxoa&hmac=frpiaazfjzgerexr&nonce=169914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2012 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT
6.gif
dzc-v6exp3-ds.metric.ipv6test.net/v6exp3/ Frame 5B74
35 B
583 B
Image
General
Full URL
https://dzc-v6exp3-ds.metric.ipv6test.net/v6exp3/6.gif?ipv6exp=dzc&p=p4&rnd=cclojpycvqxoa&hmac=frpiaazfjzgerexr&nonce=169914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2012 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 27 Jul 2022 04:41:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation undefined| returnExports function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| _gat object| gaGlobal object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| hb_dmx_res object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding function| html2canvas function| _open object| banner1550_89805737921554770 object| google_reactive_ads_global_state object| ap_br_img number| k object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

101 Cookies

Domain/Path Name / Value
.admixer.net/gadx Name: am-uid
Value: e824e270afb04254b83e9c15f6787f57
.admixer.net/bs Name: am-uid
Value: e824e270afb04254b83e9c15f6787f57
.zdorovia.com.ua/ Name: ngTrackID
Value: 8dab85f42dd8f997f357cc3f164fa622
.zdorovia.com.ua/ Name: PHPSESSID
Value: oq4en13n2evqsojs2puutfmaa2
zdorovia.com.ua/ Name: b
Value: b
zdorovia.com.ua/ Name:
Value: store.test
.youtube.com/ Name: YSC
Value: uZM5z1VCyZ8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: DN42axISjjM
.zdorovia.com.ua/ Name: __utma
Value: 148597372.128748108.1658896866.1658896866.1658896866.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1658896866.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1658896866
zdorovia.com.ua/ Name: session_id
Value: e113917a-2e06-4742-bb22-74bcca382a4f
zdorovia.com.ua/ Name: site_visited
Value: 1658983267.1
.admixer.net/ Name: am-uid
Value: e824e270afb04254b83e9c15f6787f57
a4p.adpartner.pro/ Name: apuid
Value: b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
a4p.adpartner.pro/ Name: apudmg
Value: 1
.yadro.ru/ Name: FTID
Value: 1YuC7Y3GUyuN1YuC7Y003NqD
.ads.go2net.com.ua/ Name: am-uid
Value: e824e270afb04254b83e9c15f6787f57
.yadro.ru/ Name: VID
Value: 0Tgr-Q0fJtuN1YuC7Y0035Ez
.doubleclick.net/ Name: IDE
Value: AHWqTUl2YGp9a1295-ej0wNRSPH5vxqsfxFRPcVnYOB3duBHm6HWUFnfcGECSXuJS-c
ads.us.e-planning.net/ Name: CT
Value: 1
.creativecdn.com/ Name: u
Value: EiGH9F70jOz48MRrZHDU
.creativecdn.com/ Name: ts
Value: 1658896866
.e-planning.net/ Name: E
Value: ABmS-bqVGTUX0usZ
.adnxs.com/ Name: uuid2
Value: 3537742351156846993
zdorovia.com.ua/ Name: lapuid
Value: b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
.zeotap.com/ Name: zc
Value: 92c0b2a3-ace6-4819-5acb-3f64edbc7f34
.yahoo.com/ Name: A3
Value: d=AQABBOPB4GICEJFt6Nkc9CPdR1HbEXs0JN4FEgEBAQET4mLqYgAAAAAA_eMAAA&S=AQAAAkYegT3_hYRjQdcCw0qfpGU
.adx.opera.com/ Name: UID
Value: 17cd015aac1149beae74e0ca3418af76
.bidswitch.net/ Name: tuuid
Value: cead257a-d2aa-4ac9-b963-9ead2c2ed025
.bidswitch.net/ Name: c
Value: 1658896867
.bidswitch.net/ Name: tuuid_lu
Value: 1658896867
.analytics.yahoo.com/ Name: IDSYNC
Value: 1985~268s
.tapad.com/ Name: TapAd_TS
Value: 1658896867265
.tapad.com/ Name: TapAd_DID
Value: f4a8c53e-575e-44d9-a932-e49bab2022ce
.adfarm1.adition.com/ Name: UserID1
Value: 7124907791208937627
.demdex.net/ Name: demdex
Value: 89362772558022773962178290293932144422
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tidaltv.com/ Name: tidal_ttid
Value: 37ca7eae-6b59-4bb4-899d-65c41dee4e24
.dpm.demdex.net/ Name: dpm
Value: 89362772558022773962178290293932144422
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 86f4d154-084d-52d0-8d70-f7cfef90362c
.betweendigital.com/ Name: ss
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: sYCBfl0F4Uex36
.casalemedia.com/ Name: CMID
Value: YuDB42scgN9aRkmS8KfOggAA
.casalemedia.com/ Name: CMPS
Value: 4530
.casalemedia.com/ Name: CMPRO
Value: 4530
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NrQ0tDK0MAIADYdWAAkAAAA="
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.exchange.buzzoola.com/ Name: uuid
Value: 178d2b49-b445-47b3-5b42-caeec2e7aec0
.agkn.com/ Name: ab
Value: 0001%3Ae6FIJ5kcA8vAqzN9Yfgg3Ox9CwZ0hUKC
.krxd.net/ Name: _kuid_
Value: O-0jX5qc
.richaudience.com/ Name: avcid-zeo-uid
Value: 92c0b2a3-ace6-4819-5acb-3f64edbc7f34
.openx.net/ Name: i
Value: f4513c08-ea6e-4ff8-9dd6-7c1c7048e099|1658896867
pa.tns-ua.com/ Name: uid
Value: Z31D73EF08E74023BBA1A777E872F2E0
.lemmatechnologies.com/ Name: uid
Value: 54a05b8f-0d66-11ed-9b67-801844df0ab8
.360yield.com/ Name: tuuid
Value: ecfac498-3979-471e-b65e-993bf14ef236
.360yield.com/ Name: tuuid_lu
Value: 1658896867
.fwmrm.net/ Name: _uid
Value: "o2a36_7124907791202511816"
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YuDB4wAB5yVJiwBC
.csync.loopme.me/ Name: viewer_token
Value: abfe110a-bc9a-4cec-aceb-afb183f119a8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8b10a032-56fb-4862-a905-40bcb2a4f76c-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.zdorovia.com.ua/ Name: __gads
Value: ID=a4bfa870ff8372df-228d46aadacd0035:T=1658896867:RT=1658896867:S=ALNI_MYtyBwzyAnxBoSnIpHoHNyNoXANmQ
zdorovia.com.ua/ Name: session_pageview
Value: 1658896868.3
ads.avct.cloud/ Name: uuid
Value: d9f919bc-497f-49b8-b98f-8bee747d24d7
.adtelligent.com/ Name: a319130
Value: abfe110a-bc9a-4cec-aceb-afb183f119a8
.adtelligent.com/ Name: a584890
Value: 3537742351156846993
.adtelligent.com/ Name: a307971
Value: ABmS-bqVGTUX0usZ
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2E>vbpsiR!2(5w(<j<n_(4sDQgB8HdX7#UfT:rr2bpkLfSHO[dHu*%l!HW$gmY(yh1%#ZILGds5D3V@2[Rgl?UA!QhEt)H^3U0`p2!@W*+b>dwv]+>U<t/#[Tzxa>I]FW*f=kW*g0D(+2>CV
.adtelligent.com/ Name: a307558
Value: b4d1de2c-0425-42bf-a28a-34f0c4b01fa6
.adtelligent.com/ Name: a297253
Value: 3537742351156846993
.adtelligent.com/ Name: a309255
Value: 1e238c9e-fa76-43e6-ac8c-74e1953411e9
.zeotap.com/ Name: zsc
Value: 8ACt%40%8D%09%B9%83%C0%14%3D%C0y%B47%C9%03%D0%19%CC%ABR%2C%8D%AE%16%8CF%9D%9D%EB7%25%04s%CF%5C%BB-%FF-%CD%BA%E3_w%02%B5ut%FD%9E%81%9B%03%CC%B4S%7B%1B%87%E3%D7%AD%5Db%12%09%EF%E4%D4%26%A3%9B%98%156%E9%84o%9F%C5%C3GZO%ABF%08%94A%5C0%0D%24L%E6%AD%88%FE%05%BC%E3%27%C5%0C%91%10r%04%7F%96%C2%8E%B0%EC8F%DA%00R%BF%3E%B4%E1K%12%BD8H%FDW%CC%08%B0%3C%91%3E%94Z%1C%AA%99%99%14%E9E%0Bq%AA%83%96%22%EB%1B%FE8%7D%BE%9F%0B%28
.adtelligent.com/ Name: a289656
Value: ecfac498-3979-471e-b65e-993bf14ef236
.adtelligent.com/ Name: vmuid
Value: 909b26b72718bd03
.adtelligent.com/ Name: p440467
Value: e824e270afb04254b83e9c15f6787f57
.adform.net/ Name: C
Value: 1
.console.adtarget.com.tr/ Name: vmuid
Value: 05abca02bb8f92fe
.adform.net/ Name: uid
Value: 5321987192594941898
.eyeota.net/ Name: SERVERID
Value: 17212~DM
.adtelligent.com/ Name: a318342
Value: 05abca02bb8f92fe
.admixer.co.kr/ Name: __auid
Value: 283124b7b24196622962cd0d2c590163
.admixer.co.kr/ Name: __puid_103
Value: e824e270afb04254b83e9c15f6787f57
.admixer.co.kr/ Name: __id_utm
Value: 20220727
.admixer.co.kr/ Name: __id_inf_103
Value: 0_e824e270afb04254b83e9c15f6787f57
.audrte.com/ Name: arcki2_TTT
Value: 1658896868606!3h6o8jFb7GJQZWM0CA6TkwJYQ!H4sIAAAAAAAAAB2WyZHEIAxFg/GZKgnEonAQS/4h9KMvPa4xBvH1F1lZ2uT2FOaaTG5OEfycHHvvuvos9ZN2ctlzpZ2Pp3JjJs86U3hZu5adr8YXFjZ97xRzVHY6mqLkwiJW1d0Pm38akm+1lbLNSHZ0Jz9Xku12i65b4/rXlk/zXVO/I6dyGoteYYWPpXnZOv0b686SOemUbMlKa2meoqkNv2dp6Ony5eX3irTUT9RUqp40NUYKdmhR5a41PjH33vtOVUtO1pqnGdHY+PRbx+rl6pdPXcNXTuvw3uJUNhmRZHiMXe+JW79WKHENSV2cmvxEispK9pASuy/fg9u1e9o4QOQtWbaaZr0sv7nqUpGY9tWxFVAt9VFYeVjp3Cm1LDvWmnZH43bDp4LTjg2Ytk/iVpzZbTU3MaWmO7suOZYocqdSKg3qbNd15KFNW+j6+hgZvHoaPCWr+9LgupIW87tzaDn6ad49sixqovfWzNI4QHDz3iuv1fuo34ZGd3HnuxuFe7mwoElacOXIqFajfF0k12iWju0CDo2awzmdcqbN5tH8W6PEnNuSmg9It0ryfjWd4z2fHWPt/IFXL0NXuu+9qQB2ocFXRbfWItrjO64CRy3NWcC5TxapSZqicwf3HsM/zwtKQrU40NNWaYDBnjS02oAQI+53asziOtIunZ3OmWnudZNYsV5LzSXfr2+/2TmuF6o3gUozOPgoXY/doOSGvt51QtrRnlpmdYQCrBd1VY+7ZuzvCLQsEyqePFMZ3N5riaSa2Wx136bfKOoya3+LEFJ/ulONNEdvqhAkZ//er+iFb/dC3/yXFAffqtLqo7vMb1qPJcVTKw9M5Jxmq5Hyqsu2lsu1Ppqzlsi/5vMW2SOdAVvBMEwAbX97mB0olTxKB0zPaQTHORj3fVuV41+ZimouvaNUCnsKDmEnYAvIdlbU79zt2x0WOVe0iiFM8cXtbhkuGa7LF1ofCTebwDc7EMB5mfAdqd6xjVy+1WLM3LlYWzR45wyfwhMn2LFRrtj4chncAxvIT0jFlJomrd577t5nxnrWV3CbenGVBe3fTpCmxGN7y+P4xMlwOsrQUkviIwofT5wVIZy5jnNXVNm+fctu9eSk8zUYzib4DxWmeusedq1+6KFFB0fF0+jd4n2Heb2ZVIlx59SPx4oTXlzrdVkoPIbieWe2U8aEeuvLFbK/3uOW7IS209gP8SZtBCCVXmjwXp1v4Piez8d7miUwBJxgRx7AER/KQZG5pnoanunmNFhLkry6Rm+Pe98cY65MTc0HOEXQuykws13Z0+x55+cD4CFsys9zTXEdbwPYM0DxgETPJ6d2iGPp4tRw3B6s5UmGP3CllXm+W1nhyKPBRahSFjgSVRj+fDf00P7dHLIbnxaBtGXRxZA7UfDRi43u2fuHmm1mQhGTYifsIbmBWHPISyZu2PHpmBiXwUxxEO3lMXMhvtvtEg1xz/wM14gKBMvr49OmJqcmucG/N8+1fFy8DfFngrirjUVHFmBevy/w0F7HDlcUH9D3vkTAS6mJaEtKR8AyFrnwPdsiKV9bJj4+oRKU11RvCeehSp7ftbX3IAxgVSMUseDZhGSrAIjb+7rjw9XID8rdUtipY3KzrZEOGUr+aEe4X6mHzIbUgUeSwZAO+RBFE5dDdi7yILicznW2vKDv4yFGRp6DrVziNgqLMoHmokT+88z8l5R27hlnQPlhJKeNinXW587Q36iBNLcDUe/AdnQh5w+L1Wh8ikJf71BgbBuE+5k3hOhRTKwxjkzTtP55d7EmXLemhn3WYd2fzAfGCeabPvzBhKMwYZLm0K3h3SV3fPxkJU0STCSlGFzS7BCZjI2OjMZifqqDPl59vaWSQqkIgZVvaghGCSITO2TkYujZKSsWbsOfiRHE7La0szyzCPeAv4whLXd0VxXS+cEOz8xtovEq5YNWSk5TMyYJTvPthOc9azp8LvjlJ/mc/UzM28E4NdAdW0BPEMymL1YIxSqCcz/3fg2u/8LPo/zIOBQTinyKAc37OqaEQdnOkIWQUmuCmntHVvI5sxp+NEBHEV99i178RcVWudSaI0gptJyJX1L9TYc0cMCOR6qqhOKQiG94l0lupLOfj1/8yd9YSm86UDTMgCHrxcP7tBFez/EJoOtQYbWjVlEUQe2CEpAPNoHWTRDKeNVpYOmXLGo7GLI6TIZq542tjCL/0aglkbNyt3xinQ/GACYjpFElx6Erf11i/NzMgmS65+961UpxSeuhN8YI6LYgarme79EyGWiAcrlPRsg3f9lmSsYAM4ax8RpM5EU+gsrlcXx7e3n3hDCh11mswKWr2v4y4MvGdbAijmuvd4aMFRP3Rd7fKl99wwPzIdlErFATs/FFF6Uz684uynD+4cQW5BUTyMtg+INTkXw5d2EqvszJ9gOSWABDSAwAAA==
.betweendigital.com/ Name: ut
Value: YuDB5AAKMWDBV6eY_k4lvcTP1xTwnc7u6aCLRA==
.audrte.com/ Name: arcki2_ddp
Value: CAESEI8-CkFQ0KWNEHF0hE0VKeM!20210804!1658896868740
.audrte.com/ Name: arcki2_adform
Value: 5321987192594941898!20210804!1658896868741
.agkn.com/ Name: u
Value: C|0GEAAAAAAKnN-ZQAAAAABAQ13AQCAAQpAAAAAAAEABwAAAAABo2uw__8eAAAAAAAQ6jQAAAAAFAp3LwAAAAAKNLrmAAAAAB96YkAA
.casalemedia.com/ Name: CMTS
Value: 4506
.rlcdn.com/ Name: rlas3
Value: GvmNyc95nX08LeKZ/8NjupXh5QdUTsAEcFBmToZORKY=
.quantserve.com/ Name: d
Value: EGUBCQHbJoEA
.quantserve.com/ Name: mc
Value: 62e0c1e5-40005-6ceef-07306
.audrte.com/ Name: arcki2
Value: 3h6o8jFb7GJQZWM0CA6TkwJYQ!20210804!1658896869296
.rlcdn.com/ Name: pxrc
Value: COWDg5cGEgUI6AcQABIGCOndKhAA
.console.adtarget.com.tr/ Name: a307457
Value: 5321987192594941898

7 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=92c0b2a3-ace6-4819-5acb-3f64edbc7f34&reqId=0747de5b-3532-46c4-7efa-d5a09ffa9ce2&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ads.avct.cloud
ads.betweendigital.com
ads.go2net.com.ua
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
bidswitch-eu.splicky.com
c.bigmir.net
cdn.admixer.net
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
content.admixer.net
counter.yadro.ru
creativecdn.com
cs.mobfox.com
csync.loopme.me
d.agkn.com
dmp.adform.net
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dzc-v6exp3-ds.metric.ipv6test.com
dzc-v6exp3-ds.metric.ipv6test.net
engine.widespace.com
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
match.adsrvr.org
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p4-cclojpycvqxoa-frpiaazfjzgerexr-if-v6exp3-v4.metric.gstatic.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
ps.eyeota.net
r.i.ua
rtb.com.ru
rtb.openx.net
s.adtelligent.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.lemmatechnologies.com
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams02.e-planning.net
ups.analytics.yahoo.com
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
zdorovia.com.ua
104.18.18.126
104.18.19.126
104.18.2.81
104.18.3.81
108.138.17.110
142.250.185.102
142.250.185.130
142.250.186.67
146.0.227.107
146.0.227.109
151.101.194.49
162.55.233.28
168.119.168.187
168.119.9.59
172.217.16.130
172.217.18.2
18.156.0.31
18.192.108.196
183.110.238.136
185.184.8.90
185.46.149.20
185.64.190.78
185.86.137.131
185.89.210.180
188.42.191.196
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.19
198.47.127.18
199.115.119.227
2001:4860:4802:32::178
205.234.175.175
209.205.207.234
212.129.3.112
212.82.100.182
213.19.147.44
216.52.2.19
23.205.235.133
23.227.139.243
23.35.236.201
23.75.240.210
2600:1f16:e61:3f02:8513:7dd7:332b:6625
2600:1f18:1aca:4280:b29f:99a2:a424:4d90
2600:9000:223f:8e00:8:48e:53c0:93a1
2606:4700:10::6816:1957
2606:4700::6813:ad6c
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::200e
2a00:1450:4001:806::2003
2a00:1450:4001:808::2012
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2006
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2012
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c0c::9b
2a02:6ea0:c700::18
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:400::300
2a05:d018:24:b001:c8ee:3b80:f7b4:fc56
2a06:8640:464:0:92e2:baff:fe11:5b68
3.120.214.218
3.120.3.232
34.111.131.239
34.245.154.233
34.98.67.61
35.227.248.159
35.227.252.103
35.244.174.68
37.157.2.234
46.249.52.248
46.51.145.3
5.178.65.252
51.38.120.206
52.19.192.193
52.20.189.152
52.205.204.29
52.209.144.248
52.213.127.205
52.222.236.82
52.223.40.198
52.95.126.138
54.155.3.166
54.171.211.68
54.229.168.160
54.38.197.123
54.78.254.47
63.34.135.249
67.202.105.32
69.173.144.139
69.192.160.219
77.123.132.26
8.2.108.175
8.2.110.206
82.145.213.8
83.222.114.186
85.114.159.118
88.212.202.52
91.210.190.92
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0101e0a81e77f6bfe990cc59ea481aab76f71b4eb6bc5c98dbb72640f2dfb07e
02e6d1166ce99a5ffa51211e739ce661ee3f8d002e478a0711f9b8e9ec23ac6f
06ad599e102d16aead6371fe12111f0639cd995fc0871dcc3c88bf79d6cdabce
088cfd4fab0da3f8535130139894c89cd842378da04544ee086e963222b8a95a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf5de057e5fcf37209325a8d4f4a650209ef357c4ede29f44f46d51c5c9936b
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
107a950e115d98f1054b2fc923ab82288792271f81827d87cee62271f171d719
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
12105b01aca286674473ef81914ba4eb7fd909dda547d2ebbd08457c676e5cc0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
15ef0c65aa8be19d5d1d5333830902a485b3441608d24efb884353da154f5b6d
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
19298322a945cdc2ebbb5a8c965cb28c587fa9a07ba7fc91985861bec759ef8d
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
20ebc17a69a3e036ac776ab4041caa9d4f828ab13bc99deaf94fbb667a77ab00
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b33b34e15f745bdc21ee6ec0de12c13d7bedbc39d2b66c6664e382862260231
2ba588b46c39fc12e1b4abdd8bd8d8d4516c70259bd831017a8ecfff4a2ded72
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dc65860b89577cfe093a91964c5d8c0ca505f600e199b10ae4e034ff0cefbaf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e5725866cc62a4f528fb8d7dd1d4c7827832f9d229077f3e747fbf511230bc6
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
3419a0f24434a57e9f0d7ab4b641b532cbe9924aea2dc73b7bc1b50a95d1f048
366bd4dcbc5cb7bc3af8d7c0d046abdd245b6c33564393d89a7ff5334223faea
3beb702f860a08faa2be7fc4848a398dba0aa23844a10f8609ec3f763dae056d
3c299d85c164bbdd6657d53566dd74cbc349508fc62a174f3674af234a8c0e2e
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
46b0ef7e741ff491d90a9e9fb67bba81f023ff2b07d488fbcda68732a7a7dc26
47d536d82c051d394bbd52deb6886d69a895cc466d9fb6b19fa26a5a13a4d877
47ef0b9822d7e798569241487f9033007c1c1be9a37c957ab028674e26509e16
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6
482fa27c6cd458bb4e897ad31c9fba1a2600ede2e55a5c382902c121ee9475cd
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
495424ded4cac179a7c8c091f35faa36b36c1a42c29d8e92b928ad023dec538a
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c790adbed79d5101afa77fb76c05192d6e35e6e7509b91b6db8e288699534df
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f83989b716d6a6ffa798e80070b0a157b5b74944b1e737b8a3a6e5037818339
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d4b4b18e5492eadec3e8f318025e666faa0f9cc56613b8b15974396a6801a0
56b6ef07c6ed9066840f4d57d9390a9e2f5bd9c374db01a5609be23fd08f4529
59ef53dd07557753fbb29097d4a0ce902679eb4b2a892eb18c3fd8f5e325fe4f
5bae28411058bdc317781ecd7eab90fafa25c679a9eea8c325743547782f1feb
5e2b746bc7d2ab132d36c20d63e4cd2cfb10d91fbf9322cd4a05c15050b8b976
5e370949487f77f4ce81d2362b4a745cdad2832c5cc6c0aaa30838dd2969a7f6
5e6dc903eea7912a86fe1321cdb1428d931d39dc75adeec77e40cb07f5aae611
613c912db17259db955bdaaaa31857512b40a64f5fcbccd67c608bbd9ce1a79c
615ca4edcb23412fc1922fde49764b75cb9ee4b407d294b1457ed0a2756ce172
61bdfd54a6b568d5a806fc9347514ca721b887d02f7458bb3b0a15165e9b2612
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6366acaf6b1c668b1512a3e60a20fd035d13d7862c17a9693a4f40a8e88d10f8
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
64a30eed5ef4a2b99ad87961c11feea289400aa8c202c40276b9c1c778d73c70
65bb4826e8d4ae1e25cef5cb0fcf3567bc9f00fae362ddb01f55e6c51927f059
660f1ec2ca083ed857b96387b81608a1baa10a8556f36b943ed68c96945e24d1
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ef3dfeae2fa1ca20b5b09a22c9e0c36a44bfe999bf3262c4f5f48801ccbeb34
6f44e0d477c5272c6363d6da77b9825b5eb91ce73fb4f6c2a291619aeb7d01b3
711e216ab3e7aedd8271b2eaa9645e8c15f6dd93ad60bdc72285e57015336711
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
73292de6cdedb85b282697afecc1fff592592d043c0de5f479b8c0ea88c2571a
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
78d43d3f6642730d780f587f964fc7265ef7641493a062f085bf3c83f6beedaf
79f456d547cc724971e9afb0e72f958b88febe39483b76d7855ed04157604377
7d055a46ca72d163a1e5bf69108bd9fd0a2fb324bf17b2556c56f530f97a4279
805a1011538d81274d5136104e9bcd6428d920bf094952b6ee11eb0695c3ca6d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d9acbe3c1868d7f3b6453e8658022986a354f5c36a80cbd68c7491e9590146
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2
8f7ef7f5c288c03acaf1da578549dc9dcddb5d0e0afe40df612d9ce3d2cd2397
91240a4d74195d51555316dc1a31aeea5d464e442a2e012ed35e57632098a203
935a7ea852d6b4fea3400af0e6576f8eb7590b94b30eab3036d39c1c494f39bb
98152d185a09fed649566f5d43fc272b336d544a577d01475562388c6c697c8f
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9e4f4ae0958978d17fd321121918339d973f55992576b3192fba28d1047df4b6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17b2bd6c73cfc2afa8ba5e7ffeda1f687e7c14050d051ebbd8048b50a4d4271
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a3d9317a1b8c2aa2fb35ecb3abb1915d33bb75665a78cc9b9d04f41064600d93
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a617d51244d828daed8863ee87b550f26372937a064b6e151414c8e30265d338
a9e56cd9fcf2b9999bbd4436073356b9acf7f0b8346f0ddff56d8a901092acb0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
aa34a6edf9e8031e3d1e9bcc351c25af80670d837a9cc6bc408c30618cab7bd1
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
abfde8fdf415962e66c31a475fa8c7929aba9bf645bf2218a08da2845817b16d
ad054d7a20f50c7a7554bb6bc954e76da8c7bbe43d499aaa6e3c6fbe903d7944
ae4511843102b233e7457ded5add74266fac47cf86d59e3ce73777569ead891d
b0806c783ea9cd1c45094170b0f336e25ae67b2b7b130be18167f310f4135a60
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf
b26f27bb79243e87a9b4c737ca3d6f8cfded9d03823a6a2e4413da9ed8d8395a
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b99911641549a16137cd83a30cf1769beb4cb0b3ee2e94506bfdd0fa8e537545
bea0360538ea5b54559595972ddd9b73a5214ef99396878a920bb5595265b95c
c11a7a39d795e0b853aeffb18440dc46617aef68582804bf60bc76caccc9178b
c17937534b79fd1af365f2e98e4d8262edcb89c02158dc71f54a3dbba8e643df
c1845729106131a090ae9aed41312d0aaa950e749f2d19773aace365576a3c76
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27edad9d08cc1f4a0c405500156d44229522a0efd89305fcd1bb4d361cc2aa5
c281da6b715106cdd1cabe0b633695548b9a42a72c38d1dbd7c92a60292451c0
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c4da88d903e8ed2209a1d052c424216dc4940e6834327662028acc4fbe634510
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe950cf2b964f3aa599a927ca074eec57ee540a4c8255f4ad90df6594aa0bd4
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
d87e88b7aadd332252cd54acd7e01872522b29f37925791045579b9a1e36c737
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
db65bb29d620a66afff4559ffeed1349dc3654bbbe66092fc8a3177a09f65d2b
dc7f27b7a0905f41416a9892af47f359c573062e9c28337f064aec8dd4af7563
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e289e12a00971b53287bb4ca068d74e259157372d5ed5051f32fec59559eafbf
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e6abd959d0250636ae8a8cd0367eeaefdcb459b3f1fa9a5636e9ba16aabbff08
e6d58896a202947c9f4eebb4b1050ec77a674b1bf9b81fc7b30c37b2561da7ab
e70fd5a92bf2f07bc4c5eda8f8417411835f8a935b2cb5f73a922cad65cddead
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e77074927673ee280742cc1fe5b0dcc1573c46a62cba02241540e3c9306ead1f
e85b3e256e3d9a0d35e808d7fc2f8cac843605082203e8347122ec48233ec200
ea2f1d240d00536d806a049fa2c7b2bc606daca1cfd03b37a81134deb63565e0
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ee696b794dc9fce2b6a169ba7ba59216c21715aef65897f4df19020d3ca26c82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0caa9d92eaf74f0d6486888d5dffce099f088c30f6e5a567e3d58ef88e3c41a
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f470890abb6f3f3a73f8137cfefe750e432fb04462995192c7388ea1c7e4fe8b
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f
f5c1252657d569220b7abaf36abd9d3c30550c7935f1af14d43a358d309c557a
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f94e8a28820779ae32f6699ed4c41bb2197c32360bca72919a55d962db4acf04
fa2ce7b565d7437dd4fc2c2c904e40d206143b6a6097ec5a05d25faf581c8f2f
fcbf86d14d9ef8462b066830a2520cf0a18046ba0256a2532486d5d5e5706d83
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fda6eff292d6c86f327a3648495c7d87830df9cb60d37bdc5085ae26038ca56a
fe636ebc9ab8e42d82751434a70ab25345e6198aba0fcfbd11be9b77b50ae80d