URL: http://zdorovia.com.ua/
Submission: On September 16 via api from GB — Scanned from GB

Summary

This website contacted 86 IPs in 19 countries across 94 domains to perform 630 HTTP transactions. The main IP is 91.210.190.92, located in Ukraine and belongs to AS-EKVIA, UA. The main domain is zdorovia.com.ua.
This is the only time zdorovia.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
56 91.210.190.92 48440 (AS-EKVIA)
5 2a00:1450:400... 15169 (GOOGLE)
16 2a03:90c0:e1:... 199524 (GCORE)
1 104.18.3.81 13335 (CLOUDFLAR...)
3 5 88.212.201.204 39134 (UNITEDNET)
4 2a00:1450:400... 15169 (GOOGLE)
5 27 51.83.220.94 16276 (OVH)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 104.18.2.81 13335 (CLOUDFLAR...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
6 146.0.227.107 20773 (GODADDY)
2 18 146.0.227.110 20773 (GODADDY)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 185.64.190.79 62713 (AS-PUBMATIC)
8 13 37.252.172.249 29990 (ASN-APPNEX)
1 3 185.184.8.90 204995 (RTB-HOUSE...)
4 2a0c:5c81:505... 55081 (24SHELLS)
9 51.38.120.206 16276 (OVH)
1 4 185.172.90.252 49981 (WORLDSTREAM)
2 193.200.65.6 6681 (GIVEME-CLOUD)
2 2 188.42.191.196 7979 (SERVERS-COM)
4 8.2.108.175 46636 (NATCOWEB)
1 3 194.247.175.19 196831 (BEMOBILE-AS)
7 7 3.122.190.231 16509 (AMAZON-02)
4 4 2620:116:800d... 16509 (AMAZON-02)
3 3 83.222.114.190 42632 (MNOGOBYTE...)
1 1 83.222.114.189 42632 (MNOGOBYTE...)
14 29 142.250.185.226 15169 (GOOGLE)
2 2 193.106.95.134 48614 (ITSOFT-AS)
2 2 2a02:6b8::90 208722 (GLOBAL_DC)
2 3 89.108.120.76 197695 (AS-REG)
3 3 217.66.147.162 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
1 1 130.193.58.13 200350 (YANDEXCLOUD)
3 3 199.115.119.227 30633 (LEASEWEB-...)
2 2 35.210.53.219 15169 (GOOGLE)
1 1 188.34.190.28 24940 (HETZNER-AS)
3 3 18.156.0.31 16509 (AMAZON-02)
4 22 104.18.19.126 13335 (CLOUDFLAR...)
4 216.52.2.39 30282 (AS-INAPCD...)
4 185.83.70.70 55081 (24SHELLS)
1 2 159.69.141.123 24940 (HETZNER-AS)
2 8.2.110.206 46636 (NATCOWEB)
1 183.110.238.136 4766 (KIXS-AS-K...)
2 82.145.213.8 39832 (NO-OPERA)
67 2a00:1450:400... 15169 (GOOGLE)
4 2.18.233.180 16625 (AKAMAI-AS)
2 67.202.105.31 32748 (STEADFAST)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
4 17 62.149.1.122 15497 (COLOCALL ...)
2 4 35.186.253.211 15169 (GOOGLE)
2 2 34.252.105.21 16509 (AMAZON-02)
5 2a02:6ea0:cb0... 60068 (CDN77 ^_^)
3 3 213.19.147.45 26120 (RHYTHMONE)
6 35.71.131.137 16509 (AMAZON-02)
6 18 35.172.39.147 14618 (AMAZON-AES)
12 185.172.90.251 49981 (WORLDSTREAM)
3 3 3.211.112.47 14618 (AMAZON-AES)
9 185.172.90.249 49981 (WORLDSTREAM)
5 5 2.19.35.65 16625 (AKAMAI-AS)
10 23.205.235.133 16625 (AKAMAI-AS)
2 7 104.18.18.126 13335 (CLOUDFLAR...)
3 205.234.175.175 23352 (SERVERCEN...)
32 2606:4700:10:... 13335 (CLOUDFLAR...)
5 77.123.132.42 35680 (VOLIA)
5 185.64.190.78 62713 (AS-PUBMATIC)
4 6 35.227.248.159 15169 (GOOGLE)
5 7 37.157.4.41 198622 (ADFORM)
2 2a04:4e42:400... 54113 (FASTLY)
2 2600:1f18:659... 14618 (AMAZON-AES)
4 4 2a05:d018:24:... 16509 (AMAZON-02)
5 6 52.210.26.59 16509 (AMAZON-02)
2 54.78.254.47 16509 (AMAZON-02)
2 2 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
4 4 34.111.131.239 15169 (GOOGLE)
2 185.15.245.83 24961 (MYLOC-AS ...)
4 7 34.249.7.180 16509 (AMAZON-02)
2 2 212.82.100.182 34010 (YAHOO-IRD)
2 2 52.59.153.178 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
4 52.215.16.237 16509 (AMAZON-02)
2 162.55.233.28 24940 (HETZNER-AS)
3 151.101.2.49 54113 (FASTLY)
2 2 2.18.233.201 16625 (AKAMAI-AS)
2 2 3.231.177.24 14618 (AMAZON-AES)
2 4 54.239.38.253 16509 (AMAZON-02)
2 69.192.160.219 16625 (AKAMAI-AS)
3 3 54.229.14.30 16509 (AMAZON-02)
2 6 69.173.144.139 26667 (RUBICONPR...)
1 3 52.46.143.56 16509 (AMAZON-02)
1 52.213.154.120 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 37.252.173.22 29990 (ASN-APPNEX)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 103.229.206.241 30419 (MEDIAMATH...)
2 2 3.123.174.3 16509 (AMAZON-02)
1 1 64.202.112.191 22075 (AS-OUTBRAIN)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 69.173.144.165 26667 (RUBICONPR...)
2 37.157.3.30 198622 (ADFORM)
3 13.248.245.213 16509 (AMAZON-02)
6 108.138.17.110 16509 (AMAZON-02)
3 51.15.145.115 12876 (Online SAS)
18 2a00:1450:400... 15169 (GOOGLE)
1 1 185.183.112.148 60350 (VP)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 142.250.185.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
3 3.124.210.90 16509 (AMAZON-02)
2 35.244.159.8 15169 (GOOGLE)
2 104.96.128.226 16625 (AKAMAI-AS)
71 2a00:1450:400... 15169 (GOOGLE)
2 2 35.157.16.92 16509 (AMAZON-02)
8 142.250.186.34 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
630 86
Apex Domain
Subdomains
Transfer
100 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
1 MB
71 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
976 KB
53 zdorovia.com.ua
zdorovia.com.ua
1 MB
49 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
179 KB
32 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1707
mwzeom.zeotap.com — Cisco Umbrella Rank: 1669
10 KB
32 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 9079
file.adpartner.pro — Cisco Umbrella Rank: 252886
61 KB
29 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
r.casalemedia.com — Cisco Umbrella Rank: 849
ssum.casalemedia.com — Cisco Umbrella Rank: 1370
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
23 KB
28 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5432
u-ams03.e-planning.net — Cisco Umbrella Rank: 70836
s.e-planning.net — Cisco Umbrella Rank: 7201
i.e-planning.net — Cisco Umbrella Rank: 7650
12 KB
26 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910
eus.rubiconproject.com — Cisco Umbrella Rank: 564
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
token.rubiconproject.com — Cisco Umbrella Rank: 667
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2009
56 KB
24 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 48085
inv-nets.admixer.net — Cisco Umbrella Rank: 2415
103 KB
19 adtelligent.com
s.adtelligent.com — Cisco Umbrella Rank: 5630
sync.adtelligent.com — Cisco Umbrella Rank: 4320
11 KB
18 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2018
16 KB
16 go2net.com.ua
scripts.go2net.com.ua — Cisco Umbrella Rank: 612538
ads.go2net.com.ua — Cisco Umbrella Rank: 243789
313 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
secure.adnxs.com — Cisco Umbrella Rank: 432
11 KB
13 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 838
tags.crwdcntrl.net — Cisco Umbrella Rank: 1273
51 KB
13 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 607
ads.pubmatic.com — Cisco Umbrella Rank: 462
image6.pubmatic.com — Cisco Umbrella Rank: 648
24 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 75
4 KB
9 adform.net
dmp.adform.net — Cisco Umbrella Rank: 5011
cm.adform.net — Cisco Umbrella Rank: 1589
3 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
7 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
5 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
cms.analytics.yahoo.com — Cisco Umbrella Rank: 869
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
3 KB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 40
216 KB
6 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 513
usermatch.krxd.net — Cisco Umbrella Rank: 1103
2 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
6 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
1 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
2 KB
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1505
us-u.openx.net — Cisco Umbrella Rank: 396
1 KB
6 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 15634
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 17529
3 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 6352
adservice.google.de — Cisco Umbrella Rank: 9081
2 KB
5 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 4808
52 KB
5 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9373
4 KB
4 gstatic.com
fonts.gstatic.com
63 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
175 KB
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
d.agkn.com — Cisco Umbrella Rank: 638
3 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26264
1 KB
4 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1343
1 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
1 KB
4 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 30714
tech.rtb.mts.ru — Cisco Umbrella Rank: 31665
3 KB
4 com.ru
rtb.com.ru — Cisco Umbrella Rank: 30780
test.rtb.com.ru — Cisco Umbrella Rank: 246529
5 KB
4 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
cms.quantserve.com — Cisco Umbrella Rank: 1020
2 KB
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 5002
516 B
4 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
107 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 961
4 KB
3 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7453
2 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
418 B
3 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 10230
642 B
3 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 959
sync.mathtag.com — Cisco Umbrella Rank: 444
2 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
296 B
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2279
804 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
3 lemmatechnologies.com
sync.lemmatechnologies.com — Cisco Umbrella Rank: 6581
1 KB
3 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 14652
2 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 104165
642 B
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 660
921 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
37 KB
3 nashamama.com
nashamama.com
40 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1077
344 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
924 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 511
290 B
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2134
721 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
462 B
2 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 20855
305 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1578
1 KB
2 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 109787
1 KB
2 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 7099
648 B
2 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10822
822 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 697
216 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 683
655 B
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 4104
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2930
836 B
2 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 8824
1020 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 18940
543 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4590
745 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2536
2 KB
2 prodmp.ru
prodmp.ru — Cisco Umbrella Rank: 50874
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2092
1 KB
2 trafmag.com
m.trafmag.com — Cisco Umbrella Rank: 74890
702 B
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 150887
i.bigmir.net — Cisco Umbrella Rank: 296884
1 KB
2 i.ua
i.i.ua — Cisco Umbrella Rank: 479621
r.i.ua — Cisco Umbrella Rank: 161004
4 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
759 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1379
300 B
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2448
182 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
309 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
425 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
430 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
321 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 17398
904 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 29463
219 B
1 konnektu.ru
pixel.konnektu.ru — Cisco Umbrella Rank: 70140
238 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 748
5 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
9 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
630 94
Domain Requested by
71 s0.2mdn.net zdorovia.com.ua
s0.2mdn.net
67 pagead2.googlesyndication.com scripts.go2net.com.ua
pagead2.googlesyndication.com
file.adpartner.pro
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
s0.2mdn.net
www.googletagservices.com
53 zdorovia.com.ua zdorovia.com.ua
33 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
zdorovia.com.ua
s0.2mdn.net
27 a4p.adpartner.pro 5 redirects zdorovia.com.ua
a4p.adpartner.pro
25 cm.g.doubleclick.net 14 redirects spl.zeotap.com
googleads.g.doubleclick.net
23 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
18 dsum-sec.casalemedia.com 3 redirects ssum.casalemedia.com
googleads.g.doubleclick.net
18 a.audrte.com 6 redirects ads.us.e-planning.net
a.audrte.com
zdorovia.com.ua
18 inv-nets.admixer.net 2 redirects scripts.go2net.com.ua
zdorovia.com.ua
ads.us.e-planning.net
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
15 sync.adtelligent.com 2 redirects s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
13 ib.adnxs.com 8 redirects zdorovia.com.ua
spl.zeotap.com
scripts.go2net.com.ua
googleads.g.doubleclick.net
12 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
vid.vidoomy.com
10 eus.rubiconproject.com ads.us.e-planning.net
s.adtelligent.com
eus.rubiconproject.com
10 scripts.go2net.com.ua zdorovia.com.ua
scripts.go2net.com.ua
9 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
9 s.e-planning.net ads.us.e-planning.net
9 onetag-sys.com ads.go2net.com.ua
s.adtelligent.com
ads.us.e-planning.net
8 googleads4.g.doubleclick.net zdorovia.com.ua
8 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
7 bcp.crwdcntrl.net 4 redirects tags.crwdcntrl.net
7 dmp.adform.net 5 redirects spl.zeotap.com
7 x.bidswitch.net 7 redirects
6 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
6 dpm.demdex.net 5 redirects ssum.casalemedia.com
6 pixel.tapad.com 4 redirects spl.zeotap.com
6 match.adsrvr.org s.adtelligent.com
spl.zeotap.com
ssum.casalemedia.com
6 ads.go2net.com.ua scripts.go2net.com.ua
zdorovia.com.ua
6 cdn.admixer.net zdorovia.com.ua
scripts.go2net.com.ua
cdn.admixer.net
5 adservice.google.com pagead2.googlesyndication.com
5 adservice.google.de pagead2.googlesyndication.com
5 token.rubiconproject.com eus.rubiconproject.com
5 pixel.rubiconproject.com 2 redirects spl.zeotap.com
eus.rubiconproject.com
5 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
googleads.g.doubleclick.net
5 file.adpartner.pro zdorovia.com.ua
a4p.adpartner.pro
5 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
5 secure-assets.rubiconproject.com 5 redirects
5 vid.vidoomy.com s.adtelligent.com
ads.us.e-planning.net
5 counter.yadro.ru 3 redirects zdorovia.com.ua
5 ajax.googleapis.com zdorovia.com.ua
s0.2mdn.net
4 fonts.gstatic.com fonts.googleapis.com
4 www.googletagservices.com googleads.g.doubleclick.net
4 aax-eu.amazon-adsystem.com 2 redirects ads.us.e-planning.net
4 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
4 idsync.frontend.weborama.fr 4 redirects
4 sync.tidaltv.com 4 redirects
4 rtb.openx.net 2 redirects googleads.g.doubleclick.net
4 ads.pubmatic.com s.adtelligent.com
4 s.console.adtarget.com.tr zdorovia.com.ua
s.adtelligent.com
4 ap.lijit.com zdorovia.com.ua
s.adtelligent.com
4 us.ck-ie.com zdorovia.com.ua
4 ads.us.e-planning.net 1 redirects ads.go2net.com.ua
s.adtelligent.com
4 s.adtelligent.com ads.go2net.com.ua
s.adtelligent.com
4 image8.pubmatic.com zdorovia.com.ua
4 www.youtube.com zdorovia.com.ua
www.youtube.com
s0.2mdn.net
3 ps.eyeota.net zdorovia.com.ua
3 js.cookieless-data.com s.e-planning.net
3 eb2.3lift.com ads.us.e-planning.net
3 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
3 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 3 redirects
3 sync-tm.everesttech.net spl.zeotap.com
ssum.casalemedia.com
3 i.e-planning.net ads.us.e-planning.net
3 ssp.disqus.com 3 redirects
3 sync.1rx.io 3 redirects
3 ssum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
3 ups.analytics.yahoo.com 3 redirects
3 sync.lemmatechnologies.com 3 redirects
3 sm.rtb.mts.ru 3 redirects
3 x01.aidata.io 2 redirects zdorovia.com.ua
3 rtb.com.ru 3 redirects
3 pa.tns-ua.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 creativecdn.com 1 redirects zdorovia.com.ua
scripts.go2net.com.ua
3 www.google-analytics.com 1 redirects zdorovia.com.ua
a4p.adpartner.pro
3 nashamama.com zdorovia.com.ua
2 fonts.googleapis.com s0.2mdn.net
2 d.agkn.com 2 redirects
2 cms.quantserve.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 sync.console.adtarget.com.tr 2 redirects
2 cm.adform.net s.console.adtarget.com.tr
2 pm.w55c.net 2 redirects
2 secure.adnxs.com 2 redirects
2 pr-bh.ybp.yahoo.com ssum.casalemedia.com
2 dsum.casalemedia.com ssum.casalemedia.com
2 tags.bluekai.com spl.zeotap.com
2 usermatch.krxd.net 2 redirects
2 pixel.mathtag.com 2 redirects
2 sync.richaudience.com spl.zeotap.com
2 odr.mookie1.com spl.zeotap.com
2 aa.agkn.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 dmp.theadex.com spl.zeotap.com
2 dsp.adfarm1.adition.com 2 redirects
2 bn01.er.bemail.it 2 redirects
2 loadeu.exelator.com spl.zeotap.com
2 dmp.v.fwmrm.net spl.zeotap.com
2 trc.taboola.com spl.zeotap.com
2 ad.360yield.com 2 redirects
2 ic.tynt.com s.adtelligent.com
2 t.adx.opera.com zdorovia.com.ua
scripts.go2net.com.ua
2 cs.mobfox.com zdorovia.com.ua
scripts.go2net.com.ua
2 exchange.buzzoola.com 1 redirects zdorovia.com.ua
2 pool.admedo.com 2 redirects
2 an.yandex.ru 2 redirects
2 prodmp.ru 2 redirects
2 pixel.quantserve.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 m.trafmag.com zdorovia.com.ua
1 p.rfihub.com 1 redirects
1 sync.adotmob.com 1 redirects
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 casale-match.dotomi.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.mathtag.com 1 redirects
1 ad.turn.com 1 redirects
1 match.prod.bidr.io ssum.casalemedia.com
1 csync.loopme.me 1 redirects
1 idsync.admixer.co.kr zdorovia.com.ua
1 r.casalemedia.com zdorovia.com.ua
1 bidswitch-eu.splicky.com 1 redirects
1 pixel.konnektu.ru 1 redirects
1 tech.rtb.mts.ru 1 redirects
1 test.rtb.com.ru 1 redirects
1 www.google.de zdorovia.com.ua
1 stats.g.doubleclick.net 1 redirects
1 static.xx.fbcdn.net www.facebook.com
1 i.bigmir.net zdorovia.com.ua
1 c.bigmir.net 1 redirects
1 www.facebook.com zdorovia.com.ua
1 r.i.ua zdorovia.com.ua
1 i.i.ua zdorovia.com.ua
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
630 135

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
www.bigmir.net
www.i.ua
www.liveinternet.ru
Subject Issuer Validity Valid
*.go2net.com.ua
Sectigo RSA Domain Validation Secure Server CA
2021-11-15 -
2022-12-05
a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2022-06-08 -
2023-06-21
a year crt.sh
*.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-25 -
2022-09-23
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
adpartner.pro
R3
2022-09-04 -
2022-12-03
3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-07-31 -
2022-10-29
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
ads.us.e-planning.net
R3
2022-07-12 -
2022-10-10
3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-14 -
2023-06-14
a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2
2021-11-12 -
2022-12-14
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA
2022-07-27 -
2022-10-25
3 months crt.sh
*.mobfox.com
R3
2022-06-28 -
2022-09-26
3 months crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018
2022-04-29 -
2023-05-01
a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-07 -
2023-09-30
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-07-28 -
2022-10-26
3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-01 -
2023-10-02
a year crt.sh
*.audrte.com
Amazon
2022-02-24 -
2023-03-24
a year crt.sh
*.e-planning.net
R3
2022-07-25 -
2022-10-23
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-24 -
2023-06-23
a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2022-02-23 -
2023-02-03
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-29 -
2022-12-30
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-13 -
2022-10-14
a year crt.sh
dmp.theadex.com
R3
2022-08-26 -
2022-11-24
3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1
2022-02-03 -
2023-03-07
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.match.prod.bidr.io
Amazon
2022-01-27 -
2023-02-25
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-14 -
2022-12-07
6 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-23 -
2023-03-22
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
juke.mmi.tns-ua.com
R3
2022-07-19 -
2022-10-17
3 months crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.google.de
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
eyeota.net
GoGetSSL RSA DV CA
2022-03-18 -
2023-03-18
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
teads.tv
R3
2022-08-17 -
2022-11-15
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-29 -
2022-11-21
3 months crt.sh

This page contains 117 frames:

Primary Page: http://zdorovia.com.ua/
Frame ID: CB3F03901148F6F413CC2F1CDC132170
Requests: 128 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Frame ID: 82E601D5D1DE887D077EE7644B3449E8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 8FA47B1CE6B798143EDCABFC8DC36A4B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: AEF2B0BC3D0B3A757FCD959929F6356B
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Frame ID: CE136DF2ADCDF7A42127CDE01DB3DC9F
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=1214764331083829&apuid=0d336ee3-ed74-47bc-8876-905c246583d3&session_pageview=1&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 5C41BDF2E39787CA40D5E63F1901473A
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: 8EE1A1D12A41E15FABB0D08C78DAC8EE
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 793066FE7FD95D9DCAEF31DF69DDE5F1
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: 2076F7841D0703354B2A39AF40FF0259
Requests: 9 HTTP requests in this frame

Frame: https://scripts.go2net.com.ua/scripts3/loader2.js
Frame ID: 3C8E8424553C19FD80FF82CE5D6CC673
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 7AB479CCCACAB226F5CB29C15F026753
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: B8F1E0FAC18156FD260B2EA6678B18B8
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: B85F3751D25D81F747FB3C10F0C0691D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 071CA9D61F0F96517CA0A3C0437930D6
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 5CCB503E13EABAC7781E9EA720B5E9FB
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 5698698276CD822615809FED6E073B91
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 94C512BDE3D1ECE03075DA8F62AF826D
Requests: 9 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 969F6CB2EDB2BB5590EB33F6B8469997
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=fd785e3b-bc6f-4be1-93d0-097caab5bc15
Frame ID: BB9B45F94B884391D94452CDC5134DD4
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 44681C58FD6F29024F1CEFCBB13984A7
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 6CE231188F00F2AA574E33712961AD68
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Frame ID: 70E64509FD3E9BFDD7B11007CE19CCE7
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 3D927DE13F081D462B52254F7032568F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: DA4EA2C89D86932EE86ED467E9FD9679
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361&cmp=0
Frame ID: 4F39F66A618CA15BC5BD28FBB340D490
Requests: 32 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 8C4414DCAB6FF517BC998E91A54950F7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: E5B49508BA808A4A0422C9D689143FEB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: FFC49C2DABAFBF06626E24F30EC9EFF6
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: A748EE5A1681580781A4A9FD0E9CDAA0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 7ED218FC8AE3C998CD4395F7DF6317F3
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Frame ID: 51EE38769E9CB02F6C14601444F2DAE9
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 4B65BEC86B800AD201164D753C8B2DD6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 8FCAAFBA9CDEB9026C3579F3F1F36253
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361&cmp=0
Frame ID: 49C5E8E21D145E279C683C0A05F172D6
Requests: 32 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 352FF08DADA6C826A32C62DF9BDF1E55
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: DDBD6422BA021224D9E6FB0BE4A44605
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 6D6143CF4605AB7147374FEC64B7F251
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 1D088DA5CDAA132D082D3D990F0BBCEE
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 94F14E1C6221C73FC5AD10C69EF22A38
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=9d12aa55d264e60e&uid=f480e52263601e65ea80c40c597af449
Frame ID: 4698D162373EC452AECD558EC98C2253
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: AFFA5EE77E6C9B07D40F50A940A4CE92
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFybZRbaGnUbfu8Z
Frame ID: 87070A2B527803EBC8D291B81F3D15EF
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: 4A03025064176B330AF3A950E4700B78
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: AC951491EB9516688A1E5B5BC6ED4E64
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=9d12aa55d264e60e&uid=f66c2b0869940a26a878505394b8e720
Frame ID: 66CD3E3A1085AFA3D32371BEBBD9A13B
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 916C35AEA428596EC31F083DE9FFEC0D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AFybZRbaGnUbfu8Z
Frame ID: 8FE25E82A7713F33B745DCF11E827FBF
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 98289050F91C197FD8D2BC2CEE973D92
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22&session_pageview=2&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 901D05D3510835E86DA22B8FA8978EFA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: B1B1B70ABA0964953BEBD6C624451721
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Frame ID: 3DD96AEF4BCCA9273EB6BA916999386F
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Frame ID: EC3D19D4CC3E5C207F085375A820F769
Requests: 9 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=707176
Frame ID: B73F9B4D3DD6D7E5FF986349720AC0F9
Requests: 5 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 830AFBBEE4B0F58B305F03E3FE30B669
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 5CEBEDD3D39030BE5AED6E50C76EC159
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 225734EC8D8357AC114FC2DC9638AC58
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 2C4243DC4D858DF0934F71F04C2C653E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 76F231D061F9DA782E2CF705C09DDE5A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 672EEBF1449DDA6966E371BD9714E9BC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 52266155F1430C70575CA32598528122
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Frame ID: EA32A1C3352DDD1EFB2533811AD1388E
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 1F7BB83B7224028BEFC6876BEC0DF95D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 51E0DC7ECD5BA3C7E8BCC277ED9BE606
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=64b58b70-02f2-46bb-52c8-8ebb872e32fb&zdid=1361&cmp=0
Frame ID: 41B5933A070A806FBAA6DE5C8F6C6273
Requests: 4 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_1214764331083829&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F5da022c4-834d-47d9-995b-c38a3c734f90%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D3f99791fabf2ef55bee6a29f3f2178a0
Frame ID: 48A3E27850E444D731A13C2B19154586
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: 6066E0692CA114E7DF32BECB4F244142
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Frame ID: BDDC26B1342C2C04C68136CF048A9C4E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 52528D7B287D9F3D85CD53C4C9D789B1
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22&session_pageview=3&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Frame ID: 7CA0F8942CB6C0FE861681BCADF4C2C3
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 63E04EAF6123199A32EAE65D1FB68E3E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: E9105D195426E41457F43E6730CCF856
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 1B9A131AED9DF0251744B613F8B77E4D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: B8D238C0FD5B022D14BB02B9C33651D0
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Frame ID: DE21D61DDF72B4123B0AAF5C7CD4542B
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 9046D6819BD218BBA7AFD3B543D70154
Requests: 2 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=d492d92fa9f9922a&uid=f480e52263601e65ea80c40c597af449
Frame ID: 87CB432EBDA3221E275D0B218A602B15
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: D67DF7B5F9BC40D98C1CF5613B65C1EC
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFybZRbaGnUbfu8Z
Frame ID: A461F3EC3E8CDBF726F2104E20F52534
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Frame ID: D3B8347320E3EEEBC269B0AE790227ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Frame ID: 9D20F7694F109F7E022C0D656B85FB12
Requests: 15 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F2b9bc3e6-9738-4c83-aa4c-135450afdb16%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM2LCJzaG93X2lkIjoiMmI5YmMzZTYtOTczOC00YzgzLWFhNGMtMTM1NDUwYWZkYjE2IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D3dafa742c51e8f59978e384dd2cb120a&showId=2b9bc3e6-9738-4c83-aa4c-135450afdb16&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
Frame ID: 568BCD5295C42A12DDBFFE519D322FFF
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25222b9bc3e6-9738-4c83-aa4c-135450afdb16%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25222b9bc3e6-9738-4c83-aa4c-135450afdb16%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: B48EA5C911B5AEE82E954E77A7CA85F2
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25222b9bc3e6-9738-4c83-aa4c-135450afdb16%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25222b9bc3e6-9738-4c83-aa4c-135450afdb16%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: F11DD49A0A6714DD8FFDC19E385C1B07
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Ff222f845-5c88-4a56-83d3-6d9eb3361a64%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM2LCJzaG93X2lkIjoiZjIyMmY4NDUtNWM4OC00YTU2LTgzZDMtNmQ5ZWIzMzYxYTY0IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D7643146b7bda97bf21f38fddcbbae689&showId=f222f845-5c88-4a56-83d3-6d9eb3361a64&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
Frame ID: A8B730C647A00D052051121D7E73B4EA
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522f222f845-5c88-4a56-83d3-6d9eb3361a64%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f222f845-5c88-4a56-83d3-6d9eb3361a64%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: 18463E1F186C46DF9605870BDB41F45A
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522f222f845-5c88-4a56-83d3-6d9eb3361a64%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f222f845-5c88-4a56-83d3-6d9eb3361a64%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Frame ID: DF81451D436830C8852D3FAEC96576AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Frame ID: C4189A74025BF513FA1FFBA287FDAA2B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Frame ID: F442265FCED8E86FFA7629045D330EFB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYtcmJDDAB&v=APEucNVD6u1WALcoYB9KjqqAiStq7Hql6xvyKdkjQ-cCLE7YzitbP2EWijbeBEUKmDqpSJMu7mEZFQeGz9d_YMlRlieKdeqKyrjhI5uSmFuxxb8GUhDToLmctzZ8OwUQAgv-kquj8nF3OdJSQ0obMg8gPtJXPQGzCp0ZNGP-LAozh2Pcm4hepto
Frame ID: 9073C445332B069C13D19331F97E3BCB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 84B651895F32AFE10D5EBD28D9A46CAF
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 27B83417AC414F09AC03342B726575AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A40969760A424E6B958C6638B0E46770
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrbuLCzAB&v=APEucNU21q0Lvj1I09EKPQ8GJLtxo6uTfPz4BixmbbKade9cXrtHfCsKU13gfmXu6kMaaDB3UX9jex1BNL7PZht2KlGmTPdAK-h5o9MSWIGIac5oxxYd5dHKpsd5ITi0zGmkaf-ZTC-YO2TSosmBoiQkQov2FnVIOAFfs92MIpN8ciogyFYOUhY
Frame ID: 9E8144C992374A457E6340D20B7CAE0B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1643D99C26654EDE91D15316BE7A6093
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 203274BF5AC86FBCB3C2FAC51DCF1375
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336992&bpp=13&bdt=119&idt=220&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2499671178418&frm=8&ife=1&pv=2&ga_vid=69173635.1663304337&ga_sid=1663304337&ga_hid=1111988166&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3900141726&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=3083802158083473&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.4inljfa8vab0&fsb=1&dtd=233
Frame ID: 019DFFF6A9E9D2C8A00C47E908131278
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNXA4UV0IMgu3murVA5Sfba-GUFlS4AtskTNZU0nz2fvLvu0PyJ5ya5UQrAo6EMJ2DjgmiqKmCybe9tl_z1ig-0s6q51fg
Frame ID: D8AEE118F9212CC801C3550F7E2B99B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNVbwEGQ3oV4hALj1drJGOsxavVrWtN9NpHldABLTf5WY0nIY0K2tzqaalHb-tSTXW3VoK6xiRb2dRt5w83KaG9auER3Ow
Frame ID: 6EB3C6548EF21B98109814C23FA4D6CF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 778BFE242EB5F9652FAB17AD50E5A808
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304337241&bpp=13&bdt=141&idt=251&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=1832594280039&frm=8&ife=1&pv=2&ga_vid=1495455549.1663304337&ga_sid=1663304337&ga_hid=1570198590&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2357944085&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44770881%2C31067825%2C31062931&oid=2&pvsid=1509434242826946&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.s5sqx25yg99l&fsb=1&dtd=256
Frame ID: ABECC9239A26FCD5120B3168F6DBDA7D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 445FD714DD2BFD0E434CC96E909081C8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D81F73F8D403EA6491DBF69EB495D96
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2415DB7B7F4CE280B7546C3C288F6A9E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Frame ID: D08C678FD8D9BB72910C5AEA7745776D
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Frame ID: 9268C3AFB1F560FA4B88C4355F89E814
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0CBFB632FBAC10C26299813243193339
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Frame ID: 11312C83EC4172CB786F96AA97CD683E
Requests: 22 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Frame ID: 4DB145E850B15DE848C56776D453A3E3
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0945E0D8AD213F323CF6BE7A55F7A663
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 580BA0A36BB60643F32EF4EC7788D4CA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 871C5AA5B18670D1D2411F52C2639976
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36E96832D4D26362E58BE9D9EC951C19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0153FC0022071A5623919E8A07CB4854
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: F888041A9DBABA7F0414071CA38DBBE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 74DC7937FCDCF845DB496BCFD1E298FD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7676A5604B220F2775A6DA9307E291F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A663281D20F0A094418BA44D4642DFAD
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Новини здоров'я, лікування та здорового харчування та очищення

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

630
Requests

74 %
HTTPS

23 %
IPv6

94
Domains

135
Subdomains

86
IPs

19
Countries

5443 kB
Transfer

11302 kB
Size

119
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • http://a4p.adpartner.pro/branding?id=1550&0.2421288073068555 HTTP 301
  • https://a4p.adpartner.pro/branding?id=1550&0.2421288073068555
Request Chain 58
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 59
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.29403753216014983 HTTP 302
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.29403753216014983 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.29403753216014983
Request Chain 66
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n825354&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/01.png
Request Chain 76
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=228570720&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=1302820987&utmr=-&utmp=%2F&utmht=1663304335055&utmac=UA-37123827-1&utmcc=__utma%3D148597372.821327299.1663304335.1663304335.1663304335.1%3B%2B__utmz%3D148597372.1663304335.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1879263747&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=228570720&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%2C%20%D0%BB%D1%96%D0%BA%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D0%BD%D0%BD%D1%8F%20%D1%82%D0%B0%20%D0%BE%D1%87%D0%B8%D1%89%D0%B5%D0%BD%D0%BD%D1%8F&utmhid=1302820987&utmr=-&utmp=%2F&utmht=1663304335055&utmac=UA-37123827-1&utmcc=__utma%3D148597372.821327299.1663304335.1663304335.1663304335.1%3B%2B__utmz%3D148597372.1663304335.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1879263747&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=821327299.1663304335&jid=1879263747&_v=5.7.2&z=228570720 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=821327299.1663304335&jid=1879263747&_v=5.7.2&z=228570720 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=821327299.1663304335&jid=1879263747&_v=5.7.2&z=228570720&slf_rd=1&random=141833702
Request Chain 83
  • https://ib.adnxs.com/setuid?entity=533&code=03337a22247c447183df7f77147c217e HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D03337a22247c447183df7f77147c217e
Request Chain 84
  • https://creativecdn.com/cm-notify?pi=admixer HTTP 302
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
Request Chain 90
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Request Chain 92
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=b29245f0-daff-5203-9cb5-4042ff9142cd
Request Chain 95
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=03337a22247c447183df7f77147c217e HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZB7106CC00F543EB981CBFE02EE4FE7C&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=03337a22247c447183df7f77147c217e
Request Chain 96
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=03337a22247c447183df7f77147c217e&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=03337a22247c447183df7f77147c217e&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=admixer&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=admixer&&user_id=pxZ0qqEXfvi8QHD6qEBrqvMWIvu8F3P_9BZ7P0tu HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab&gdpr=&consent=&gdpr_pd=
Request Chain 97
  • https://rtb.com.ru/admixer-sync?uid=03337a22247c447183df7f77147c217e HTTP 302
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=03337a22247c447183df7f77147c217e HTTP 302
  • https://test.rtb.com.ru/?https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=6324028fa62fbd543480d237&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6324028fa62fbd543480d237%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D6324028fa62fbd543480d237%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D6324028fa62fbd543480d237%252526i%25253D8251799616152884530%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D6324028fa62fbd543480d237%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D6324028fa62fbd543480d237%2525252526nc%252525253D8851316988373735775%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D6324028fa62fbd543480d237%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FtWJQjXw2e3WiSdJD3PFRZW%2525252525253Fsign%2525252525253D3693408933%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D6324028fa62fbd543480d237 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=6324028fa62fbd543480d237&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6324028fa62fbd543480d237%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D6324028fa62fbd543480d237%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D6324028fa62fbd543480d237%252526i%25253D8251799616152884530%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D6324028fa62fbd543480d237%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D6324028fa62fbd543480d237%2525252526nc%252525253D8851316988373735775%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D6324028fa62fbd543480d237%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FtWJQjXw2e3WiSdJD3PFRZW%2525252525253Fsign%2525252525253D3693408933%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D6324028fa62fbd543480d237 HTTP 302
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6324028fa62fbd543480d237%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D6324028fa62fbd543480d237%2526dest%253Dhttps%25253A%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D6324028fa62fbd543480d237%252526i%25253D8251799616152884530%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D6324028fa62fbd543480d237%25252526ru%2525253Dhttps%252525253A%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D6324028fa62fbd543480d237%2525252526nc%252525253D8851316988373735775%2525252526url%252525253Dhttps%25252525253A%25252525252F%25252525252Fadx.com.ru%25252525252Fadspend-sync%25252525253Fuid%25252525253D6324028fa62fbd543480d237%252525252526r%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Fan.yandex.ru%2525252525252Fsetud%2525252525252Fadspend%2525252525252FtWJQjXw2e3WiSdJD3PFRZW%2525252525253Fsign%2525252525253D3693408933%25252525252526location%2525252525253Dhttps%252525252525253A%252525252525252F%252525252525252Ftop-fwz1.mail.ru%252525252525252Fcounter%252525252525253Fid%252525252525253D3138228%252525252525253Bpid%252525252525253D6324028fa62fbd543480d237&google_gid=CAESEGk5cMeD8sAGyapRlxxf5_4&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=6324028fa62fbd543480d237&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6324028fa62fbd543480d237%2526i%253D8251799616152884530%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6324028fa62fbd543480d237%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6324028fa62fbd543480d237%25252526nc%2525253D8851316988373735775%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D6324028fa62fbd543480d237%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FtWJQjXw2e3WiSdJD3PFRZW%25252525253Fsign%25252525253D3693408933%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D6324028fa62fbd543480d237 HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=6324028fa62fbd543480d237&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6324028fa62fbd543480d237%2526i%253D8251799616152884530%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6324028fa62fbd543480d237%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6324028fa62fbd543480d237%25252526nc%2525253D8851316988373735775%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D6324028fa62fbd543480d237%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FtWJQjXw2e3WiSdJD3PFRZW%25252525253Fsign%25252525253D3693408933%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D6324028fa62fbd543480d237&dsp_provider_id=2 HTTP 302
  • https://prodmp.ru/li?guid=A6B2DCFBAB7C5C8D7580&uid=6324028fa62fbd543480d237&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6324028fa62fbd543480d237%2526i%253D8251799616152884530%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6324028fa62fbd543480d237%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6324028fa62fbd543480d237%25252526nc%2525253D8851316988373735775%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D6324028fa62fbd543480d237%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FtWJQjXw2e3WiSdJD3PFRZW%25252525253Fsign%25252525253D3693408933%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D6324028fa62fbd543480d237&dsp_provider_id=2 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/6324028fa62fbd543480d237?sign=ac83efa5&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6324028fa62fbd543480d237%2526i%253D8251799616152884530%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6324028fa62fbd543480d237%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6324028fa62fbd543480d237%25252526nc%2525253D8851316988373735775%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D6324028fa62fbd543480d237%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FtWJQjXw2e3WiSdJD3PFRZW%25252525253Fsign%25252525253D3693408933%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D6324028fa62fbd543480d237 HTTP 302
  • https://an.yandex.ru/mapuid/dmpmediadesk/6324028fa62fbd543480d237?redir-setuniq=1&sign=ac83efa5&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D6324028fa62fbd543480d237%2526i%253D8251799616152884530%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D6324028fa62fbd543480d237%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D6324028fa62fbd543480d237%25252526nc%2525253D8851316988373735775%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D6324028fa62fbd543480d237%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252FtWJQjXw2e3WiSdJD3PFRZW%25252525253Fsign%25252525253D3693408933%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D6324028fa62fbd543480d237 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=6324028fa62fbd543480d237&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D6324028fa62fbd543480d237%26i%3D8251799616152884530%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D6324028fa62fbd543480d237%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D6324028fa62fbd543480d237%252526nc%25253D8851316988373735775%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D6324028fa62fbd543480d237%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FtWJQjXw2e3WiSdJD3PFRZW%252525253Fsign%252525253D3693408933%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D6324028fa62fbd543480d237 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=6324028fa62fbd543480d237&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D6324028fa62fbd543480d237%26i%3D8251799616152884530%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D6324028fa62fbd543480d237%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D6324028fa62fbd543480d237%252526nc%25253D8851316988373735775%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D6324028fa62fbd543480d237%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252FtWJQjXw2e3WiSdJD3PFRZW%252525253Fsign%252525253D3693408933%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D6324028fa62fbd543480d237&bounce=1 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=8%2FILLxxITMzNTaqphaEqEw HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=8%2FILLxxITMzNTaqphaEqEw HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=42a5ce4e-d564-45cf-8191-7b55002be835&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253D8%25252FILLxxITMzNTaqphaEqEw%2526id%253D%257BUSER_ID%257D HTTP 302
  • https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3D8%252FILLxxITMzNTaqphaEqEw%26id%3D%7BUSER_ID%7D HTTP 302
  • https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=8%2FILLxxITMzNTaqphaEqEw&id= HTTP 301
  • https://x01.aidata.io/0.gif?pid=9503528&uid=42a5ce4e-d564-45cf-8191-7b55002be835&exu=8%!F(string=%20%20)ILLxxITMzNTaqphaEqEw
Request Chain 98
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D03337a22247c447183df7f77147c217e HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=447817a9-357c-11ed-9c9a-801844df0ab8 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b15d8276-1ccc-41d0-b053-b1bc5140311c&user_group=1&ssp=lemma&bsw_param=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab HTTP 302
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=447817a9-357c-11ed-9c9a-801844df0ab8 HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab HTTP 302
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=03337a22247c447183df7f77147c217e447817a9-357c-11ed-9c9a-801844df0ab8
Request Chain 99
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=fa1cf96d-c1be-40d4-8920-8069ad084f22
Request Chain 101
  • https://ups.analytics.yahoo.com/ups/58613/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-kzFYp8VE2uGWy2E_9mZbgREwgQaW3yz7LeVHTKM-~A
Request Chain 102
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
  • https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Request Chain 106
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=03337a22247c447183df7f77147c217e HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=03337a22247c447183df7f77147c217e
Request Chain 115
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 125
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=fd785e3b-bc6f-4be1-93d0-097caab5bc15
Request Chain 127
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2005152939204637518
Request Chain 128
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
Request Chain 129
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=dba56ad9-e36e-4d43-8aa8-386b18c3abb6
Request Chain 131
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=20592c7d-2baa-40f9-9551-7be52e5405ac
Request Chain 133
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1663304335616 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1010568365
Request Chain 134
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2005152939204637518
Request Chain 135
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=03337a22247c447183df7f77147c217e
Request Chain 137
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9d12aa55d264e60e%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9d12aa55d264e60e&uid=2005152939204637518
Request Chain 138
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9d12aa55d264e60e%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Request Chain 140
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 141
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Request Chain 149
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9d12aa55d264e60e%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9d12aa55d264e60e&uid=2005152939204637518
Request Chain 150
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9d12aa55d264e60e%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Request Chain 153
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 156
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 157
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Request Chain 167
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2cdf6395-8343-40e3-96d9-c143e5528f76&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Request Chain 173
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=21a55135-f08b-4151-a38b-9ac08c56e507&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 174
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=e8d8fc41-c8ef-4b97-772d-4828258455d1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=e8d8fc41-c8ef-4b97-772d-4828258455d1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=82201803727327235312509221272066846950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Request Chain 176
  • https://bn01.er.bemail.it/zeotap.php?_bid=e8d8fc41-c8ef-4b97-772d-4828258455d1&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022091617-90602-0.931982001663343701-7f3d78b705e588af0581511566eb91e1&zdid=533&env=mWeb
Request Chain 177
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7143837726424168594&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Request Chain 179
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e8d8fc41-c8ef-4b97-772d-4828258455d1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e8d8fc41-c8ef-4b97-772d-4828258455d1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361&bounce=1&random=1205012228 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=mI/cuCnc.hcM9z.KfnnCuu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Request Chain 181
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=e8d8fc41-c8ef-4b97-772d-4828258455d1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=e8d8fc41-c8ef-4b97-772d-4828258455d1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Request Chain 182
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-nzaJ0c9E2or7ffJPcP1Fv3cRXyBoZ6AESw--~A&zpartnerid=570&env=mWeb
Request Chain 183
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=X6RJdMCsSC2O9CAs%2BQPA4M2T21YZvZz1%2BS41iYitP1U%3D
Request Chain 188
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=22b86324-0290-4b00-8a57-7eda1042df23&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Request Chain 189
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Request Chain 190
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e8d8fc41-c8ef-4b97-772d-4828258455d1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e8d8fc41-c8ef-4b97-772d-4828258455d1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361&dcc=t
Request Chain 192
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Request Chain 197
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2cdf6395-8343-40e3-96d9-c143e5528f76&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Request Chain 203
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=21a55135-f08b-4151-a38b-9ac08c56e507&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 204
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=82201803727327235312509221272066846950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Request Chain 206
  • https://bn01.er.bemail.it/zeotap.php?_bid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022091617-32349-0.928747001663343701-289c4617a65cd3ae0b8d9e835472f018&zdid=533&env=mWeb
Request Chain 207
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7143837726416631963&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Request Chain 209
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361&bounce=1&random=1502105832 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=mI/cuCnc.hcM9z.KfnnCuu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Request Chain 211
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Request Chain 212
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-nzaJ0c9E2or7ffJPcP1Fv3cRXyBoZ6AESw--~A&zpartnerid=570&env=mWeb
Request Chain 213
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lwS6x6TnrYqO9CAs%2BQPA4A%2BTdiIz8ijO%2BS41iYitP1U%3D
Request Chain 218
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d3d56324-0290-4600-8487-1b8e07595191&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Request Chain 219
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Request Chain 220
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361&dcc=t
Request Chain 222
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Request Chain 227
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&dcc=t
Request Chain 228
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENEZjw-wfDr8GB_Hoya5tBg&google_cver=1
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyQCj3Zu-EpQ-0yXkwbANAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
Request Chain 232
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195
Request Chain 233
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2005152939204637518
Request Chain 236
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2005152939204637518
Request Chain 237
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7782151775803717278
Request Chain 238
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=76c56324-0290-4800-b067-0a9bfa0854f1
Request Chain 240
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vw5pkCYS1Oz3ri5
Request Chain 241
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Request Chain 242
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663390736
Request Chain 243
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=HFCgzRpRqp8HBqSdSVW_nxpao50HAKOdSFdI_Vej
Request Chain 252
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=c6310791a6bead55
Request Chain 274
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434 HTTP 301
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Request Chain 299
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dd492d92fa9f9922a%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=d492d92fa9f9922a&uid=2005152939204637518
Request Chain 300
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dd492d92fa9f9922a%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=d492d92fa9f9922a&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Request Chain 306
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1179679028
Request Chain 310
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=03337a22247c447183df7f77147c217e
Request Chain 311
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Request Chain 325
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 328
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3D64b58b70-02f2-46bb-52c8-8ebb872e32fb%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=64b58b70-02f2-46bb-52c8-8ebb872e32fb&zdid=1361
Request Chain 332
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyQCj3Zu-EpQ-0yXkwbANAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAWQlR7kvValOTwekbD6D8I&google_cver=1
Request Chain 334
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB
Request Chain 335
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 336
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2005152939204637518
Request Chain 337
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685624293210505
Request Chain 340
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=c6310791a6bead55
Request Chain 388
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5779408179993637899 HTTP 302
  • https://a.audrte.com/p
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418gkUcdmqxRESiRagu8T5qQg&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418gkUcdmqxRESiRagu8T5qQg&gdpr=0&gdpr_consent=&google_gid=CAESEPykcb4Lrj98PJawEWySFTI&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 407
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7243443043593630516 HTTP 302
  • https://a.audrte.com/p
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent=&google_gid=CAESEPykcb4Lrj98PJawEWySFTI&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 416
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
Request Chain 417
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyQCj3Zu-EpQ-0yXkwbANAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
Request Chain 418
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENlxP6FSmJLBzk-YiRRKDkM&google_cver=1
Request Chain 419
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwNTE1MjkzOTIwNDYzNzUxOA%3D%3D
Request Chain 424
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvTTBbwHYTihb2EPZHRKo8&google_cver=1
Request Chain 426
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGx4FxUG3g84H-g3ipbFc60&google_cver=1
Request Chain 467
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOOn63DHp-2lg8F2k6yUTgE&google_cver=1&google_push=AZmPxg_IJKXikZzmeodUNkTHcb3bnpcIYaxoSUqSQvrrHHSi6yra32NrElC04a31G5m4CIomaGDiqd5fzm_l1XaZL7QrxMHAqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_IJKXikZzmeodUNkTHcb3bnpcIYaxoSUqSQvrrHHSi6yra32NrElC04a31G5m4CIomaGDiqd5fzm_l1XaZL7QrxMHAqw&google_hm=fczD8cWTRSmqIp5tFUwNmw
Request Chain 468
  • https://d.agkn.com/pixel/2175/?google_gid=CAESELeZGNe1usFeiQg6Lwxqthk&google_cver=1&google_push=AZmPxg9X8sgnyJc8WA4jC5mNn-OMlc_4TY4jBG0mr6NvjIMyC5G2cyfJ45PlSgpRBkAK3E6CAcD2HRBuBvlpSZs7UHjsaSsa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9X8sgnyJc8WA4jC5mNn-OMlc_4TY4jBG0mr6NvjIMyC5G2cyfJ45PlSgpRBkAK3E6CAcD2HRBuBvlpSZs7UHjsaSsa&google_hm=Q0FFU0VMZVpHTmUxdXNGZWlRZzZMd3hxdGhr
Request Chain 471
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKJT4YAJtVJ-i_lpHyr_5V0&google_cver=1&google_push=AZmPxg87Cv7ll0hPEFwqHarmjGFgszSvZMd4fC2dePfwuPDu47B4uFq2DZVwfzhISx1YBDE0Arunss-tW0O6nizvZsipCzklCA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0MEdHUzItMjMtMUoyRQ==&google_push=AZmPxg87Cv7ll0hPEFwqHarmjGFgszSvZMd4fC2dePfwuPDu47B4uFq2DZVwfzhISx1YBDE0Arunss-tW0O6nizvZsipCzklCA
Request Chain 479
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOOn63DHp-2lg8F2k6yUTgE&google_cver=1&google_push=AZmPxg-EwStnx7WpS2Sn2mrlC9Z7woCIXqLBfhtuT4zKvspiPjVTLPVuQL6T69m29XbX89gVcBDagzIx4kZmhAfxPlSei01uiJ0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-EwStnx7WpS2Sn2mrlC9Z7woCIXqLBfhtuT4zKvspiPjVTLPVuQL6T69m29XbX89gVcBDagzIx4kZmhAfxPlSei01uiJ0&google_hm=fczD8cWTRSmqIp5tFUwNmw
Request Chain 480
  • https://d.agkn.com/pixel/2175/?google_gid=CAESELeZGNe1usFeiQg6Lwxqthk&google_cver=1&google_push=AZmPxg_W_dwoUnulV_xeUR6b1iWjBEZK4xUXwyAmOAyLiue5O_rm9D1DN-41if18XbUp3DeN_85ieKHoLpLNfAoRUttu51lRKZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_W_dwoUnulV_xeUR6b1iWjBEZK4xUXwyAmOAyLiue5O_rm9D1DN-41if18XbUp3DeN_85ieKHoLpLNfAoRUttu51lRKZQ&google_hm=Q0FFU0VMZVpHTmUxdXNGZWlRZzZMd3hxdGhr
Request Chain 483
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKJT4YAJtVJ-i_lpHyr_5V0&google_cver=1&google_push=AZmPxg9dT2389vXM1ZP9Z6yY8sgJaekm2RzVkKCnHhNtmfDv386CuJ_6LR1NABFyq98qnkH2heWlAvIwk6GhwUFxo_2Zhahqarx6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0MEdHVEktMVktQ0JMNQ==&google_push=AZmPxg9dT2389vXM1ZP9Z6yY8sgJaekm2RzVkKCnHhNtmfDv386CuJ_6LR1NABFyq98qnkH2heWlAvIwk6GhwUFxo_2Zhahqarx6
Request Chain 523
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7243443043593630516 HTTP 302
  • https://a.audrte.com/p
Request Chain 524
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent=&google_gid=CAESEPykcb4Lrj98PJawEWySFTI&google_cver=1 HTTP 302
  • https://a.audrte.com/p

630 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
zdorovia.com.ua/
88 KB
22 KB
Document
General
Full URL
http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
8010d6b4630d23a2de268637bd716adb89d21e8070d2744c13d8eec283e72964

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=Windows-1251
Date
Fri, 16 Sep 2022 04:58:54 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.12.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.45-0+deb7u14
cache-control
private
video-js.min.css
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/
38 KB
39 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video-js.min.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-9996"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39318
Expires
Sun, 16 Oct 2022 04:58:54 GMT
videojs-ie8.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/
27 KB
27 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/ie8/videojs-ie8.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6a8f"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27279
Expires
Sun, 16 Oct 2022 04:58:54 GMT
video.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/
267 KB
267 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/video.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-42b5b"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273243
Expires
Sun, 16 Oct 2022 04:58:54 GMT
youtube.min.js
zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/
12 KB
13 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-30ec"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12524
Expires
Sun, 16 Oct 2022 04:58:54 GMT
core-mama.css
zdorovia.com.ua/templates/default3/css/
64 KB
64 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10047"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65607
Expires
Sun, 16 Oct 2022 04:58:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/
84 KB
30 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 02:58:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
7240
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
30082
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 16 Sep 2023 02:58:14 GMT
jcarousellite_1.0.1_mod.js
zdorovia.com.ua/templates/default3/css/
4 KB
5 KB
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/css/jcarousellite_1.0.1_mod.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-10d9"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4313
Expires
Sun, 16 Oct 2022 04:58:54 GMT
scripts.js
zdorovia.com.ua/templates/default3/css/
16 KB
16 KB
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/css/scripts.js?ver=3.3.2
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-4055"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16469
Expires
Sun, 16 Oct 2022 04:58:54 GMT
media.js
zdorovia.com.ua/templates/default3/js/
0
0
Script
General
Full URL
http://zdorovia.com.ua/templates/default3/js/media.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
functions.js
zdorovia.com.ua/engine/includes/js/
13 KB
13 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/includes/js/functions.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-32f0"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
Expires
Sun, 16 Oct 2022 04:58:54 GMT
ajax.js
zdorovia.com.ua/engine/includes/js/
7 KB
8 KB
Script
General
Full URL
http://zdorovia.com.ua/engine/includes/js/ajax.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-1d7d"
Content-Type
application/javascript
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7549
Expires
Sun, 16 Oct 2022 04:58:54 GMT
loader2.js
scripts.go2net.com.ua/scripts3/
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
62dd7b0ccfa8bdaf6f9cca4f3138298c44e5bfe4da2af6ca6f400ac4f7ce8b6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:54 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-14T02:14:22+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Sat, 10 Sep 2022 01:32:09 GMT
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
62dd7b0ccfa8bdaf6f9cca4f3138298c44e5bfe4da2af6ca6f400ac4f7ce8b6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc13
date
Fri, 16 Sep 2022 04:58:54 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-16T04:50:00+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Fri, 09 Sep 2022 06:21:50 GMT
loading.gif
zdorovia.com.ua/templates/default3/images/
2 KB
2 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/images/loading.gif
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-6f7"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1783
Expires
Sun, 16 Oct 2022 04:58:54 GMT
01-1280x7201.jpg
zdorovia.com.ua/uploads/dsn/9a/e0/001/
36 KB
37 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/9a/e0/001/01-1280x7201.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e6cf4df949bf6e7f5ef1a61c546be3c50e7eb119e8620b8206ab395a29058351

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 13 Sep 2022 09:49:07 GMT
Server
nginx/1.12.1
ETag
"63205213-91ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37356
Expires
Sun, 16 Oct 2022 04:58:54 GMT
viiu.jpg
zdorovia.com.ua/uploads/dsn/f9/d3/001/
14 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/f9/d3/001/viiu.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
5c7e303d5f97a09c14f0dc8aa18b7da57685b0b93d818914259eacc4794386b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Mon, 12 Sep 2022 14:34:35 GMT
Server
nginx/1.12.1
ETag
"631f437b-37cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14285
Expires
Sun, 16 Oct 2022 04:58:54 GMT
892238_11.jpeg
zdorovia.com.ua/uploads/dsn/74/66/003/
20 KB
21 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/74/66/003/892238_11.jpeg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b04b0986785f2ae14f7860ba163708c892a8ef27074ce84dbe0f2fa9af1852b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Sun, 11 Sep 2022 18:58:12 GMT
Server
nginx/1.12.1
ETag
"631e2fc4-516b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20843
Expires
Sun, 16 Oct 2022 04:58:54 GMT
aux-head-1565343326-20190809_abletki_t1.jpg
zdorovia.com.ua/uploads/dsn/30/60/026/
13 KB
13 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/30/60/026/aux-head-1565343326-20190809_abletki_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
46ccfecc58742c93070c0a1cba02a1668df9a61c6d80f33f6d29c8d694cbd0bf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Fri, 09 Sep 2022 09:22:31 GMT
Server
nginx/1.12.1
ETag
"631b05d7-328b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12939
Expires
Sun, 16 Oct 2022 04:58:54 GMT
zhkvm.jpg
zdorovia.com.ua/uploads/dsn/28/92/002/
20 KB
20 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/28/92/002/zhkvm.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1e178b3f69e5657653742ecb5fb9755753307d57f18f7b266db6b0ccdfe5d2b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Fri, 09 Sep 2022 10:54:19 GMT
Server
nginx/1.12.1
ETag
"631b1b5b-4f74"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20340
Expires
Sun, 16 Oct 2022 04:58:54 GMT
97c0c2a-napoi1.jpg
zdorovia.com.ua/uploads/dsn/6b/b8/001/
18 KB
18 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/6b/b8/001/97c0c2a-napoi1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
47051ffe4c3e03cfe03e502825187de88bfb6cd710407cd3de40d2466c922351

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Wed, 07 Sep 2022 10:33:00 GMT
Server
nginx/1.12.1
ETag
"6318735c-47f7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18423
Expires
Sun, 16 Oct 2022 04:58:55 GMT
ai-217504-aux-head-20160809_produkty-t1.jpg
zdorovia.com.ua/uploads/dsn/ad/9e/002/
28 KB
29 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/ad/9e/002/ai-217504-aux-head-20160809_produkty-t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ab420a1b05301d25dd20fcd88331d007bf6208241e9ea887b5e6fe3ff89f730b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 05 Sep 2022 18:27:47 GMT
Server
nginx/1.12.1
ETag
"63163fa3-70ca"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28874
Expires
Sun, 16 Oct 2022 04:58:55 GMT
ucsuic.jpg
zdorovia.com.ua/uploads/dsn/63/9d/001/
16 KB
16 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/63/9d/001/ucsuic.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d69f9244c8053f228c6e086a4106e1f696bb8ed21fe6e210e76b612cac784733

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Mon, 29 Aug 2022 05:56:43 GMT
Server
nginx/1.12.1
ETag
"630c551b-3fa7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16295
Expires
Sun, 16 Oct 2022 04:58:54 GMT
ulzhcis.jpg
zdorovia.com.ua/uploads/dsn/ea/cb/001/
25 KB
25 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/ea/cb/001/ulzhcis.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d8ed748859a20af156216b18113f0837aa9d0ffeb1652af5925c3815a38e2182

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Fri, 12 Aug 2022 13:25:59 GMT
Server
nginx/1.12.1
ETag
"62f654e7-638d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25485
Expires
Sun, 16 Oct 2022 04:58:54 GMT
zhuliasi.jpg
zdorovia.com.ua/uploads/dsn/42/c5/001/
12 KB
13 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/42/c5/001/zhuliasi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Mon, 06 Jun 2022 10:12:41 GMT
Server
nginx/1.12.1
ETag
"629dd319-31cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12749
Expires
Sun, 16 Oct 2022 04:58:54 GMT
madrid.jpg
zdorovia.com.ua/uploads/dsn/e4/09/003/
29 KB
29 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/e4/09/003/madrid.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Sun, 27 Feb 2022 11:06:17 GMT
Server
nginx/1.12.1
ETag
"621b5b29-7236"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29238
Expires
Sun, 16 Oct 2022 04:58:54 GMT
ivzhao.jpg
zdorovia.com.ua/uploads/dsn/d0/d9/001/
30 KB
30 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d0/d9/001/ivzhao.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Sat, 26 Feb 2022 13:02:08 GMT
Server
nginx/1.12.1
ETag
"621a24d0-77ae"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30638
Expires
Sun, 16 Oct 2022 04:58:54 GMT
ziimaa.jpg
zdorovia.com.ua/uploads/dsn/27/b1/001/
24 KB
24 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/27/b1/001/ziimaa.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Mon, 10 Jan 2022 11:53:19 GMT
Server
nginx/1.12.1
ETag
"61dc1e2f-5fd2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24530
Expires
Sun, 16 Oct 2022 04:58:54 GMT
poomadi.jpg
zdorovia.com.ua/uploads/dsn/98/11/003/
13 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/98/11/003/poomadi.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Sun, 10 Oct 2021 16:18:32 GMT
Server
nginx/1.12.1
ETag
"61631258-3506"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13574
Expires
Sun, 16 Oct 2022 04:58:55 GMT
ukra.jpg
zdorovia.com.ua/uploads/dsn/d3/8d/001/
22 KB
22 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/d3/8d/001/ukra.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Wed, 29 Sep 2021 06:17:59 GMT
Server
nginx/1.12.1
ETag
"61540517-560c"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22028
Expires
Sun, 16 Oct 2022 04:58:54 GMT
kor.jpg
zdorovia.com.ua/uploads/dsn/3b/80/005/
20 KB
20 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/3b/80/005/kor.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Wed, 08 Sep 2021 08:44:53 GMT
Server
nginx/1.12.1
ETag
"61387805-4f89"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20361
Expires
Sun, 16 Oct 2022 04:58:55 GMT
doglyad.jpg
zdorovia.com.ua/uploads/dsn/dd/14/018/
18 KB
18 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/dd/14/018/doglyad.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Fri, 29 Jan 2021 10:09:42 GMT
Server
nginx/1.12.1
ETag
"6013dee6-4655"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18005
Expires
Sun, 16 Oct 2022 04:58:55 GMT
b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
zdorovia.com.ua/uploads/dsn/41/69/002/
15 KB
15 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/41/69/002/b03af6c2bdab3173da68203c5fe1f71c8cdd899b1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 18 Apr 2022 19:59:33 GMT
Server
nginx/1.12.1
ETag
"625dc325-3b39"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15161
Expires
Sun, 16 Oct 2022 04:58:55 GMT
8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
zdorovia.com.ua/uploads/dsn/09/11/001/
12 KB
12 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/09/11/001/8a8e43085b0550d25e3865ac22b6dd60fe8e54dd1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 11 Apr 2022 21:30:23 GMT
Server
nginx/1.12.1
ETag
"62549def-2ea4"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11940
Expires
Sun, 16 Oct 2022 04:58:55 GMT
back-pain-main-640x3601.jpg
zdorovia.com.ua/uploads/dsn/6a/ee/001/
12 KB
13 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/6a/ee/001/back-pain-main-640x3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
fc90b97c332ebea117c9304b72afcb165c336c08e9ab6db4a41bb71b54ba4f55

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Thu, 04 Aug 2022 08:37:07 GMT
Server
nginx/1.12.1
ETag
"62eb8533-3163"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12643
Expires
Sun, 16 Oct 2022 04:58:55 GMT
c99af04251d77ccba2694c784f28943e111ba0702.jpg
zdorovia.com.ua/uploads/dsn/f2/b9/003/
14 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/f2/b9/003/c99af04251d77ccba2694c784f28943e111ba0702.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Thu, 07 Apr 2022 18:23:42 GMT
Server
nginx/1.12.1
ETag
"624f2c2e-369f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13983
Expires
Sun, 16 Oct 2022 04:58:55 GMT
aux-head-1527057397-20180523_zawtrak_t1.jpg
zdorovia.com.ua/uploads/dsn/7b/db/001/
116 KB
116 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/7b/db/001/aux-head-1527057397-20180523_zawtrak_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
5823febbfb1fc1db57624117ab49aadef78f2a3408c7c673b6d6f8d564b130de

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Sun, 21 Aug 2022 20:27:12 GMT
Server
nginx/1.12.1
ETag
"63029520-1cead"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
118445
Expires
Sun, 16 Oct 2022 04:58:55 GMT
ai-234435-aux-head-20161215_produkty_t1.jpg
zdorovia.com.ua/uploads/dsn/29/38/002/
26 KB
26 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/29/38/002/ai-234435-aux-head-20161215_produkty_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d00a7d747022d19e7c8b897b1bef97aaddccbfeb9e475437566dabf7266e2777

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 29 Aug 2022 21:02:20 GMT
Server
nginx/1.12.1
ETag
"630d295c-66b0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26288
Expires
Sun, 16 Oct 2022 04:58:55 GMT
390162_3.jpg
zdorovia.com.ua/uploads/dsn/1a/ec/001/
26 KB
26 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/1a/ec/001/390162_3.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
405a2822f13160db99af498e688b4e7d8058f90306e5129d84c978c0677ff370

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 29 Aug 2022 09:50:26 GMT
Server
nginx/1.12.1
ETag
"630c8be2-6728"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26408
Expires
Sun, 16 Oct 2022 04:58:55 GMT
image1-221.jpg
zdorovia.com.ua/uploads/dsn/c5/8a/001/
30 KB
30 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/c5/8a/001/image1-221.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a68e2a2bb043653c66e8f3dec7f3c30f972639ba2c1abc6e869cb8ba894cace9

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 22 Aug 2022 11:40:01 GMT
Server
nginx/1.12.1
ETag
"63036b11-7776"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30582
Expires
Sun, 16 Oct 2022 04:58:55 GMT
aux-head-1642957847-20220123_produkty_3601.jpg
zdorovia.com.ua/uploads/dsn/70/03/004/
34 KB
34 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/70/03/004/aux-head-1642957847-20220123_produkty_3601.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
404085f85e16d1d29624a0a8a84807e2454ac31beb47384788cb13e0583a0c8e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Sat, 27 Aug 2022 19:52:41 GMT
Server
nginx/1.12.1
ETag
"630a7609-8783"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34691
Expires
Sun, 16 Oct 2022 04:58:55 GMT
otmk.jpg
zdorovia.com.ua/uploads/dsn/4a/66/001/
14 KB
14 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/4a/66/001/otmk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1665ea0ad2d2df1a1d3645ddd26661780090b4313190fc547ca8a7a11de508cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Thu, 15 Sep 2022 15:02:43 GMT
Server
nginx/1.12.1
ETag
"63233e93-378a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14218
Expires
Sun, 16 Oct 2022 04:58:55 GMT
tkmd.jpg
zdorovia.com.ua/uploads/dsn/cc/98/002/
28 KB
28 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/cc/98/002/tkmd.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
cffc422f5c01321479a6008888cd84091a509e800b3dd51e26694682bfa2258d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Thu, 15 Sep 2022 14:58:20 GMT
Server
nginx/1.12.1
ETag
"63233d8c-6f82"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28546
Expires
Sun, 16 Oct 2022 04:58:55 GMT
zhkli.jpg
zdorovia.com.ua/uploads/dsn/9a/86/002/
19 KB
20 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/9a/86/002/zhkli.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
6507596ed5e5ad92709bfa0996097b9f0acd5876398e39e0f760acd7612c9ceb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Thu, 15 Sep 2022 14:52:35 GMT
Server
nginx/1.12.1
ETag
"63233c33-4dd1"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19921
Expires
Sun, 16 Oct 2022 04:58:55 GMT
ukik.jpg
zdorovia.com.ua/uploads/dsn/7a/40/001/
19 KB
19 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/7a/40/001/ukik.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
ff20ac3a2bc1b99c0fbfbf4ba1ef93c891607717ea6945eccd68c1e345d6ca3f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Thu, 15 Sep 2022 14:43:09 GMT
Server
nginx/1.12.1
ETag
"632339fd-4c99"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19609
Expires
Sun, 16 Oct 2022 04:58:55 GMT
bol-v-serdtse1.jpg
zdorovia.com.ua/uploads/dsn/8b/04/001/
18 KB
18 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/8b/04/001/bol-v-serdtse1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
903e2ce39dd52ff75b8f25843ce23539a8acf0c8fc8e0c1700ba8d076ee3f309

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 05 Sep 2022 19:09:39 GMT
Server
nginx/1.12.1
ETag
"63164973-4631"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17969
Expires
Sun, 16 Oct 2022 04:58:55 GMT
aux-head-1503691249-20170825_piwo_t1.jpg
zdorovia.com.ua/uploads/dsn/bd/32/002/
107 KB
107 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/bd/32/002/aux-head-1503691249-20170825_piwo_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a3b6d73415dcb0f058b071d91a2b24652c9d882ad504b750e78643d9cfdd08ba

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 05 Sep 2022 18:17:31 GMT
Server
nginx/1.12.1
ETag
"63163d3b-1aa29"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109097
Expires
Sun, 16 Oct 2022 04:58:55 GMT
ai-189910-aux-head-20160405_happy_t1.jpg
zdorovia.com.ua/uploads/dsn/4a/0c/002/
20 KB
20 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/dsn/4a/0c/002/ai-189910-aux-head-20160405_happy_t1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b784ff8bf29e600d8e33ffe73e8007e9a568e593898f31ffc6428b7891dea555

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Mon, 05 Sep 2022 18:25:43 GMT
Server
nginx/1.12.1
ETag
"63163f27-4ee0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20192
Expires
Sun, 16 Oct 2022 04:58:55 GMT
style.css
zdorovia.com.ua/engine/plugins/diseases/style/
5 KB
5 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/diseases/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-121b"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4635
Expires
Sun, 16 Oct 2022 04:58:54 GMT
style.css
zdorovia.com.ua/engine/plugins/medicines/style/
5 KB
5 KB
Stylesheet
General
Full URL
http://zdorovia.com.ua/engine/plugins/medicines/style/style.css
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-135c"
Content-Type
text/css
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4956
Expires
Sun, 16 Oct 2022 04:58:54 GMT
4630_1.jpg
zdorovia.com.ua/uploads/images/default/
30 KB
31 KB
Image
General
Full URL
http://zdorovia.com.ua/uploads/images/default/4630_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-78ec"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30956
Expires
Sun, 16 Oct 2022 04:58:55 GMT
7849_vk.jpg
nashamama.com/uploads/images/default/
13 KB
13 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/7849_vk.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:38 GMT
Server
nginx/1.12.1
ETag
"54962732-3463"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13411
Expires
Sun, 16 Oct 2022 04:58:54 GMT
1540_fb.jpg
nashamama.com/uploads/images/default/
13 KB
13 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/1540_fb.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:30 GMT
Server
nginx/1.12.1
ETag
"5496272a-33c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13250
Expires
Sun, 16 Oct 2022 04:58:54 GMT
5194_tv.jpg
nashamama.com/uploads/images/default/
13 KB
14 KB
Image
General
Full URL
http://nashamama.com/uploads/images/default/5194_tv.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Sun, 21 Dec 2014 01:49:47 GMT
Server
nginx/1.12.1
ETag
"5496273b-359d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13725
Expires
Sun, 16 Oct 2022 04:58:54 GMT
3_1_3.png
i.i.ua/r/
2 KB
3 KB
Image
General
Full URL
http://i.i.ua/r/3_1_3.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.3.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
cloudflare
Age
263256
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
74b7079c2895e654-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2143
Expires
Wed, 13 Sep 2023 03:51:16 GMT
logo
counter.yadro.ru/
672 B
896 B
Image
General
Full URL
http://counter.yadro.ru/logo?57.1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
0W/0.8c /
Resource Hash
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
672
Expires
Sat, 16 Sep 2023 03:22:01 GMT
iframe_api
www.youtube.com/
992 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/engine/plugins/bb_media/players/videojs/lib/plugins/youtube/youtube.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad4233d382a13f75eca9f55dbce03b0cc519d92dc9f809cd39621f028071fdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 16 Sep 2022 04:58:54 GMT
vast.js
cdn.admixer.net/scripts3/r/
136 KB
37 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/r/vast.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ID
cec-up-gc13
Date
Fri, 16 Sep 2022 04:58:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2018 13:43:44 GMT
Server
nginx
ETag
W/"5a60a490-21e4b"
Vary
Accept-Encoding
X-Cached-Since
2022-09-07T11:47:09+00:00
Content-Type
application/javascript
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Fri, 08 Sep 2023 11:47:09 GMT
branding
a4p.adpartner.pro/
Redirect Chain
  • http://a4p.adpartner.pro/branding?id=1550&0.2421288073068555
  • https://a4p.adpartner.pro/branding?id=1550&0.2421288073068555
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/branding?id=1550&0.2421288073068555
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
34d32d198ac914ad4a9d11d0a2269e8cc2c0c68a769585759078020987c4a6b4

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/branding?id=1550&0.2421288073068555
Date
Fri, 16 Sep 2022 04:58:54 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4573
date
Fri, 16 Sep 2022 03:42:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 16 Sep 2022 05:42:42 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u043...
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u04...
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u...
43 B
528 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.29403753216014983
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Sep 2021 03:22:01 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//zdorovia.com.ua/;h%u041D%u043E%u0432%u0438%u043D%u0438%20%u0437%u0434%u043E%u0440%u043E%u0432%27%u044F%2C%20%u043B%u0456%u043A%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u0437%u0434%u043E%u0440%u043E%u0432%u043E%u0433%u043E%20%u0445%u0430%u0440%u0447%u0443%u0432%u0430%u043D%u043D%u044F%20%u0442%u0430%20%u043E%u0447%u0438%u0449%u0435%u043D%u043D%u044F;0.29403753216014983
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 16 Sep 2021 03:22:01 GMT
s
r.i.ua/
43 B
852 B
Image
General
Full URL
http://r.i.ua/s?u152465&p0&n0.03615945576832602&c1&d24&w1600&h1200&rzdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:54 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
CF-RAY
74b7079c1b74e67c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires
0
/
zdorovia.com.ua/
88 KB
88 KB
Image
General
Full URL
http://zdorovia.com.ua/
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 / PHP/5.4.45-0+deb7u14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:54 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
text/html; charset=Windows-1251
cache-control
private
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header-searchform-button.png
zdorovia.com.ua/templates/default3/img/
3 KB
3 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/header-searchform-button.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-ba5"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2981
Expires
Sun, 16 Oct 2022 04:58:54 GMT
logo-header.png
zdorovia.com.ua/templates/default3/images/
26 KB
26 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/images/logo-header.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-67ad"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26541
Expires
Sun, 16 Oct 2022 04:58:54 GMT
arrows.png
zdorovia.com.ua/templates/default3/img/
251 B
583 B
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/arrows.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:54 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-fb"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251
Expires
Sun, 16 Oct 2022 04:58:54 GMT
page.php
www.facebook.com/plugins/ Frame 82E6
15 KB
9 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43857243f02ef37095bb428d754c828940103d5658c5b23aacb83dc57e5a484c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 16 Sep 2022 04:58:54 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Bq42+WdGfOqujXMMHBQwRZV8/ACI4mO0injB8bFCPXMphaHlKWhypCO5/eXMtpR5o/UohUGmBYFzLdizWJnUig==
x-fb-rlafr
0
x-xss-protection
0
01.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16918126&s16916513&t1&c1&n825354&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/01.png
769 B
1 KB
Image
General
Full URL
http://i.bigmir.net/cnt/01.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-301"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
769
Expires
Mon, 19 Sep 2022 04:58:55 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/01.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
link-arrow.png
zdorovia.com.ua/templates/default3/img/
3 KB
3 KB
Image
General
Full URL
http://zdorovia.com.ua/templates/default3/img/link-arrow.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
Protocol
HTTP/1.1
Server
91.210.190.92 , Ukraine, ASN48440 (AS-EKVIA, UA),
Reverse DNS
internetmedia.ua
Software
nginx/1.12.1 /
Resource Hash
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/templates/default3/css/core-mama.css?nc=6758493
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Last-Modified
Tue, 14 Aug 2018 13:59:39 GMT
Server
nginx/1.12.1
ETag
"5b72e04b-bcd"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3021
Expires
Sun, 16 Oct 2022 04:58:55 GMT
c.html
cdn.admixer.net/scripts3/49044/ Frame 8FA4
738 B
519 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:54 GMT
etag
W/"63049f42-2e2"
expires
Thu, 07 Sep 2023 20:35:12 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-09-06T20:35:12+00:00
x-id
cec-up-gc13
a21031c0f6a0994b3314.b.js
scripts.go2net.com.ua/scripts3/49044/
23 KB
9 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:54 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:56 GMT
server
nginx
etag
W/"63049f40-5d41"
vary
Accept-Encoding
x-cached-since
2022-09-13T12:54:32+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Wed, 06 Sep 2023 12:41:02 GMT
0a75d04ce9f53a1a35b6.b.js
scripts.go2net.com.ua/scripts3/49044/
75 KB
20 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:54 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:45 GMT
server
nginx
etag
W/"63049f35-12c39"
vary
Accept-Encoding
x-cached-since
2022-09-13T12:54:32+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Wed, 06 Sep 2023 12:41:02 GMT
c.html
cdn.admixer.net/scripts3/49044/ Frame AEF2
738 B
405 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:54 GMT
etag
W/"63049f42-2e2"
expires
Thu, 07 Sep 2023 20:35:12 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-09-06T20:35:12+00:00
x-id
cec-up-gc13
www-widgetapi.js
www.youtube.com/s/player/f6383696/www-widgetapi.vflset/
161 KB
53 KB
Script
General
Full URL
https://www.youtube.com/s/player/f6383696/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
3086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53518
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 00:18:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Sep 2023 04:07:28 GMT
dsp.aspx
ads.go2net.com.ua/
7 KB
2 KB
Script
General
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=5910729289584735&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%223de8e503-0921-0770-8d2c-29731ff3ab37%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2209b46336-245b-2864-5867-10ebd6816355%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
66225fc3e54aab2b7c667bf6b3a5021216eae81fcae74a75a63ab29b8256f326
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2059
X-Xss-Protection
0
dsp.aspx
inv-nets.admixer.net/
6 KB
2 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7226457088352463&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%223ea651af-c47b-1d23-45f0-bd7e7bd1fff4%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%227df05087-98b9-eb3d-e0f5-300bd55ab55a%22%2C%22tagid%22%3A%222d179f8a-367f-49ed-9a1f-d77deb57f009%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2d179f8a367f49ed9a1fd77deb57f009_zone_2586_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2260ea4eaa-6b69-67bd-52fc-a4b2c04571f3%22%2C%22tagid%22%3A%22cdadfe55-ba49-47d5-9918-cc04aa357b98%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_cdadfe55ba4947d59918cc04aa357b98_zone_3636_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%220578df2f-f52e-ea60-5354-634678ae5dbd%22%2C%22tagid%22%3A%2293ae9d99-966b-415b-9964-9dc2489da01f%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_93ae9d99966b415b99649dc2489da01f_zone_6048_sect_360_site_360%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A3%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
1f1dc20da7f0030eb746dca482da9d752c7afcce6deacb22081d3d6fdb992322
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
1711
X-Xss-Protection
0
3UE6NR6B0iS.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/ Frame 82E6
19 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/3UE6NR6B0iS.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZdoroviacomua%2F&tabs=timeline&width=300&height=600&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=348298842028226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c592df00f791d997e02e6d5b18e1b2dd8b3bea69e43fb29e8ececa28025f4195
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
M8RLT0FQ/Z2rbLuAHml8EQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4849
x-fb-rlafr
0
x-fb-debug
uEjPSyXqV0rP9GF04fTZ4dHmKh0cc6bKt5tnw9wSn7RRJLXBKSQCyTE4/mV2EtrbX9uVApnl4JPh6g2JP4aTfg==
x-fb-trip-id
720026100
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 15 Sep 2023 16:29:57 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=228570720&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=228570720&utmhn=zdorovia.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37123827-1&cid=821327299.1663304335&jid=1879263747&_v=5.7.2&z=228570720
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=821327299.1663304335&jid=1879263747&_v=5.7.2&z=228570720
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=821327299.1663304335&jid=1879263747&_v=5.7.2&z=228570720&slf_rd=1&random=141833702
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=821327299.1663304335&jid=1879263747&_v=5.7.2&z=228570720&slf_rd=1&random=141833702
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37123827-1&cid=821327299.1663304335&jid=1879263747&_v=5.7.2&z=228570720&slf_rd=1&random=141833702
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e1eee23f36481a69453f.b.js
scripts.go2net.com.ua/scripts3/49044/
28 KB
11 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/49044/e1eee23f36481a69453f.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:55 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:35:01 GMT
server
nginx
etag
W/"63049f45-702f"
vary
Accept-Encoding
x-cached-since
2022-09-14T18:56:43+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Fri, 15 Sep 2023 18:56:43 GMT
fdabe098f34289659a17.b.js
scripts.go2net.com.ua/scripts3/49044/
42 KB
18 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/49044/fdabe098f34289659a17.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:55 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:35:02 GMT
server
nginx
etag
W/"63049f46-a793"
vary
Accept-Encoding
x-cached-since
2022-09-15T21:45:57+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Sat, 16 Sep 2023 21:45:57 GMT
84011c43c3075e543c6d.b.js
scripts.go2net.com.ua/scripts3/49044/
13 KB
5 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/49044/84011c43c3075e543c6d.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:55 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:54 GMT
server
nginx
etag
W/"63049f3e-326c"
vary
Accept-Encoding
x-cached-since
2022-09-13T12:58:11+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Wed, 06 Sep 2023 12:42:06 GMT
7103cce7fa6705169441.b.js
scripts.go2net.com.ua/scripts3/49044/
11 KB
4 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/49044/7103cce7fa6705169441.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:55 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:52 GMT
server
nginx
etag
W/"63049f3c-2a79"
vary
Accept-Encoding
x-cached-since
2022-09-13T17:35:55+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Wed, 06 Sep 2023 16:56:43 GMT
5927ef40e4a80e0040be.b.js
scripts.go2net.com.ua/scripts3/49044/
215 KB
74 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/49044/5927ef40e4a80e0040be.b.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:55 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:51 GMT
server
nginx
etag
W/"63049f3b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-09-13T14:32:16+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31622400
cache
HIT
expires
Thu, 14 Sep 2023 14:32:16 GMT
ImgSync
image8.pubmatic.com/AdServer/
0
42 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
content-length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=533&code=03337a22247c447183df7f77147c217e
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D03337a22247c447183df7f77147c217e
43 B
844 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e50420ed-37ba-4efc-b631-3e770818aff9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c31e20d-5dd2-4b07-ab4c-7e86e456290d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D533%26code%3D03337a22247c447183df7f77147c217e
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admixer
  • https://creativecdn.com/cm-notify?pi=admixer&tc=1
42 B
243 B
Image
General
Full URL
https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT, Fri, 16 Sep 2022 04:58:55 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=admixer&tc=1
date
Fri, 16 Sep 2022 04:58:55 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
branding.min.js
a4p.adpartner.pro/apstc/
13 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.425
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.2421288073068555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
no-store no-transform
last-modified
Wed, 31 Aug 2022 13:16:12 GMT
server
nginx
content-encoding
br
etag
W/"630f5f1c-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame CE13
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.2421288073068555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 16 Sep 2022 04:58:55 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame 5C41
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=1214764331083829&apuid=0d336ee3-ed74-47bc-8876-905c246583d3&session_pageview=1&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/branding?id=1550&0.2421288073068555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
17fc86161d9b6ac5cd40ebe0b9a354751ee0a2a83d48f423bcab24cb25adcd52

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 04:58:55 GMT
server
nginx
sync.html
s.adtelligent.com/ Frame 8EE1
3 KB
2 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=5910729289584735&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%223de8e503-0921-0770-8d2c-29731ff3ab37%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2209b46336-245b-2864-5867-10ebd6816355%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
f2f26c5ed9c941843c4488f476a90315117ca80a67a57d5c2e9d39de61ef9bf6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1276
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:54 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 7930
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=5910729289584735&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%223de8e503-0921-0770-8d2c-29731ff3ab37%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2209b46336-245b-2864-5867-10ebd6816355%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame 2076
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
2 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=5910729289584735&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%223de8e503-0921-0770-8d2c-29731ff3ab37%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2209b46336-245b-2864-5867-10ebd6816355%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_ed2476d6dc6a46b4b1f91613392c7015_zone_13171_sect_3977_site_3547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22go2net%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
a84714edc59a71269e99b1606db770b5ee4c5839f6a11dd91bdd6bc1e6c02f09

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
expires
Fri, 16 Sep 2022 04:58:55 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 16 Sep 2022 04:58:55 GMT
location
/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
1px-matching-admixer.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=b29245f0-daff-5203-9cb5-4042ff9142cd
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=b29245f0-daff-5203-9cb5-4042ff9142cd
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=b29245f0-daff-5203-9cb5-4042ff9142cd
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sfaf25.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
mmr445.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=03337a22247c447183df7f77147c217e
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZB7106CC00F543EB981CBFE02EE4FE7C&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=03337a22247c447183df7f77147c217e
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZB7106CC00F543EB981CBFE02EE4FE7C&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=ZB7106CC00F543EB981CBFE02EE4FE7C&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=03337a22247c447183df7f77147c217e
date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
expires
-1
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=03337a22247c447183df7f77147c217e&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=03337a22247c447183df7f77147c217e&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=admixer&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=admixer&&user_id=pxZ0qqEXfvi8QHD6qEBrqvMWIvu8F3P_9BZ7P0tu
  • https://inv-nets.admixer.net/bs/cm.aspx?id=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab&gdpr=&consent=&gdpr_pd=
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab&gdpr=&consent=&gdpr_pd=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab&gdpr=&consent=&gdpr_pd=
Date
Fri, 16 Sep 2022 04:58:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
0.gif
x01.aidata.io/
Redirect Chain
  • https://rtb.com.ru/admixer-sync?uid=03337a22247c447183df7f77147c217e
  • https://rtb.com.ru/sync?noRedirect=&sspKey=36&sspUserID=03337a22247c447183df7f77147c217e
  • https://test.rtb.com.ru/?https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=6324028fa62fbd543480d237&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D632...
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=6324028fa62fbd543480d237&r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6324028fa62fbd543480d237%26d...
  • https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D6324028fa62fbd543480d237%26duid%3D%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D64...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=6324028fa62fbd543480d237&duid=&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F%252...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=6324028fa62fbd543480d237&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F%252Fdmg....
  • https://prodmp.ru/li?guid=A6B2DCFBAB7C5C8D7580&uid=6324028fa62fbd543480d237&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F%252Fdmg.di...
  • https://an.yandex.ru/mapuid/dmpmediadesk/6324028fa62fbd543480d237?sign=ac83efa5&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3Dhttps%253A%252F...
  • https://an.yandex.ru/mapuid/dmpmediadesk/6324028fa62fbd543480d237?redir-setuniq=1&sign=ac83efa5&location=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D6324028fa62fbd543480d237%26dest%3...
  • https://x01.aidata.io/0.gif?pid=6472613&id=6324028fa62fbd543480d237&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D6324028fa62fbd543480d237%26i%3D8251799616152884530%26r%...
  • https://x01.aidata.io/0.gif?pid=6472613&id=6324028fa62fbd543480d237&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D6324028fa62fbd543480d237%26i%3D8251799616152884530%26r%...
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=8%2FILLxxITMzNTaqphaEqEw
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=8%2FILLxxITMzNTaqphaEqEw
  • https://tech.rtb.mts.ru/?dsp_uid=42a5ce4e-d564-45cf-8191-7b55002be835&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
  • https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3D8%252FILLxxITMzNTaqphaEqEw%26id%3D%7BUSER_ID%7D
  • https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=8%2FILLxxITMzNTaqphaEqEw&id=
  • https://x01.aidata.io/0.gif?pid=9503528&uid=42a5ce4e-d564-45cf-8191-7b55002be835&exu=8%!F(string=%20%20)ILLxxITMzNTaqphaEqEw
0
433 B
Image
General
Full URL
https://x01.aidata.io/0.gif?pid=9503528&uid=42a5ce4e-d564-45cf-8191-7b55002be835&exu=8%!F(string=%20%20)ILLxxITMzNTaqphaEqEw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51804.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:59 GMT
last-modified
Fri, 16 Sep 2022 04:58:58 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Fri, 16 Sep 2022 04:58:58 GMT

Redirect headers

Date
Fri, 16 Sep 2022 04:58:59 GMT
Server
nginx
Access-Control-Allow-Origin
*
Vary
Origin
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
Location
https://x01.aidata.io/0.gif?pid=9503528&uid=42a5ce4e-d564-45cf-8191-7b55002be835&exu=8%!F(string= )ILLxxITMzNTaqphaEqEw
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://sync.lemmatechnologies.com/setuid?publisher=144&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5EB91493-F210-4EA3-B3C6-1AE3BD948878%26id%3D03337a22247c...
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=447817a9-357c-11ed-9c9a-801844df0ab8
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lemma&bsw_custom_parameter=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b15d8276-1ccc-41d0-b053-b1bc5140311c&user_group=1&ssp=lemma&bsw_param=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab
  • https://x.bidswitch.net/sync?ssp=lemma&user_id=447817a9-357c-11ed-9c9a-801844df0ab8
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=lemma&bsw_custom_parameter=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=lemma&expires=10&bsw_param=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab
  • https://sync.lemmatechnologies.com/setuid?bidder=bidswitch&uid=e97c7c53-9d19-4c10-ba59-7467cf1ef8ab
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=03337a22247c447183df7f77147c217e447817a9-357c-11ed-9c9a-801844df0ab8
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=03337a22247c447183df7f77147c217e447817a9-357c-11ed-9c9a-801844df0ab8
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:58 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:58 GMT
vary
Origin
content-type
text/html; charset=utf-8
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5EB91493-F210-4EA3-B3C6-1AE3BD948878&id=03337a22247c447183df7f77147c217e447817a9-357c-11ed-9c9a-801844df0ab8
cache-control
no-cache, no-store, must-revalidate
content-length
179
expires
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D5BDCF84A-C9CB-4519-8A23-C01743D4AC38%26id%3D%7Buser_id%7D
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=fa1cf96d-c1be-40d4-8920-8069ad084f22
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=fa1cf96d-c1be-40d4-8920-8069ad084f22
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5BDCF84A-C9CB-4519-8A23-C01743D4AC38&id=fa1cf96d-c1be-40d4-8920-8069ad084f22
date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
no-store no-transform
server
nginx
content-length
190
content-type
text/html; charset=utf-8
ImgSync
image8.pubmatic.com/AdServer/
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
content-length
0
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58613/occ
  • https://ups.analytics.yahoo.com/ups/58613/occ?verify=true
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-kzFYp8VE2uGWy2E_9mZbgREwgQaW3yz7LeVHTKM-~A
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-kzFYp8VE2uGWy2E_9mZbgREwgQaW3yz7LeVHTKM-~A
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=C08DEACC-8D75-434A-AEB2-F33238E285A8&id=y-kzFYp8VE2uGWy2E_9mZbgREwgQaW3yz7LeVHTKM-~A
date
Fri, 16 Sep 2022 04:58:55 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatchredir
r.casalemedia.com/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
  • https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
43 B
828 B
Image
General
Full URL
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a3bd43dca3-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YF3OxG39S2gl9kz1P%2FUPqFITivPjIlcVgsJVk3zz8bobVMPXeMFe2fnjs%2FZHFYGUrUpl5%2F5sEYMcJMWfSoCVwoRXXso96Ld5J2P6C0bpv41srlD%2Fyb0KprjWmYAUuAi0TL2"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apgoZmn%2FkZ6Z5jaITeyy0Y1G7Ids2raVrGimmySlZh4CojhAzxmVWjaBNNclSUG7qP3d743ntBS6iEPpTzmmqcC90V6B2%2BiyIEGhyRcLXUWZgKhbvle%2FO0w%2F64KihITBebObIWu1kt0zRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
content-type
text/html; charset=iso-8859-1
cache-control
no-cache
cf-ray
74b707a278e4776b-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
pixel
ap.lijit.com/
0
282 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 04:58:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
1px-matching-go2net.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
sync.html
s.console.adtarget.com.tr/
63 B
63 B
Image
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.70.70 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=03337a22247c447183df7f77147c217e
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=03337a22247c447183df7f77147c217e
43 B
130 B
Image
General
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
159.69.141.123 Georgsmarienhuette, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.123.141.69.159.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:52 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=03337a22247c447183df7f77147c217e
date
Fri, 16 Sep 2022 04:58:55 GMT
server
nginx
etag
W/"5caf5b20b3d18a070af42e4338ff4e4161db0945a068c8f47e988ea1dcd98c54"
content-length
122
serverid
TODO
content-type
text/html; charset=utf-8
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/
42 B
510 B
Image
General
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=03337a22247c447183df7f77147c217e&redir=[RED]
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
idsync
idsync.admixer.co.kr/
43 B
904 B
Image
General
Full URL
https://idsync.admixer.co.kr:4450/idsync?pid=103&uid=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16-Sep-2022 13:58:56 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
sync
t.adx.opera.com/
35 B
462 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 5C41
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=1214764331083829&apuid=0d336ee3-ed74-47bc-8876-905c246583d3&session_pageview=1&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7015
date
Fri, 16 Sep 2022 03:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 16 Sep 2022 05:02:00 GMT
branding
a4p.adpartner.pro/ Frame 5C41
1 KB
881 B
XHR
General
Full URL
https://a4p.adpartner.pro/branding?id=1550&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=1214764331083829&apuid=0d336ee3-ed74-47bc-8876-905c246583d3&session_pageview=1&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e5e774e19cd95c72e83aea77ba01b779a4c64b9aa6832759f6f0ee1aceba605a

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=1550&bannerNum=1214764331083829&apuid=0d336ee3-ed74-47bc-8876-905c246583d3&session_pageview=1&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
loader2.js
scripts.go2net.com.ua/scripts3/ Frame 3C8E
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:55 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-14T02:14:22+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Sat, 10 Sep 2022 01:32:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 7AB4
168 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbae8351af52c4be1945495f4b3944c14907afbaced43e993c6863e55b6d88e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58020
x-xss-protection
0
server
cafe
etag
7989594823853335912
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B8F1
168 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0acaf89e5c6adedd841ca5d237d1932a3fc5f6bd172997bb2e7ddb7cb83b33ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58017
x-xss-protection
0
server
cafe
etag
18099371915539484101
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:56 GMT
media
a4p.adpartner.pro/ Frame B85F
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
3e2d71b70123d5668b745014d9ab2501c033020e94d773d735280ccb155f6cd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=03337a22247c447183df7f77147c217e&cet=4&zone=93AE9D99-966B-415B-9964-9DC2489DA01F&rule=F3EF79B2-6D00-49A9-BD57-2DD742B532C5&requestId=8b5fd468-a0d7-4361-b904-6fbdaca2aeb9&hp=1048539382&page=zdorovia.com.ua%2F&pvid=2a2a3b85-1982-4705-a405-502de09d4f9b&inst=ADS-EU-7&ts=637989011351174159&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=03337a22247c447183df7f77147c217e&cet=4&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=a1d8460f-6e1c-444c-968a-1de34e62c566&hp=1048539382&page=zdorovia.com.ua%2F&pvid=2a2a3b85-1982-4705-a405-502de09d4f9b&inst=ADS-EU-7&ts=637989011351174159&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=03337a22247c447183df7f77147c217e&cet=4&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=8c21cda4-6925-425f-abea-7a3eade18973&hp=1048539382&page=zdorovia.com.ua%2F&pvid=2a2a3b85-1982-4705-a405-502de09d4f9b&inst=ADS-EU-7&ts=637989011351174159&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
ads.go2net.com.ua/
43 B
300 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=DE&am-uid=03337a22247c447183df7f77147c217e&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=ea023a39-8cfa-4105-ac1f-68b838eae8ff&hp=1048539382&page=zdorovia.com.ua%2F&pvid=14fca020-578b-4c9b-b4e1-b9895e31474f&inst=ADS-EU-7&ts=637989011351893006&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 071C
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119677
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 04:58:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Sep 2022 14:13:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5CCB
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame 5698
1 KB
1004 B
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.70.70 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame 94C5
2 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
418ff10ba88805a6ae6386a418ad4c5a5bd6a75159624263c8fbfb117641bd36

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
expires
Fri, 16 Sep 2022 04:58:55 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
d
ic.tynt.com/r/ Frame 969F
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 16 Sep 2022 04:58:56 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame BB9B
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=fd785e3b-bc6f-4be1-93d0-097caab5bc15
0
404 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=fd785e3b-bc6f-4be1-93d0-097caab5bc15
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 16 Sep 2022 04:58:55 GMT
Etag
a9d49749090e138a
Server
Adtelligent

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74b707a15c58547b-LHR
content-length
0
date
Fri, 16 Sep 2022 04:58:55 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=fd785e3b-bc6f-4be1-93d0-097caab5bc15
server
cloudflare
sync.html
s.adtelligent.com/ Frame 4468
1 KB
1 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 8EE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2005152939204637518
0
387 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2005152939204637518
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
34fc7b07-cdf4-4f55-b3ec-c606119d361f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2005152939204637518
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 8EE1
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
0
404 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
csync
sync.adtelligent.com/ Frame 8EE1
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=dba56ad9-e36e-4d43-8aa8-386b18c3abb6
0
404 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=dba56ad9-e36e-4d43-8aa8-386b18c3abb6
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=dba56ad9-e36e-4d43-8aa8-386b18c3abb6
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
17dvatpek7un1qhbs6h6hptr4fk86dbi
pixel
ap.lijit.com/ Frame 8EE1
0
282 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 04:58:55 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 8EE1
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=20592c7d-2baa-40f9-9551-7be52e5405ac
0
404 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=20592c7d-2baa-40f9-9551-7be52e5405ac
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=20592c7d-2baa-40f9-9551-7be52e5405ac
date
Fri, 16 Sep 2022 04:58:55 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
vid.vidoomy.com/ Frame 8EE1
0
0
Image
General
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

generic
match.adsrvr.org/track/cmf/ Frame 8EE1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1663304335616
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1010568365
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1010568365
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
etag
RX3655a1a179f9470d9482f6412bba2c43003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1010568365
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame 8EE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2005152939204637518
0
387 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2005152939204637518
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5313f034-9e75-45d4-b960-9fc4dec8abca
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2005152939204637518
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 8EE1
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=03337a22247c447183df7f77147c217e
0
400 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=03337a22247c447183df7f77147c217e
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=03337a22247c447183df7f77147c217e
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
ptag
a.audrte.com/ Frame 2076
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a298cac182b7f177f87aa8db4bebd5e51eef11fa67195c85a895231fc9dbf7f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
um
u-ams03.e-planning.net/ Frame 2076
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9d12aa55d264e60e%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9d12aa55d264e60e&uid=2005152939204637518
42 B
104 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9d12aa55d264e60e&uid=2005152939204637518
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
938a9a9c-244f-4522-a3c3-43a698cb77c0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9d12aa55d264e60e&uid=2005152939204637518
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 2076
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9d12aa55d264e60e%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
0
0
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 2076
478 B
515 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:54 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 15 Sep 2027 04:58:54 GMT
usync.html
eus.rubiconproject.com/ Frame 6CE2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:55 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Sep 2022 04:58:55 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 70E6
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58588f20a0fb92857d94c3943a7f9e961a74e1ac6a94210626fd51778dffd830

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74b707a27aaadc41-LHR
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkuYihFYjo1xMQkj40cYhDACR6wK%2FuHQcRvHRkdyar0m0O04d9ro%2BxosWdNyTsLaJL4HfS1KptgDEqV26PH4JEiawUMRq513bWYT4S7B43wGwGgjiDmDBAgQTadynh36%2Fwp2cWLu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74b707a1bf340696-LHR
content-length
0
date
Fri, 16 Sep 2022 04:58:55 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS1aAluMxqlxm8t1FH6ij%2FDwrKrk6LlsdRFsnWzyXl4gD8SUWiMvCuAlBWJmGTBodgbHeGB2Zi%2F%2FpVmrdVql%2ByefL%2BSDESYOHB%2B%2Bt9Nc0wLwre4ysbIzzOl9ks71%2FhH%2Bx0RfpZAp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 3D92
1 KB
1002 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
26db01c270fd38f5fd21a0ec1b09f541
x-cf-tsc
1653097306
x-cf1
29080:fA.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame DA4E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 4F39
8 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9829cc6c3a731f57b8918238d01a78755692597fb5ed361ad2f0bb940ed07c7d

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
74b707a18f3e770d-LHR
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
server
cloudflare
vary
Origin
via
1.1 google
c.html
cdn.admixer.net/scripts3/49044/ Frame 8C44
738 B
428 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
etag
W/"63049f42-2e2"
expires
Thu, 07 Sep 2023 20:35:12 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-09-06T20:35:12+00:00
x-id
cec-up-gc13
loader2.js
scripts.go2net.com.ua/scripts3/
176 KB
55 KB
Script
General
Full URL
https://scripts.go2net.com.ua/scripts3/loader2.js
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
62dd7b0ccfa8bdaf6f9cca4f3138298c44e5bfe4da2af6ca6f400ac4f7ce8b6f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Fri, 16 Sep 2022 04:58:55 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-09-14T02:14:22+00:00
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
cache
HIT
expires
Sat, 10 Sep 2022 01:32:09 GMT
dsp.aspx
ads.go2net.com.ua/
6 KB
2 KB
Script
General
Full URL
https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9407330703381296&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2254922ab9-c3cc-9aea-9aed-961b35303e1d%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221f4f914d-2a4a-fa00-9fb3-65559acf9e5e%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
0b6e8155e38245f3151d298422f8f0a9e01a4eaab240e76bfb35f94c469306b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2037
X-Xss-Protection
0
ptag
a.audrte.com/ Frame 94C5
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a298cac182b7f177f87aa8db4bebd5e51eef11fa67195c85a895231fc9dbf7f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
um
u-ams03.e-planning.net/ Frame 94C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D9d12aa55d264e60e%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9d12aa55d264e60e&uid=2005152939204637518
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9d12aa55d264e60e&uid=2005152939204637518
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
01a378f3-1e05-45ab-9b68-b8c3d168a683
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=9d12aa55d264e60e&uid=2005152939204637518
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 94C5
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D9d12aa55d264e60e%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
0
0
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame 94C5
478 B
514 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:54 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 15 Sep 2027 04:58:54 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E5B4
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119677
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 04:58:55 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Sep 2022 14:13:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FFC4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:55 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Sep 2022 04:58:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame A748
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 4468
43 B
320 B
Image
General
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 7ED2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:55 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Sep 2022 04:58:55 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 51EE
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf8ff73963d364db8fc8f0e3384ec970be711ed05b0366ae83ea4f92530f3b6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74b707a27aabdc41-LHR
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxEnan%2F1xFXt296Iy9w9DC1D2%2FmRyIJEQTpI0j9t2dSXAO4MZ6jDWfx54wxu0WYppGQc6cv4ZGzCM%2FkRcv00NJxWDHTLKvfJsJImXfT9VYcylz1yZr4ig9PfmagWIVzZcKnLBfup"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74b707a1bf350696-LHR
content-length
0
date
Fri, 16 Sep 2022 04:58:55 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0obO0gpE%2B%2FuLWJAYHzt07HVXhOlCiLnIUIq1iAa0akc6RCvSNPbNqNyWsFSE5jH5%2Bjpigem9VDOm%2BHErDVM31lsNPo28u6AzOiPeLDgbdHTyKRlAhXWz4%2BvDeZH1Bl1U0q3u%2BSG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 4B65
1 KB
1002 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
1b0848b62f359a5c8485cb4d092798c7
x-cf-tsc
1653097306
x-cf1
29080:fA.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 8FCA
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 49C5
8 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac2d50f6f398d7674b6a5ba99576d0526e743a251e62571ac304e3cb2b9a777

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
74b707a18f42770d-LHR
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
server
cloudflare
vary
Origin
via
1.1 google
background_empty.jpg
file.adpartner.pro/2297/2297845/
13 KB
13 KB
Image
General
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame 352F
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:55 GMT
expires
0
pragma
no-cache
server
nginx
c.html
cdn.admixer.net/scripts3/49044/ Frame DDBD
738 B
405 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:55 GMT
etag
W/"63049f42-2e2"
expires
Thu, 07 Sep 2023 20:35:12 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-09-06T20:35:12+00:00
x-id
cec-up-gc13
PugMaster
image6.pubmatic.com/AdServer/ Frame 071C
0
39 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36339310&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:54 GMT
content-length
0
getuid
ib.adnxs.com/ Frame 49C5
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 49C5
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=2cdf6395-8343-40e3-96d9-c143e5528f76&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=2cdf6395-8343-40e3-96d9-c143e5528f76&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a409e0770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=2cdf6395-8343-40e3-96d9-c143e5528f76&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 49C5
0
331 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 49C5
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 49C5
0
161 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1663304336.804540,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4265-LON
u
dmp.v.fwmrm.net/ad/ Frame 49C5
0
411 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 49C5
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=21a55135-f08b-4151-a38b-9ac08c56e507&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=21a55135-f08b-4151-a38b-9ac08c56e507&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a47a3c770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=21a55135-f08b-4151-a38b-9ac08c56e507&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=e8d8fc41-c8ef-4b97-772d-4828258455d1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=e8d8fc41-c8ef-4b97-772d-4828258455d1&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=82201803727327235312509221272066846950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=82201803727327235312509221272066846950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a409e2770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v040-060f72962.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
8SaOPiTCS6g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=82201803727327235312509221272066846950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 49C5
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=e8d8fc41-c8ef-4b97-772d-4828258455d1&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022091617-90602-0.931982001663343701-7f3d78b705e588af0581511566eb91e1&zdid=533&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022091617-90602-0.931982001663343701-7f3d78b705e588af0581511566eb91e1&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a51abe770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022091617-90602-0.931982001663343701-7f3d78b705e588af0581511566eb91e1&zdid=533&env=mWeb
Date
Fri, 16 Sep 2022 15:55:01 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7143837726424168594&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7143837726424168594&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a70c86770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7143837726424168594&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 49C5
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=e8d8fc41-c8ef-4b97-772d-4828258455d1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e8d8fc41-c8ef-4b97-772d-4828258455d1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=e8d8fc41-c8ef-4b97-772d-4828258455d1&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=mI/cuCnc.hcM9z.KfnnCuu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=mI/cuCnc.hcM9z.KfnnCuu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a58b1c770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
last-modified
Fri, 16 Sep 2022 04:58:56 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=mI/cuCnc.hcM9z.KfnnCuu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 49C5
0
220 B
Image
General
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=e8d8fc41-c8ef-4b97-772d-4828258455d1&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=e8d8fc41-c8ef-4b97-772d-4828258455d1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=e8d8fc41-c8ef-4b97-772d-4828258455d1?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a62bce770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.27.85
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-nzaJ0c9E2or7ffJPcP1Fv3cRXyBoZ6AESw--~A&zpartnerid=570&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-nzaJ0c9E2or7ffJPcP1Fv3cRXyBoZ6AESw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a70c7d770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-nzaJ0c9E2or7ffJPcP1Fv3cRXyBoZ6AESw--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=X6RJdMCsSC2O9CAs%2BQPA4M2T21YZvZz1%2BS41iYitP1U%3D
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=X6RJdMCsSC2O9CAs%2BQPA4M2T21YZvZz1%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a62bcf770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=X6RJdMCsSC2O9CAs%2BQPA4M2T21YZvZz1%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 49C5
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=e8d8fc41-c8ef-4b97-772d-4828258455d1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 49C5
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.16.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1663304336
x-served-by
beacon-n011-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 49C5
95 B
361 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=e8d8fc41-c8ef-4b97-772d-4828258455d1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 49C5
0
60 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663304336.161995,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4033-HHN
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=22b86324-0290-4b00-8a57-7eda1042df23&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83c...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=22b86324-0290-4b00-8a57-7eda1042df23&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a70c83770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=22b86324-0290-4b00-8a57-7eda1042df23&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 16 Sep 2022 04:58:55 GMT
usermatch.gif
beacon.krxd.net/ Frame 49C5
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582f...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
52.215.16.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1663304336
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
date
Fri, 16 Sep 2022 04:58:56 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a006-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 49C5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e8d8fc41-c8ef-4b97-772d-4828258455d1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e8d8fc41-c8ef-4b97-772d-4828258455d1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772...
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e8d8fc41-c8ef-4b97-772d-4828258455d1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
YM082VFPAB108FADYKMY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
PW2M3FZ2GEW6SJM4YYXR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=e8d8fc41-c8ef-4b97-772d-4828258455d1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 49C5
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=e8d8fc41-c8ef-4b97-772d-4828258455d1&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 49C5
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
95 B
202 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a7fd5e770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
date
Fri, 16 Sep 2022 04:58:56 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 49C5
0
214 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=e8d8fc41-c8ef-4b97-772d-4828258455d1&pt=d[&gdpr=1&gdpr_consent=]
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cmp.min.js
spl.zeotap.com/ Frame 49C5
557 B
468 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfdf00749956f6260789dc87aede295ef64a8e14af848adaedb4c1f48212c04e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a22806770d-LHR
date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
getuid
ib.adnxs.com/ Frame 4F39
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
cm.g.doubleclick.net/ Frame 4F39
170 B
502 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=2cdf6395-8343-40e3-96d9-c143e5528f76&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4...
95 B
186 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=2cdf6395-8343-40e3-96d9-c143e5528f76&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a409e1770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=2cdf6395-8343-40e3-96d9-c143e5528f76&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 4F39
0
330 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 4F39
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 4F39
0
55 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 varnish
server
nginx
x-timer
S1663304336.804536,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-lon4265-LON
u
dmp.v.fwmrm.net/ad/ Frame 4F39
0
411 B
Image
General
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4F39
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=21a55135-f08b-4151-a38b-9ac08c56e507&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=21a55135-f08b-4151-a38b-9ac08c56e507&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a47a3b770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=21a55135-f08b-4151-a38b-9ac08c56e507&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=82201803727327235312509221272066846950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=82201803727327235312509221272066846950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a44a16770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v040-0e0f7908c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
XPWNKY87Tro=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=82201803727327235312509221272066846950&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 4F39
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022091617-32349-0.928747001663343701-289c4617a65cd3ae0b8d9e835472f018&zdid=533&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022091617-32349-0.928747001663343701-289c4617a65cd3ae0b8d9e835472f018&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a52acd770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022091617-32349-0.928747001663343701-289c4617a65cd3ae0b8d9e835472f018&zdid=533&env=mWeb
Date
Fri, 16 Sep 2022 15:55:01 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7143837726416631963&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7143837726416631963&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a4aa5d770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7143837726416631963&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame 4F39
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=mI/cuCnc.hcM9z.KfnnCuu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=mI/cuCnc.hcM9z.KfnnCuu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a58b21770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
last-modified
Fri, 16 Sep 2022 04:58:56 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=mI/cuCnc.hcM9z.KfnnCuu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 4F39
0
85 B
Image
General
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a62bcc770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.11.224
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-nzaJ0c9E2or7ffJPcP1Fv3cRXyBoZ6AESw--~A&zpartnerid=570&env=mWeb
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-nzaJ0c9E2or7ffJPcP1Fv3cRXyBoZ6AESw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a70c7c770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-nzaJ0c9E2or7ffJPcP1Fv3cRXyBoZ6AESw--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lwS6x6TnrYqO9CAs%2BQPA4A%2BTdiIz8ijO%2BS41iYitP1U%3D
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lwS6x6TnrYqO9CAs%2BQPA4A%2BTdiIz8ijO%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a62bd0770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=lwS6x6TnrYqO9CAs%2BQPA4A%2BTdiIz8ijO%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 4F39
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 4F39
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.16.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1663304336
x-served-by
beacon-n018-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4F39
95 B
360 B
Image
General
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame 4F39
0
59 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663304336.162129,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4033-HHN
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=d3d56324-0290-4600-8487-1b8e07595191&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f1918...
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=d3d56324-0290-4600-8487-1b8e07595191&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a70c7b770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=d3d56324-0290-4600-8487-1b8e07595191&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 16 Sep 2022 04:58:55 GMT
usermatch.gif
beacon.krxd.net/ Frame 4F39
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a8...
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
52.215.16.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-16-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1663304336
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
date
Fri, 16 Sep 2022 04:58:56 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4F39
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db...
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
XA7NV37K5PGA72ZX1A89
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
EZFARYGN1CN16BYK47YP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 4F39
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 4F39
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a7fd5d770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
date
Fri, 16 Sep 2022 04:58:56 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 4F39
0
214 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&pt=d[&gdpr=1&gdpr_consent=]
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cmp.min.js
spl.zeotap.com/ Frame 4F39
557 B
413 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52af864857a3b08cd72e8f4c4cb03433aa01e79fd5d902b998ab4baa810eda0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a2280a770d-LHR
date
Fri, 16 Sep 2022 04:58:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cmp
spl.zeotap.com/ Frame 49C5
0
0
Document
General
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
74b707a28865770d-LHR
date
Fri, 16 Sep 2022 04:58:55 GMT
server
cloudflare
vary
Origin
via
1.1 google
cmp
spl.zeotap.com/ Frame 4F39
0
0
Document
General
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
74b707a29883770d-LHR
date
Fri, 16 Sep 2022 04:58:55 GMT
server
cloudflare
vary
Origin
via
1.1 google
dcm
s.amazon-adsystem.com/ Frame 70E6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
S8N50ZSMNAG4267T7MRG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
1AGZ8MM04RJHETT6AFW9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 70E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENEZjw-wfDr8GB_Hoya5tBg&google_cver=1
43 B
880 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENEZjw-wfDr8GB_Hoya5tBg&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a50ae376a1-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qv5BMKJ2Rw2NUdFlEZELNkmzPgi6%2FlqkBXv5nrcULB2ER20DwP86m54WUUsO3jeUUysyhXvTuPPVK0STXDVF%2BKitD2GdFvIGTdCU%2B8WaYQb9EqFYh8q4v944o1FkvNoxnCVC77Zkeq92oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENEZjw-wfDr8GB_Hoya5tBg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 70E6
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 70E6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyQCj3Zu-EpQ-0yXkwbANAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
43 B
881 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a53824dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsLLxH7BkCdPPIbkmdbV7Wjp88r3hkuh13RaBvucxGdFJ53n1Mo5fM7VLYSq%2Fs%2BeiSyCe2t9xHkl9W%2B61B08pqMOY4ZVV8%2FQ%2Fts4eZuvy753GlUsMi3jCbx0J8pYOSHUuM94rVF1BvqWYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 70E6
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.154.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-154-120.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 70E6
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.210.26.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-26-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v040-0ac16c34b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
f1j1GmgcTtk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v040-0242709c2.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
qqK1l9Q6Skw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame 70E6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2005152939204637518
43 B
877 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2005152939204637518
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a46f6c72e5-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIyViyjC%2BAil8B7Fr0KjzCCzLULhMun0KPTJo%2FI3np6wFFDS2OlH%2B4iV5UhfqdPbnde7BXDIBY3GqKJh6i74iS%2FX5c3igUOUxYZpVHJftw4SSB0ZDWmMk2KcluW%2BcQ%2BWursAVKQW"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7086f74b-5af2-4ceb-896b-5aefe9fe8e17
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2005152939204637518
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 70E6
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ebd:fba0:5325:a4e6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
um
u-ams03.e-planning.net/ Frame 70E6
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=9d12aa55d264e60e&uid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
server
openresty
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 51EE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2005152939204637518
43 B
415 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2005152939204637518
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a45bbf8861-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A05tRZqD9HRm2%2BSGWJSEi7gr7np4Y3UCLqB3vQKPtMkPhuaQKqzKjJI5Hie3lwEZlNh8bOkejWmGbDYIu8oX352QhUyfM0E6yqaXJDFfUA7NCQsUw4HZIp0VGhU8CcnoqkWQVNgg8kbjEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
02f6544c-5f9d-4884-b99b-817a4bcf99ac
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2005152939204637518
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 51EE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7782151775803717278
43 B
426 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7782151775803717278
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a46bcc8861-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMYuSls7pqsP%2B8CzPUic8ss%2BW%2F8sq3RCXJppnj0zsephXSVxyVimSPgKw%2BxkfzKjoEjSZfrokieMnsCL0V7%2BZYDvTuW%2F%2BFAZGzTeSqeU6O6%2B1bTzTTr2pNQMWKuTKb2qHCbJPXUiNLcdBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7782151775803717278
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 51EE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=76c56324-0290-4800-b067-0a9bfa0854f1
43 B
846 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=76c56324-0290-4800-b067-0a9bfa0854f1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a97be2dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4gwfK2UMwEzTpuSo6dnW5GTnZEZ%2BfAbpwkitW0Lrc7nQ%2F3KnB1JnDrJY4O%2F89BqzrJCQZcPrPtIVrGHQ9KMyGHdh3NXo2IPCG1%2FK0fseZ%2F3944tJs7VLE2hUBe28I7AbZY1iJRHmRA2cg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
MT3 4505 5b23575 master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=76c56324-0290-4800-b067-0a9bfa0854f1
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Sep 2022 04:58:55 GMT
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 51EE
0
177 B
Image
General
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663304336.045990,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4033-HHN
crum
dsum-sec.casalemedia.com/ Frame 51EE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vw5pkCYS1Oz3ri5
43 B
850 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vw5pkCYS1Oz3ri5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a57862dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sptahnpees0zZ%2FtQ4qeqkvAICOshTWAM6RIwMvZsQR%2FAVpWJEndE0lTzkHMx%2BGt18LE8UUvG%2BuBl4RC%2FGuNxAL0pq9Hf7HrRiX%2F6htICKyI9O5DiCBpWUEzt%2Fli8Bx%2FaniONPGnf3xs5hw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-013e0f4b92ef8966c@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=vw5pkCYS1Oz3ri5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 51EE
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
43 B
842 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a719f3dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzBkhMcpwfSv9eZKKZLc40u%2BUe%2FxtkPIut9vnSqUjnsB808E7U5W98xZNPrNRdps3wQGc9f6bDEHoavLRgf8RO5soVbHjYfr3SCbNw1MoiKBKtOV7NUU9e%2Baztq5gaucz2gNg3iZXSmTXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
rum
dsum.casalemedia.com/ Frame 51EE
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663390736
43 B
407 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663390736
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a4cfa872e5-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQ21wH8R1iKR%2B9m5RDcVSKIgmWwWdcvPJXElCX9RkTazzkak37mWp0mDCWVIV3f3bCrHBZTudOvGm9MSpMddaeI1uKyacOmRpraCEiVlzeH3gpOJszoNqgorK%2FfwlrXq%2Fi0ANeuH"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1663390736
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 51EE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=HFCgzRpRqp8HBqSdSVW_nxpao50HAKOdSFdI_Vej
43 B
429 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=HFCgzRpRqp8HBqSdSVW_nxpao50HAKOdSFdI_Vej
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a40b778861-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VkBv7oTE3bppS6Qi6yOfyM9KdDuzeUmqIUQDJu6sYUNEZYxTSi3nhcgODZsDiGqjmtXgsg7%2FRqoFj5Uu6Wm5%2BsqyOJh5jKIGvzbz9uKGKCTdPCxH71AbxZV3fRzIwJya32u%2FGDrLwUlcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=HFCgzRpRqp8HBqSdSVW_nxpao50HAKOdSFdI_Vej
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
um
u-ams03.e-planning.net/ Frame 51EE
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=9d12aa55d264e60e&uid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D9d12aa55d264e60e%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
server
openresty
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame FFC4
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52014
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 16 Sep 2022 19:25:49 GMT
usync.js
eus.rubiconproject.com/ Frame 6CE2
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52014
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 16 Sep 2022 19:25:49 GMT
usync.js
eus.rubiconproject.com/ Frame 7ED2
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52014
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 16 Sep 2022 19:25:49 GMT
khaos.jpg
token.rubiconproject.com/ Frame FFC4
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 6CE2
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 7ED2
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
cookie
cm.adform.net/ Frame 6D61
43 B
106 B
Document
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx
csync
sync.adtelligent.com/ Frame 5698
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=c6310791a6bead55
0
384 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=c6310791a6bead55
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=c6310791a6bead55
Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
Etag
c6310791a6bead55
Content-Length
0
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 1D08
627 B
543 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"62ec189b-273"
expires
Wed, 15 Sep 2027 04:58:56 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 94F1
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"601b131c-27c"
expires
Wed, 15 Sep 2027 04:58:56 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 4698
49 KB
17 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D9d12aa55d264e60e%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abm0DAbWcvih
x-77-nzt-ray
7jh/YAi1fTU
x-77-pop
viennaAT
x-accel-expires
@1664341136
x-cache
MISS
sync
eb2.3lift.com/ Frame AFFA
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
adxcm.aspx
inv-nets.admixer.net/ Frame 8707
43 B
463 B
Document
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFybZRbaGnUbfu8Z
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Sep 2022 04:58:56 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame 4A03
627 B
543 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"62ec189b-273"
expires
Wed, 15 Sep 2027 04:58:56 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame AC95
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"601b131c-27c"
expires
Wed, 15 Sep 2027 04:58:56 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 66CD
49 KB
17 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D9d12aa55d264e60e%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abm0DAZ8kgHB
x-77-nzt-ray
hm+h+k9TJHY
x-77-pop
viennaAT
x-accel-expires
@1664341136
x-cache
MISS
sync
eb2.3lift.com/ Frame 916C
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
csync
sync.adtelligent.com/ Frame 8FE2
0
384 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AFybZRbaGnUbfu8Z
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Length
0
Date
Fri, 16 Sep 2022 04:58:55 GMT
Etag
a9d49749090e138a
Server
Adtelligent
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 1D08
49 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:25:25 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
7929
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
mvvGEaGWT6aaVOIBLQ4OF9cHPBaS39AH4-HPs-GJmK_nAVhsWVMO0A==
GS.d
js.cookieless-data.com/ Frame 94F1
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1663304336125
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 4A03
49 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:25:25 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
7929
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
HlnMsD6wsihVnDUC_htrFHKZSdCi4KgYF-UZ9pn8u4g9jYJ698d-mA==
GS.d
js.cookieless-data.com/ Frame AC95
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1663304336150
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame FFC4
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6CE2
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
media.min.js
a4p.adpartner.pro/apstc/ Frame B85F
15 KB
4 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.425
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store no-transform
last-modified
Wed, 31 Aug 2022 13:16:12 GMT
server
nginx
content-encoding
br
etag
W/"630f5f1c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 9828
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=2&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 901D
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22&session_pageview=2&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
231de341da0a811d96b736ef4faf3d339d815e11a9cddd5283f1c241ccba1912

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 7AB4
346 KB
122 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
085d237267eb5a0678e9176b3d17e31d3ebd36ebbec8dc0ea8ab3515ea68e4ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124739
x-xss-protection
0
server
cafe
etag
1891478672670948354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame B1B1
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
5503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 03:27:13 GMT
etag
9671129459699598864
expires
Fri, 30 Sep 2022 03:27:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
media
a4p.adpartner.pro/ Frame 3DD9
Redirect Chain
  • http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
  • https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
11 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
3e2d71b70123d5668b745014d9ab2501c033020e94d773d735280ccb155f6cd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8

Redirect headers

Location
https://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
162
Content-Type
text/html
32f540592c6f5d89e450bc780e487e2a.gif
cs.mobfox.com/
42 B
510 B
Image
General
Full URL
https://cs.mobfox.com/32f540592c6f5d89e450bc780e487e2a.gif?puid=03337a22247c447183df7f77147c217e&redir=[RED]
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.206 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cm-notify
creativecdn.com/
42 B
243 B
Image
General
Full URL
https://creativecdn.com/cm-notify?pi=admixer
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT, Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
t.adx.opera.com/
35 B
374 B
Image
General
Full URL
https://t.adx.opera.com/sync?vendor=60022&uid=03337a22247c447183df7f77147c217e
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/
43 B
772 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=533&code=03337a22247c447183df7f77147c217e
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
955b5285-3d67-4fb7-9219-f3895863294a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pic.gif
pa.tns-ua.com/bug/
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=03337a22247c447183df7f77147c217e
Requested by
Host: scripts.go2net.com.ua
URL: https://scripts.go2net.com.ua/scripts3/loader2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1
55453de97a118ce9
ads.us.e-planning.net/uspd/1/ Frame EC3D
2 KB
1 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9407330703381296&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2254922ab9-c3cc-9aea-9aed-961b35303e1d%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221f4f914d-2a4a-fa00-9fb3-65559acf9e5e%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
40ca104161c8e5207fa8cc5d7704008bf16933261aff022590ab0117d760ec15

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
expires
Fri, 16 Sep 2022 04:58:56 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-937
sync.html
s.adtelligent.com/ Frame B73F
2 KB
1 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=707176
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9407330703381296&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2254922ab9-c3cc-9aea-9aed-961b35303e1d%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221f4f914d-2a4a-fa00-9fb3-65559acf9e5e%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6524f525dc3a54cb7df90112bd30a18eb8e1f03fb38fd0e89b5c9573d7476579

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://zdorovia.com.ua
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1022
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:55 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 830A
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by
Host: ads.go2net.com.ua
URL: https://ads.go2net.com.ua/dsp.aspx?sender=go2net&rct=4&v=2.0&rnd=9407330703381296&cpv=1e5d5fbc-a067-d20d-30e3-751d8cb86038&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2254922ab9-c3cc-9aea-9aed-961b35303e1d%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fzdorovia.com.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221f4f914d-2a4a-fa00-9fb3-65559acf9e5e%22%2C%22tagid%22%3A%22ed2476d6-dc6a-46b4-b1f9-1613392c7015%22%2C%22ext%22%3A%7B%22ph%22%3A%22go2net_async_793069447%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22go2net%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
ev_view.aspx
ads.go2net.com.ua/
43 B
300 B
Image
General
Full URL
https://ads.go2net.com.ua/ev_view.aspx?cc=DE&am-uid=03337a22247c447183df7f77147c217e&cet=4&zone=ED2476D6-DC6A-46B4-B1F9-1613392C7015&rule=8CE3A43A-8167-46D4-BBE3-364D0CBC2653&requestId=5f3ef2a1-0ed6-44fc-af53-2766b58a2390&hp=1048539382&page=zdorovia.com.ua%2F&pvid=14fca020-578b-4c9b-b4e1-b9895e31474f&inst=ADS-EU-7&ts=637989011361846257&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ImgSync
image8.pubmatic.com/AdServer/
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160321&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
content-length
0
pixel
ap.lijit.com/
0
282 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%24UID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 04:58:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
sync.html
s.console.adtarget.com.tr/
63 B
63 B
Image
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.70.70 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
Adtelligent
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://zdorovia.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
63
mmr445.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/mmr445.gif?gdpr=&gdpr_consent=[GDPRConsent]&us_privacy=[USPrivacy]&coppa=[COPPA]&puid=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
sfaf25.gif
us.ck-ie.com/
0
129 B
Image
General
Full URL
https://us.ck-ie.com/sfaf25.gif?puid=03337a22247c447183df7f77147c217e
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/plain
ImgSync
image8.pubmatic.com/AdServer/
0
39 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:55 GMT
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame B8F1
346 KB
122 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e54cf54044e468826bde311710e96cac79ce702ecca83a3eb30b2f630625c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124738
x-xss-protection
0
server
cafe
etag
17679908310944469603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:56 GMT
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=03337a22247c447183df7f77147c217e&cet=9&zone=CDADFE55-BA49-47D5-9918-CC04AA357B98&rule=F7CAC5CE-3E5F-4671-95C3-F259A87AC033&requestId=a1d8460f-6e1c-444c-968a-1de34e62c566&hp=1048539382&page=zdorovia.com.ua%2F&pvid=2a2a3b85-1982-4705-a405-502de09d4f9b&inst=ADS-EU-7&ts=637989011351174159&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=03337a22247c447183df7f77147c217e&cet=9&zone=2D179F8A-367F-49ED-9A1F-D77DEB57F009&rule=D1C84BF2-B360-43A6-B9BA-D08AD0CF3C93&requestId=8c21cda4-6925-425f-abea-7a3eade18973&hp=1048539382&page=zdorovia.com.ua%2F&pvid=2a2a3b85-1982-4705-a405-502de09d4f9b&inst=ADS-EU-7&ts=637989011351174159&sf=0
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=2d179f8a-367f-49ed-9a1f-d77deb57f009
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Sep 2022 04:58:56 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=93ae9d99-966b-415b-9964-9dc2489da01f
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Sep 2022 04:58:56 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=cdadfe55-ba49-47d5-9918-cc04aa357b98
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Sep 2022 04:58:56 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
ads.go2net.com.ua/
0
220 B
Image
General
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Sep 2022 04:58:56 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
media
a4p.adpartner.pro/ Frame 901D
3 KB
1 KB
XHR
General
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&session_pageview=2&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22&session_pageview=2&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
5c550c8cd718513d0edee89594f2f057f6a5a8e8507572a6ed5c1dcfd9d24d59

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22&session_pageview=2&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
ptag
a.audrte.com/ Frame EC3D
5 KB
2 KB
Script
General
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a298cac182b7f177f87aa8db4bebd5e51eef11fa67195c85a895231fc9dbf7f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1681
um
u-ams03.e-planning.net/ Frame EC3D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dd492d92fa9f9922a%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=d492d92fa9f9922a&uid=2005152939204637518
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=d492d92fa9f9922a&uid=2005152939204637518
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c4d150a-e133-4b22-940f-2614b8704ce1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=d492d92fa9f9922a&uid=2005152939204637518
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame EC3D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dd492d92fa9f9922a%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=d492d92fa9f9922a&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
0
0
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=d492d92fa9f9922a&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=d492d92fa9f9922a&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
dtscout20220831.js
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame EC3D
478 B
514 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
last-modified
Wed, 31 Aug 2022 19:37:37 GMT
server
openresty
etag
W/"630fb881-1de"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 15 Sep 2027 04:58:56 GMT
d
ic.tynt.com/r/ Frame 5CEB
0
0
Document
General
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 16 Sep 2022 04:58:56 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.console.adtarget.com.tr/ Frame 2257
1 KB
1004 B
Document
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.70.70 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync.html
s.adtelligent.com/ Frame 2C42
1 KB
1 KB
Document
General
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=707176
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 76F2
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119676
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Sep 2022 14:13:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame B73F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1179679028
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1179679028
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
RX3655a1a179f9470d9482f6412bba2c43003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1179679028
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
/
onetag-sys.com/usync/ Frame 672E
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
vid.vidoomy.com/ Frame B73F
0
0
Image
General
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
ap.lijit.com/ Frame B73F
0
282 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 04:58:56 GMT
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
pod
X-Sovrn-Pod: ad_ap7ams1
access-control-allow-methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame B73F
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D537e6283-e085-4397-a301-d96a66c270aa%26redir%3D1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=537e6283-e085-4397-a301-d96a66c270aa&redir=1
  • https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=03337a22247c447183df7f77147c217e
0
400 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=03337a22247c447183df7f77147c217e
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=707176
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://sync.adtelligent.com/csync?t=p&ep=440467&extuid=03337a22247c447183df7f77147c217e
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
usync.html
eus.rubiconproject.com/ Frame 5226
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:56 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Sep 2022 04:58:56 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame EA32
2 KB
1 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50c8001e5941033a18c8c7663eb1feb3fe8b2715b4ac019d78d766dca08a8b97

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74b707a75e6ddc41-LHR
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovftZLp4gAf2tnUXwbZdpI0BZYX9VGdOkrD8n%2B0Yf0L892h6E473eOKmaIP%2BcPze2P8A5sRrYdhAc1ljZRrpkxRj9PqOEI%2FSysEBOtg4RtFaawNILz%2F%2FGfUPZ27m4Xkrh7yviYjw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 1F7B
1 KB
1002 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Lovettsville, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
136949
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
259b2491511865e45a12a4f6e01777fd
x-cf-tsc
1653097306
x-cf1
29080:fA.cdg1:co:1585621119:cacheB.cdg1-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 51E0
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 41B5
530 B
769 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90c1c5ac252719cc605d5b275a872f2f89535011d2155920bdbb33bcedde66dc

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
74b707a75cc2770d-LHR
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
server
cloudflare
vary
Origin
via
1.1 google
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 1D08
155 B
644 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Sep 2022 16:53:06 GMT
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
age
43551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
x-amz-cf-id
iDdVXaZ4aBwmQX60rvbJ_sDSdjOT7XSWpKIyoYDNP8kmoLGAzVXtKA==
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 4A03
155 B
643 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Sep 2022 16:53:06 GMT
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
age
43551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
x-amz-cf-id
5vYyO2DU7VZiNaV19vzuWiS_BLTvapJPDGu4QpGjmUzHgMhOBldMQA==
zdorovia.com.ua_160x600_br1.html
file.adpartner.pro/2297/2297845/ Frame 48A3
3 KB
1 KB
Document
General
Full URL
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_1214764331083829&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F5da022c4-834d-47d9-995b-c38a3c734f90%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D3f99791fabf2ef55bee6a29f3f2178a0
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"62947f06-cf9"
last-modified
Mon, 30 May 2022 08:23:34 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 6066
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame BDDC
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297845%252C%2522rule_id%2522%253A209963%252C%2522show_id%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%257D%255D%252C%2522unit_id%2522%253A1550%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25225da022c4-834d-47d9-995b-c38a3c734f90%2522%252C%2522url%2522%253A%2522http%25253A%25252F%25252Fzdorovia.com.ua%25252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
expires
0
pragma
no-cache
server
nginx
media.min.js
a4p.adpartner.pro/apstc/ Frame 3DD9
15 KB
4 KB
Script
General
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.425
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store no-transform
last-modified
Wed, 31 Aug 2022 13:16:12 GMT
server
nginx
content-encoding
br
etag
W/"630f5f1c-3ac0"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame 5252
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=3&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F&referer=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Fri, 16 Sep 2022 04:58:57 GMT
server
nginx
ls
a4p.adpartner.pro/media/ Frame 7CA0
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22&session_pageview=3&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: http://a4p.adpartner.pro/media?site_id=444&unit_id=7434
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
7767d30e6794773d94a40f3214910da8daa8bb3ff3987efd1f05bea25a1e1a80

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 63E0
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=119676
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 17 Sep 2022 14:13:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E910
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
573 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Sep 2022 04:58:56 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 16 Sep 2022 04:58:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 1B9A
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 2C42
43 B
320 B
Image
General
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
43
Content-Type
image/gif
mw
mwzeom.zeotap.com/ Frame 41B5
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=64b58b70-02f2-46bb-52c8-8ebb872e32fb&zdid=1361
95 B
152 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=64b58b70-02f2-46bb-52c8-8ebb872e32fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
74b707a89de6770d-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=64b58b70-02f2-46bb-52c8-8ebb872e32fb&zdid=1361
date
Fri, 16 Sep 2022 04:58:56 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 41B5
557 B
413 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=64b58b70-02f2-46bb-52c8-8ebb872e32fb&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c44374e578eb46c8d184b1923ac7ee9dd63032dbb9769e9ce5c575d33bfaeb3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a80d66770d-LHR
date
Fri, 16 Sep 2022 04:58:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
dcm
s.amazon-adsystem.com/ Frame EA32
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
W0BTM4KM3B0YMTFR6F28
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EA32
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EA32
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyQCj3Zu-EpQ-0yXkwbANAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
43 B
846 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a97be3dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REujwngbmecbQaCNBpVWtSsXF4FzXGsrd4euD3FGtXH5KKi45bBUhpzduYdzXjH2030rE2JfNyvZD%2BxDZiYLaul%2FQZmlmqVO%2Bph5selvGfVn%2BhTLdIRbJqro1DD7akH9eO13W2yDr%2FZQ0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EA32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAWQlR7kvValOTwekbD6D8I&google_cver=1
43 B
847 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAWQlR7kvValOTwekbD6D8I&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a8bd5476a1-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkRKbl%2Bfz4%2BrO9%2BGechYaDYHUgNUA%2FjTjT0yjC92wEjOT%2FdNAe2zo0A3E8YQ5M4fNvW9liQeSVP2duGlP6uaGVC1fb70K2HNHR2rIXomxjTyaxjLWxAWyKyNQzWw1jkdpfrg%2FuH3PdeAXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEAWQlR7kvValOTwekbD6D8I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame EA32
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
H2
Server
2a05:d018:d29:3601:ebd:fba0:5325:a4e6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YyQCj3Zu_EpQ_0yXkwbANAAABKsAAAIB
date
Fri, 16 Sep 2022 04:58:56 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame EA32
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
848 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a97be4dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZePqsSlCu5w%2BbI5GZKt0YgcaFuGMymIjgt%2B0qm6%2FA%2BsbOeQaJbYfaVj0PEvUzOJRSU08YTOBo8zE1P3BQxcQcZ9gkfHzqbIUkEHLEim6bkI6j29oN%2F5HhOJ5G%2FtD8PJxO2WO4kNzK1THw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Fri, 16 Sep 2022 04:58:56 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
crum
dsum-sec.casalemedia.com/ Frame EA32
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2005152939204637518
43 B
847 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2005152939204637518
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707a8bb41dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2pLPt6GfG6S5L2BXF%2BRKw%2BfKflBB8pqZgA46hml57N1ZyrQDpga2QIjSvg6LD1eaYxw31MhfIBbfMofnmMJV46lgYu%2BQGlvxKJjxOVz2cXsOlUptLkPwR8c7wKzqDpT%2Brwz%2B183n9Ygyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6a9df042-b215-428d-a8c3-6650e15b540f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2005152939204637518
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame EA32
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685624293210505
43 B
844 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685624293210505
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707aa4c86dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJXM3zc3K9CBA4Rz32s%2BLBjRlmZqKNz8sxrd0ffchM4PzoDG3o3LDQmIpNtnBSWE3Z0EdACORB0Ejbjax7yKXlp32OCw24C%2Bx4QHKkOgN4jBMw%2Fu1EgLEZDGHFePRNuZI2AscCQHVK2qmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685624293210505
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
um
u-ams03.e-planning.net/ Frame EA32
42 B
103 B
Image
General
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=d492d92fa9f9922a&uid=YyQCj3Zu-EpQ-0yXkwbANAAA%261195
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd492d92fa9f9922a%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
server
openresty
content-type
image/gif
cookie
cm.adform.net/ Frame B8D2
43 B
105 B
Document
General
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
server
nginx
csync
sync.adtelligent.com/ Frame 2257
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=c6310791a6bead55
0
384 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=c6310791a6bead55
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
62.149.1.122 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
Adtelligent
Etag
a9d49749090e138a
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=c6310791a6bead55
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
Adtelligent
Etag
c6310791a6bead55
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 5226
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52013
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 16 Sep 2022 19:25:49 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 48A3
118 KB
40 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_1214764331083829&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F5da022c4-834d-47d9-995b-c38a3c734f90%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D3f99791fabf2ef55bee6a29f3f2178a0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74ed8fec11decd966f2e2f06640c97fd859fc349422578e8bdbdc51d7b9d753d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40631
x-xss-protection
0
server
cafe
etag
17799960455093788050
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:56 GMT
lotame20220804.html
s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/ Frame DE21
627 B
543 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"62ec189b-273"
expires
Wed, 15 Sep 2027 04:58:56 GMT
last-modified
Thu, 04 Aug 2022 19:06:03 GMT
server
openresty
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 9046
636 B
577 B
Document
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.249 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"601b131c-27c"
expires
Wed, 15 Sep 2027 04:58:56 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 87CB
49 KB
17 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Dd492d92fa9f9922a%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 16 Sep 2022 04:58:57 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
Abm0DAbbiTqh
x-77-nzt-ray
Vo8daiIKyH8
x-77-pop
viennaAT
x-accel-expires
@1664341137
x-cache
MISS
sync
eb2.3lift.com/ Frame D67D
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
adxcm.aspx
inv-nets.admixer.net/ Frame A461
43 B
463 B
Document
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=D56DC09D-C39C-4BD6-BD73-03CAB4DA9C50&id=AFybZRbaGnUbfu8Z
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 16 Sep 2022 04:58:56 GMT
Keep-Alive
timeout=25
P3p
CP="NID DSP ALL COR"
Server
nginx
X-Xss-Protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame B8F1
219 B
652 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9e47f731aad7664fa881f0f5a392e368de3a1a028544fde914fdc417c75438b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B8F1
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B8F1
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D3B8
16 KB
8 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64b15ee0e992068d9ef3299cbdd65b1fc3d6e8cf6ef4111e6a08bdb03beb4c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
8645
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B8F1
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c10ea2e728234e27b7c02f7ae456bbcbd141b9a8d3e12f9b0c69c7a5d09068dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11179
x-xss-protection
0
data
bcp.crwdcntrl.net/6/ Frame 1D08
20 B
306 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.7.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-7-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.1.32
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
data
bcp.crwdcntrl.net/6/ Frame 4A03
20 B
307 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.7.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-7-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:56 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.9.139
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
cookie.js
partner.googleadservices.com/gampad/ Frame 7AB4
219 B
272 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=zdorovia.com.ua&callback=_gfp_s_&client=ca-pub-4577254435597104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
0203f0b50c6adaba52ee378041f53d969a5b86c8e5b22df245979fc0d351c7f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 7AB4
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7AB4
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=zdorovia.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9D20
18 KB
10 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
673a3a4942231019794c6a726c7f1d7ebb1cd7d5ef70d9fec072dbc1a82fd020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9767
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7AB4
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2dca40a34050d90011424380bc9f6173bc1df4ea0287b99db19f6e12d8a26b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11346
x-xss-protection
0
cmp
spl.zeotap.com/ Frame 41B5
0
0
Document
General
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=64b58b70-02f2-46bb-52c8-8ebb872e32fb&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=64b58b70-02f2-46bb-52c8-8ebb872e32fb&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
74b707a90e3f770d-LHR
date
Fri, 16 Sep 2022 04:58:56 GMT
server
cloudflare
vary
Origin
via
1.1 google
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame 568B
668 B
585 B
Document
General
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F2b9bc3e6-9738-4c83-aa4c-135450afdb16%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM2LCJzaG93X2lkIjoiMmI5YmMzZTYtOTczOC00YzgzLWFhNGMtMTM1NDUwYWZkYjE2IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D3dafa742c51e8f59978e384dd2cb120a&showId=2b9bc3e6-9738-4c83-aa4c-135450afdb16&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:56 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
khaos.jpg
token.rubiconproject.com/ Frame 5226
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
ptrack
a.audrte.com/ Frame 2076
368 B
882 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.37&p=M1353665098&artime=2022-09-16T04:58:56.814Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P2N0PTEmcnVpbWQ9MSZkdT1odHRwcyUzQSUyRiUyRmludi1uZXRzLmFkbWl4ZXIubmV0JTJGYWR4Y20uYXNweCUzRnNzcCUzREQ1NkRDMDlELUMzOUMtNEJENi1CRDczLTAzQ0FCNERBOUM1MCUyNmlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a3a55fde2f4dadd87644c396ace78507d6e697da6c213c720b8521528c3d07a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
media
a4p.adpartner.pro/ Frame 7CA0
3 KB
1 KB
XHR
General
Full URL
https://a4p.adpartner.pro/media?id=7434&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&session_pageview=3&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22&session_pageview=3&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
a7caa6ba90a8dbe1664a7c76a133cfc98bd16cac31164fb8f42eae0e9c6e6a06

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=7434&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22&session_pageview=3&session_id=4eb7caa5-be71-4eac-a23b-8df7aef39bad&site_visited=1&location=http%3A%2F%2Fzdorovia.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
if
a4p.adpartner.pro/tracker/ Frame B48E
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25222b9bc3e6-9738-4c83-aa4c-135450afdb16%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25222b9bc3e6-9738-4c83-aa4c-135450afdb16%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame F11D
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%25222b9bc3e6-9738-4c83-aa4c-135450afdb16%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%25222b9bc3e6-9738-4c83-aa4c-135450afdb16%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:56 GMT
expires
0
pragma
no-cache
server
nginx
usync.js
eus.rubiconproject.com/ Frame E910
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 16:52:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52013
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9453
Expires
Fri, 16 Sep 2022 19:25:49 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame DE21
49 KB
16 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/823cbe91964ba8ec/lotame20220804.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:25:25 GMT
content-encoding
gzip
etag
W/"fdcd13007d5be3c218bd461a6aad998b"
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
age
7929
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
7lJV7OfI3og4viNSbAMHhMzdjfVN1U_e4hqe6NiOKCJYBuXhElzP-w==
GS.d
js.cookieless-data.com/ Frame 9046
0
535 B
Script
General
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1663304336837
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:56 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/ Frame 48A3
348 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069575
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edc10b23a71864ddb341c4d79ad18a8c86fee40514bcfba4377287b028a6f6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125748
x-xss-protection
0
server
cafe
etag
12931981309881004524
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:56 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 568B
119 KB
40 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2F2b9bc3e6-9738-4c83-aa4c-135450afdb16%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM2LCJzaG93X2lkIjoiMmI5YmMzZTYtOTczOC00YzgzLWFhNGMtMTM1NDUwYWZkYjE2IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D3dafa742c51e8f59978e384dd2cb120a&showId=2b9bc3e6-9738-4c83-aa4c-135450afdb16&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b74305ffd68cc61db02b96052faeb51d2d6d65add7bfa636c9799c0f40611d49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40743
x-xss-protection
0
server
cafe
etag
5459465235308154388
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:56 GMT
khaos.jpg
token.rubiconproject.com/ Frame E910
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/jpg
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame DE21
155 B
642 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Sep 2022 16:53:06 GMT
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
age
43551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 03 Aug 2022 18:30:08 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
x-amz-cf-id
slbJItdARlNRALLpmUmNhotVgBAx81bDpWXXclOFZ2-M92KUgCJ7Zw==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7AB4
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:57 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B8F1
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4577254435597104&plah=zdorovia.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:57 GMT
ptrack
a.audrte.com/ Frame 94C5
368 B
881 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.37&p=M1353665098&artime=2022-09-16T04:58:56.963Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
22c0dedec47c7f7f9b0ac3e9ee8629629aeef193a12158208e63e29b3323f118

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
data
bcp.crwdcntrl.net/6/ Frame DE21
20 B
308 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.7.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-7-180.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://s.e-planning.net/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://s.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.26.242
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame 568B
346 KB
122 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124739
x-xss-protection
0
server
cafe
etag
3295160821262730233
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:57 GMT
zdorovia.com.ua_970x250_ruslan1.html
file.adpartner.pro/2085/2085828/ Frame A8B7
668 B
585 B
Document
General
Full URL
https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Ff222f845-5c88-4a56-83d3-6d9eb3361a64%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM2LCJzaG93X2lkIjoiZjIyMmY4NDUtNWM4OC00YTU2LTgzZDMtNmQ5ZWIzMzYxYTY0IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D7643146b7bda97bf21f38fddcbbae689&showId=f222f845-5c88-4a56-83d3-6d9eb3361a64&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.425
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Fri, 16 Sep 2022 04:58:57 GMT
etag
W/"62947e8b-29c"
last-modified
Mon, 30 May 2022 08:21:31 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 1846
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522f222f845-5c88-4a56-83d3-6d9eb3361a64%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f222f845-5c88-4a56-83d3-6d9eb3361a64%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:57 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame DF81
0
139 B
Document
General
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522fa1cf96d-c1be-40d4-8920-8069ad084f22%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2085828%252C%2522rule_id%2522%253A184323%252C%2522show_id%2522%253A%2522f222f845-5c88-4a56-83d3-6d9eb3361a64%2522%257D%255D%252C%2522unit_id%2522%253A7434%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522f222f845-5c88-4a56-83d3-6d9eb3361a64%2522%252C%2522url%2522%253A%2522http%253A%252F%252Fzdorovia.com.ua%252F%2522%257D
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-03.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Fri, 16 Sep 2022 04:58:57 GMT
expires
0
pragma
no-cache
server
nginx
integrator.js
adservice.google.de/adsid/ Frame 48A3
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 48A3
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C418
14 KB
8 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f32d63042b35cb231ada6c726b5f9b472efa8e0e639019750151f6b00f2bd77c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
7885
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F442
14 KB
8 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
478975b1f730276728ed9878a55414604b63c83db010f03d866338697880893c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
7865
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A8B7
119 KB
40 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2085/2085828/zdorovia.com.ua_970x250_ruslan1.html?adId=2085828&unitId=7434&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F7434%2F2085828%2Ff222f845-5c88-4a56-83d3-6d9eb3361a64%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM2LCJzaG93X2lkIjoiZjIyMmY4NDUtNWM4OC00YTU2LTgzZDMtNmQ5ZWIzMzYxYTY0IiwiYWRfdW5pdF9pZCI6NzQzNCwicnVsZV9pZCI6MTg0MzIzLCJhZF9pZCI6MjA4NTgyOCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D7643146b7bda97bf21f38fddcbbae689&showId=f222f845-5c88-4a56-83d3-6d9eb3361a64&apuid=fa1cf96d-c1be-40d4-8920-8069ad084f22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92a3f19eeaae0115fbb45eb907d777247702e5cc532d52a8c43f3b8b6fdd9d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40744
x-xss-protection
0
server
cafe
etag
10992560741658488215
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:57 GMT
pixel
ps.eyeota.net/ Frame 94C5
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=418gkUcdmqxRESiRagu8T5qQg&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 94C5
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5779408179993637899
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 94C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418gkUcdmqxRESiRagu8T5qQg&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418gkUcdmqxRESiRagu8T5qQg&gdpr=0&gdpr_consent=&google_gid=CAESEPykcb4Lrj98PJawEWySFTI&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9073
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYtcmJDDAB&v=APEucNVD6u1WALcoYB9KjqqAiStq7Hql6xvyKdkjQ-cCLE7YzitbP2EWijbeBEUKmDqpSJMu7mEZFQeGz9d_YMlRlieKdeqKyrjhI5uSmFuxxb8GUhDToLmctzZ8OwUQAgv-kquj8nF3OdJSQ0obMg8gPtJXPQGzCp0ZNGP-LAozh2Pcm4hepto
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 84B6
72 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4df152d8092ca4305ba2a0a3d82e98f84724d71eda19667f9e70768024a4f1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26194
x-xss-protection
0
server
cafe
etag
10777501457061102784
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 84B6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84B6
141 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 84B6
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:54:53 GMT
l
www.google.com/ads/measurement/ Frame 84B6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn2BdIxV5kvFXj6wCeRIU_SVkozx5v6_Pg9tD4jmSGzvQ9UU4Pj_AEXyetIqlpkcuh7xJhvq7WK9nKXq-MjDtTKK8NDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 84B6
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CPS812I1XBslorw6NX1Hcakwsi7uXC_Hx_ErBxehTgAlV5XU1uXFgVTVhJ5A_nNyq5oopXomqDgBQv3D4KCtiHndtNhR7_b5uaEUis-S2Tl7D1Pnc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84B6
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10072556989674425280&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84B6
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=10072556989674425280&x=1&ct=76&dl=0&ds=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 27B8
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 20:46:04 GMT
expires
Fri, 15 Sep 2023 20:46:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A409
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7a6e8ad7c8517a909020ef2054d008a01a9afc32d6951ad963702fa69c577f8f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ttW-NJuFW6anYBCsB4B7pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ttW-NJuFW6anYBCsB4B7pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
expires
Fri, 16 Sep 2022 04:58:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D20
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dx37WqkupOPME02gSuY7MD0WcoNdeKiqzrPhcX4hD_UWyjsRfwOWw_tDykudnaZKjutb-txwWRCiubcWEMJf9ci-k6rPO8IBcPDd5P_wi84ppMU_s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 9D20
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 03:59:13 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9E81
640 B
316 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrbuLCzAB&v=APEucNU21q0Lvj1I09EKPQ8GJLtxo6uTfPz4BixmbbKade9cXrtHfCsKU13gfmXu6kMaaDB3UX9jex1BNL7PZht2KlGmTPdAK-h5o9MSWIGIac5oxxYd5dHKpsd5ITi0zGmkaf-ZTC-YO2TSosmBoiQkQov2FnVIOAFfs92MIpN8ciogyFYOUhY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9D20
95 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUncTLtRyHX9LMtHas1ou1ZLGOApqlDh08-_tyCE2D2abQNVxfYWjuJSQ28FfuJmSwxpi3LOl8-WO6VHI698wzVLAkaxWIduehoTZg4glT2IByIKK2ouIAlGOEFnhlTyga6GVIXM3WuFhrmNXUZcvCn8MvBylOqaXWwHAFeO-VADrVedc&dbm_d=AKAmf-CTVX0HdqeMpjLkDDgk8DxeRazlqbbvEyyRTDUqWTjNlSMefFGkwK0r_wZntOD2hcd5VfaUOq2YzTe8zkKBplMAw9UIGjv8Tr91abRd3WHnNQluix0AzZ3IGt4eJ2DObaHTtyWzNmjkUinWAmuR_7Xp9YXOYwdk8oyi22U0pgWw3_9Z2MRbG0dScCpm-VtZLbDr4F_f33v_-NYld6ToB1qsJS0Keinl1q2n7YSZHHevGBm7zNAngv-O4u5ATUlIlYlOd74gFXFxSZrPOEnU9SHg1C7BjQKRUnjjuA-2sHfZieZ8oelqtjJbQDaPZHkJKfj5m9DBdm3sC8bRNlfJrUj0UYKIB8XY1f_anz-7AzY2eB9LK2Juis9NnMzAnNa7AKVo0awU2oN0J-On3XN75VYaWEmtGftzKR0xaC-lTFDhRdvL6UT5lYqKGaCL14oRKaVWsRqAUQTkCgm_gH9LO8sqKdyrCmYLaK-_s9OcZiAZXFD5vk1YFX9gPVXuA7y3t0wln46FWfc10SJm_KVOm0EKgSBGFw7UZmZWiEJlM22JoMURQkrQHKK0fz_wrbRgt7mvcOG_xk7Xc0D6GF1IGGspPZyhR8KRWW5GlRW40MfLI5P3oEoE6YndQp8FfrqO3J1R8TSHitXATnOlPIF_LwamUAbuSZdh2jSk2DU3nXXiUlLCNl_2aANMWq5aHyuiYlSq7O_-pxWQMiDvkFchLKVVs7fGx4kxBeOKyhRbsZ1tZqz3DeFX4yLoOFpfssKh2p_mt_B5kfmFNcREDk57nNyBHpsYtAk0onPwve2ZE7zbL7-gpwPXkLD6So-16GTDzd_RUCnH3bx6yzjlWVvYzdvCF5Yo18WanyKtmZCMaLc4o6WLTiUWiVubBz2JC4h8eVVOjRN-LuHEhz5pIXdA5BpY8bgG8GkIXUXd2cDXWhzmj89Jlf9GMs1KAfw_glFMs3XEE5U2_GlezDbdGJbMv6Hdqbz7DBQBaiLUctnXDpNMZAmtPvProsLeACzXRxpC2QLLFMIEPHDeZ7d-ksFv0weaXwXtuyx45L_agtOY8POcqjmcwbH-SyRVmafACDHEHYSuIpBzD5bv8TZ4cjotn30iVwm5gx6R6UQc5yjh8rkI4G3PdpK2IFjnbV5F_GW5Tyo5Kia0vJtNl0LgImNysEqKB7kNKXBGWNBun5K0AT_jNUE5y7H2LVbbvPtSy8DflYP13uxRO2F7FEGjFANhSZZwSE0EDKUZ0UtRvulYiyTL7mJNJOIncAZDE51M6H8G-jLDZfjKc8HnCX6MyXbtHs_D2H97XVmKq5CC4Xv3qXCcJ4pwGWtmd6OcyFwjLtpGC2IK9t6-vVpfG_ZbP1wD6yy5mEAHP69f7N-pQ326DUv91KWs1-ZJ1BQVa7m706QBi6DQ_SuJ27-MEFR-rkL_BEagylljAQqoAE4EH87uECNhz5vq91B1I72-g7eD3QM2eJTEpcpsT_Ff1VKw95A6cDdth-OmPlu409SQDpn9gpFIq-qt3KImGdc-MPbihWAhxCSaBKx2Nto-dFE54KLb9Xr6wGtLCKhLhNxbguuKWk--odjRlJdZb8uiScswLO8S50Ew5_i51KqbnIyHLfYld6wrakAZ1QM4Z2A-4_t03Ke9__RsH2ywgL6cth_TYU-6sfQnVbjeiPGnKviX7Xrs1TfFl3X59g2j0LymBSwa9HFU0G7gkw2JOdw8ZNS7Hd-7pAksAR1MqB4NE_vWyGKbv797KaMP57w6A5q-TrFraR7J968B7X7uZ7julCJtgz6wGxfsvt36mIgUb1m5YsmGkI0co8SLpy-EahqSXiSSSh3j2LaVKwaKq7_jZtbzHVAoZ5X2nGbyEUmu1zYJQjeOSvladPqxiNYaYCA7DWSa1JFSdCQw6DFKa3a7JeW1w0Dp49UbxpJGZbuiViIn1mqdYuHFe3IoSHSvRstBZXsje38-q38bKYLRVXUOv6zXHERFq2ysJAOuUmYGgmXBFtoDEy40-9zceYHNNgvy8_RVDQbxO_bwokvYQmX6vT79_i22h-ghj47hbY8zv18GU5fytjkPK1VC983RHE3pjKnqTFwIcFbWnM8LyuKcwCzWSlZ9wzxCFHBD185J_51wWEJNs4AXEenhEZPJqFWq3bhj4gVLCSrKzj_iOqp4euIHSZY0eVfUO8ETg9Cyx6Jk_lJFKv0CcAI_Vi3OhmaEcd2dUi7nnli5E_aDt-zTGIP0HZQhSg2Zs4-n2LobTyCBT4AcFpd1xFGC13PjDdmIBu5UNie2v04GpvZsHwnbe2j62yFfDIR4mMl_eEZ2AWLO_N0Pb9pbNXq5_9M_w4ur5HKlUZEt4gCtbhP6W9KExJOyL-1z2PWpWntC1FTzhNJWu53bXEYkf03ToFY050Npt-E03oXyTB22UC5lpI_N9sNN-DGpOLSAfcPRt3dgnEdDPYl05J_uqI2kQMW77VfaMY_Ir9iD6z4mywS18caqKwQu2foSCcUqLN9-UxbGdr4whzAPYFqBR-v0dnkIXFjd9DTieN4ZQktQrIxYe8qzWXIgyooJImN3iuklKIACsDVbeXWUxaw1AbS5yln3vg1G4krSaypu8QQjyRXbejB23IRLcT1wPxmHwbl7K4jLuu5X2sy3-Ow-QLJCX6my70MiMuf-fDvetJdno971GcOW_i-2OtADSSxTU-ur1tBlTpAoaz_eqtokCiM94wLd062rmeSudhmRduJ8H2n6WUl9rboOpk4CaN41yV_6-FJxgz7wikrSSbsG_js6O8Q-h8tDnTLvmRBiHEtpmCfFulusprxDmO3M8KQFOSEivCHNhNoH1lMc9OhhkosK07V9sph1YVMbFD4mXa5GrTsVvgmsQaPRr8rfsPyeTMlOMtad5PKTudXpV9wHOYUEv6Jt46_FMWGdCIlSTQ5kPV_zz5RruMAra7SZVwoPhVrZJJ0-e1IJEa2AHWa-rdr2XG36EKSEKC26SywpEGH2x06ZWMlA3gke_CJ02XjR-rL_ACnhHRlCoEb7UgKRCtAyv_hIrWuEFZ-1bPArCsuYwYInYLLi1kHnDwhwNPNJH0kHE2dPnYCgSbbn3H3mkHRimgepLB70FFC1FuXXDb5O7IV9XE8V9wJrgmTPvIVLBywF7yfSH4ZpAP3t2XWK4uAHqCj2EHAWKl78aeFEKIVuxXRdFON_ZvjddGOUt8PIWuBv4uEyt70ikqEaOPzLJsj6dQ&cid=CAASEuRoDYTQBczhhnfgOYAi467z3g&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b09fa1e6c8b988c3ce941bc127875d077cfb2b38a4549bf9d8f20605a120a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35580
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1643
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 20:46:04 GMT
expires
Fri, 15 Sep 2023 20:46:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2032
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8be5b5f0fff7b384ece1fe5afcabe7e2f4549f47e20fc33406186a77ec535b9a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1mODVVhmwi7L0Og_aPy74A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://zdorovia.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-1mODVVhmwi7L0Og_aPy74A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
expires
Fri, 16 Sep 2022 04:58:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
p
a.audrte.com/ Frame 2076
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7243443043593630516
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 2076
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent=&google_gid=CAESEPykcb4Lrj98PJawEWySFTI&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 2076
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D20
141 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 9D20
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:54:53 GMT
l
www.google.com/ads/measurement/ Frame 9D20
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQoBjyCwZT7wXuIvrdZ1ZB26jQMGkRk_S27WLZiNQrj-CbmANBoNQBS-nPJFatTL8eu-yyxuLyRZag1E_yIcIlGuICiig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

integrator.js
adservice.google.de/adsid/ Frame 568B
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 568B
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 019D
603 B
65 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820319&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336992&bpp=13&bdt=119&idt=220&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=2499671178418&frm=8&ife=1&pv=2&ga_vid=69173635.1663304337&ga_sid=1663304337&ga_hid=1111988166&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3900141726&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44772927&oid=2&pvsid=3083802158083473&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.4inljfa8vab0&fsb=1&dtd=233
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 9073
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
43 B
841 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYtcmJDDAB&v=APEucNVD6u1WALcoYB9KjqqAiStq7Hql6xvyKdkjQ-cCLE7YzitbP2EWijbeBEUKmDqpSJMu7mEZFQeGz9d_YMlRlieKdeqKyrjhI5uSmFuxxb8GUhDToLmctzZ8OwUQAgv-kquj8nF3OdJSQ0obMg8gPtJXPQGzCp0ZNGP-LAozh2Pcm4hepto
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707ac4ef6dc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ozPXM0YvQqTMufkugyIKePfbPDymVVNib6utd5Hyw7QcGyjYwvasrj7UsIUFqDr6XVUj7DH1blwIf8iu9KJ5dy2l9wkmFHftrYEwjzhvHbzkLNlZLsES757rMeRx5GIu%2FnI1IQU2CMW1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9073
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyQCj3Zu-EpQ-0yXkwbANAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
43 B
846 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYtcmJDDAB&v=APEucNVD6u1WALcoYB9KjqqAiStq7Hql6xvyKdkjQ-cCLE7YzitbP2EWijbeBEUKmDqpSJMu7mEZFQeGz9d_YMlRlieKdeqKyrjhI5uSmFuxxb8GUhDToLmctzZ8OwUQAgv-kquj8nF3OdJSQ0obMg8gPtJXPQGzCp0ZNGP-LAozh2Pcm4hepto
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray
74b707accf6fdc67-LHR
pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUujqcOmOFUxXxxvDi2H9KXiXDBTvDxBac3qJX7%2FxCBIhp60iwWInEYBGTl%2B34%2BMF32sz1Ny8B7V3ZWktgDvRJF9ADlH0GYqIXPytgclaW7Zop1DrKkvO%2BpPGTc7RKA7QJjxWr9lrgHXiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEACCSHEnJ2g9Ac4EmVl22MQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9073
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENlxP6FSmJLBzk-YiRRKDkM&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENlxP6FSmJLBzk-YiRRKDkM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYtcmJDDAB&v=APEucNVD6u1WALcoYB9KjqqAiStq7Hql6xvyKdkjQ-cCLE7YzitbP2EWijbeBEUKmDqpSJMu7mEZFQeGz9d_YMlRlieKdeqKyrjhI5uSmFuxxb8GUhDToLmctzZ8OwUQAgv-kquj8nF3OdJSQ0obMg8gPtJXPQGzCp0ZNGP-LAozh2Pcm4hepto
Protocol
HTTP/1.1
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:57 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a20f0f77-5530-489a-957c-592557d7e52f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENlxP6FSmJLBzk-YiRRKDkM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9073
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwNTE1MjkzOTIwNDYzNzUxOA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwNTE1MjkzOTIwNDYzNzUxOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYtcmJDDAB&v=APEucNVD6u1WALcoYB9KjqqAiStq7Hql6xvyKdkjQ-cCLE7YzitbP2EWijbeBEUKmDqpSJMu7mEZFQeGz9d_YMlRlieKdeqKyrjhI5uSmFuxxb8GUhDToLmctzZ8OwUQAgv-kquj8nF3OdJSQ0obMg8gPtJXPQGzCp0ZNGP-LAozh2Pcm4hepto
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:57 GMT
X-Proxy-Origin
82.199.130.37; 82.199.130.37; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d1cad9f6-1ca7-43f7-9f9d-2482e9a04505
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAwNTE1MjkzOTIwNDYzNzUxOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ Frame A8B7
346 KB
122 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124739
x-xss-protection
0
server
cafe
etag
3295160821262730233
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Sep 2022 04:58:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84B6
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4352084463851&version=m202207220101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84B6
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4352084463851&version=m202207220101&ct=76&x=1&cor=10072556989674424000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 84B6
96 KB
35 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI4JaHfrKz3vlzU6T6Raks9BQPmwgo7VajwagBYtido0GCVrFKgKk4aWsGuxdggVBjT2MzjJ9ZJGd-qSwXXJzdqCoPXDK4eI5_BP6MEUXATov2Vs21pUXxR4wkQV6cuwXe0nxkDXDDt5m9EEBeXGZkluaSkmnOWmKCc76ruhe59TWh8NI&dbm_d=AKAmf-Bd4-kaaEEbLHhZCszYtL6E06QexuK-8Gp4P2vVDy7nMEHzT9uxzBjhCKuOxOOf8wbvdWStpxKagZPMuiE8wfD0G1w48COUzfEzCzCMiQAJ5l9-8jQwVDarS1GL8KA-jXKzMPvMcgtkNqK9A40Bh-n6rwYC4x7DQYzFsgRUaQ1xa2DDmj8nNi5IQWVad8WElt_ZlSoF1Sb9Q7OjaTgjUqI_QkqphiXi9sQiNCfE6poIRRSTBq2LG2L_Irxm8jnzPyRDrzvQOEwun766ELOAR-s8sONctOYOzEOT3MruEr-M8CzrbKeGhyXapH2p9byizSe3_QrgVp3QEdw6tyseR76jmLlnhM9GctmwcgdgZYJLo2nTRpRwZOspPXLvT4RHIdOM69VFT3SZNv0jBRMlYgcus-kMPxr6agpeSqlatvSZwSHDqFJfpeWY0CzsTvXzkS1l-dx_QhPwRboVS6BUa_kuc7bjg935E59gpQ_f3hCfjrsAKxDbvayDZJ92wti2dIYzJLxae6lygyiV8S_1pMEzgJDyX3pLzi60vGtzeg-9z-Ay0WBDuW1N0WRI7DRbxevRDdIwPFLMS5l6eIztH_wmc4Tkt5xOsAebishPVu2t0_Jj_ygZZkZkB7_g5TQBBwSv7_6sM6A1wf-gBOanRYyWf_64QHO9Xk82-MS274uX6ifxLmDRQkWd-Fg8N6Mu1rfZQIYtOF9yNprsyqZc5LUpod6NZNKZAKi7Z9_shRBXcQwP6nCp3sub8nooxSCiGBhI7J7R9Nh48BxOh2nyq3fQVbcp0BD6hD4tATbtbjqT7XmoQIse2cr9UHfFkE-3FEpewgLUA9crIYvX1itKr6frQywHnHHWkzcFwugACFFN_n123BE1xcamzF70iJR5hMnDGSBbPiWIz-5gwZnATf6NsDxzRgGznGSytFcfAvDrNl3yLYafiyVp7_cLeZH4LDlQWZFcs3P0jrG3hgr2HlhG2D2_bFDX8bHGyHIIj4EdZ6NnFT9IOTj8s9DnW5i8iHilBLePDwwTCFuY5exEKBDVKxjMVa2FlXGUTKnT9TDhHtGC0_YZ37mPfIxgsfGh_1Gx3h6wId4WSc4VHA3nHUlPupKACfgv4lOtQke4namvRo16ICX9wXBAskOJj9pH-whsjPpyape6Ie5O0DGm_Jou5LI--mfQ7Md2MdHR4pq-7R01DwDU8ePYq3cO89F4UPzUBhCPHg21njH17pYE4NU1P8y0he9pUyv7RuUWNP59v89PG968FbaULy65vQ1F5w7Madc_BcaQ_DIvLMswa2hDq3GjabeoiadspPLGy-jF3qBvarIrfM_pMNdGIrC3-1Ht7dvhOPpyA3G_g6to7MMWxCoHzrJn2HgszATAkhaemN2oofPN1LlTI4EZo32q5aQRUduWcm_ueiu4kLjDyf6M03KIMZf8dLrx73rafp8T6us4-i_Ymp3HZY7EsbaUG9pcqoMWPIlZ5Lud2IyvErQFEAPeHXe5NAQh3p4Dv7YUf0AUFf4J5GIl7hgPnAdspioofDCvgsZVavFmBIjrvtQnHCavTFb-6fElGdhcC3uKdxoFwrx6CrhKvj7MPt7zDWi6JbxdUlnNnTVPxoAKX8rOkZRLbZCAYn7sVaISfN0KoTFzFovm0TYd7tfFWAvS7QA9Ap0H7Y-BU9nVjjxMbyzzjuAZWjeh9X54qYzm38bHz76SrCSXppyuiB4Hhf1M25MxaZqGx1Ao1mKoBZyAEL000iMfnZroI0nieQCZK79u7blGtcUVEj-mDP6e2OANDD5aUC211IvHDR2ilqCsf8USqKHWlJ4ox4xTYaW13ZbBWDk-tuP-jXUazEiTME1pJGqiDLfoo7SlAClDR4mohvTWwtrP5opePURFDb-9Nm6hKnYU_n76q4VC5TAD9Flg3s7GEebvJzzYxIvtjIK3Vo9G_tkPQAA40Zk84tq_KPg9SZDnuU0mwci27J5j5xHnEOwZr9xKLIjRVYtUsq2JThLK8ezophiEYnv8bcJsgTJKEVUoMKR1NJC5a0xy6B1uY3Jckg5Z2Qvsk-DnJ2asXYFyCFouhAvQJW3DJd30w65LYodNK_AIi3l9zV-2Cj_1gPTZ7uFazJyhuAyutlObNG0USgzJlwis9YWFOXJDrSuoBJthLBKuS276pN_81HfMV6GqFqHJqag1fHggtmabUG6G2IB0lk3dczEmw4aXor0lhUXE4HF_8NKq9dCF2jvVvFGjjTMNAmLT0BLO3KBXPSRCUXF_Ftyv22E6NEA0Yg2HeE7tyEgwEhYmQ4Xp8amB2hytoAAT4qWegjHDYtpb0NO-Zs18K-myvRc-7UMYeQLR_AZMxwV1BRCisZNqdtjw97y4m0hQ0Cup6qYcjK35ANOqhETnUDNLq6QWrwq0qw9ao_6zWnmsMbztRnvzelBqDQ5c2u0a8NL5jn_2CtPIpzzs5DQ01XrfF3AU5ON3ekNbFLk7QlHxykkpmZ1WYv1qlDJ5gS4CEguv6XAzBcVfll6VAWg8EnwRVzKrgkBQpalVwX164nrfzkPQHMwvaXoOtNL2IE7Kzi4VfWp_V34v_iLfrb_5dom2sLAf5iRfT0L7BU_NPZGzlSvCRYDM1yJAGUA1Q8rytPwXLYYt11EGPXP7jFvKN4hsmxnYYcyghTBEAy_Ic8zvyLS-3M6PoWA4k8njNZCuy9vOCfquL26EhlVvcka7qeBLWzdevLZ7s4I7KAj2D6Olm1g2HNOBClWFpLnPsUk3wJn6z88uUtWtKT8NHNYDRuPlobIDhq4_TS97naLfXjt0JCWui2t9Ae1Zk_XghNIhYV2ew8NHl-PLtiq9N4sVez0OZeriGKnw-P69J6mVsa9i_0oTnjbLN7S21y1lZNxUhawcAG5Zvmy7c1MEVO1Iv_DRANNc8fdFYKOlZbZQxZiyxNAqkTmXGyHoVRjPqbwnHuy_wBY5omFVwneTE4DfzTSbQQ582mZRl3vbh8zga5Pn_GDcse5X8Wm0lzGW8NYrp8MpW8NTduPUj1uKjFIFZVugUUKea1SB_njjfIK-8mfVyuCClGpXRWi7uVTgDxj3AfUdmSwDUvWBq1pNqq26BVFTwqjLb1mS5KgI_0ETrSu-haWAXzAAOO5YrPJzYLYZdk3bfNFoKEuoRfWc38A7JKtbbrV22EBzpGw4IuW6A8VTskcd4_rDZueRyy8uPgF81aXSWCsOrhs2mFQV_-SBj0YiMT6JsyFSTfKtma7FPoI&cid=CAASEuRoKlAZCmU6yRR3t-M-TCSWjA&dv3_ver=m202207220101&rfl=http%3A%2F%2Fzdorovia.com.ua&ds=l&xdt=0&iif=1&cor=10072556989674424000&idt=103&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73c064e058ee20b885cdccf610f33e48b6086ec93a06bcfc2b57f0ef1687f2bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35768
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9E81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvTTBbwHYTihb2EPZHRKo8&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvTTBbwHYTihb2EPZHRKo8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrbuLCzAB&v=APEucNU21q0Lvj1I09EKPQ8GJLtxo6uTfPz4BixmbbKade9cXrtHfCsKU13gfmXu6kMaaDB3UX9jex1BNL7PZht2KlGmTPdAK-h5o9MSWIGIac5oxxYd5dHKpsd5ITi0zGmkaf-ZTC-YO2TSosmBoiQkQov2FnVIOAFfs92MIpN8ciogyFYOUhY
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOvTTBbwHYTihb2EPZHRKo8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9E81
43 B
304 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrbuLCzAB&v=APEucNU21q0Lvj1I09EKPQ8GJLtxo6uTfPz4BixmbbKade9cXrtHfCsKU13gfmXu6kMaaDB3UX9jex1BNL7PZht2KlGmTPdAK-h5o9MSWIGIac5oxxYd5dHKpsd5ITi0zGmkaf-ZTC-YO2TSosmBoiQkQov2FnVIOAFfs92MIpN8ciogyFYOUhY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 9E81
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGx4FxUG3g84H-g3ipbFc60&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGx4FxUG3g84H-g3ipbFc60&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrbuLCzAB&v=APEucNU21q0Lvj1I09EKPQ8GJLtxo6uTfPz4BixmbbKade9cXrtHfCsKU13gfmXu6kMaaDB3UX9jex1BNL7PZht2KlGmTPdAK-h5o9MSWIGIac5oxxYd5dHKpsd5ITi0zGmkaf-ZTC-YO2TSosmBoiQkQov2FnVIOAFfs92MIpN8ciogyFYOUhY
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 16 Sep 2022 04:58:57 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEGx4FxUG3g84H-g3ipbFc60&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9E81
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrbuLCzAB&v=APEucNU21q0Lvj1I09EKPQ8GJLtxo6uTfPz4BixmbbKade9cXrtHfCsKU13gfmXu6kMaaDB3UX9jex1BNL7PZht2KlGmTPdAK-h5o9MSWIGIac5oxxYd5dHKpsd5ITi0zGmkaf-ZTC-YO2TSosmBoiQkQov2FnVIOAFfs92MIpN8ciogyFYOUhY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 16 Sep 2022 04:58:57 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif
logcz.aspx
ads.go2net.com.ua/
0
220 B
Image
General
Full URL
https://ads.go2net.com.ua/logcz.aspx?zone=ed2476d6-dc6a-46b4-b1f9-1613392c7015
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.0.227.107 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Sep 2022 04:58:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9D20
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 15:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Sep 2022 15:19:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 9D20
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUncTLtRyHX9LMtHas1ou1ZLGOApqlDh08-_tyCE2D2abQNVxfYWjuJSQ28FfuJmSwxpi3LOl8-WO6VHI698wzVLAkaxWIduehoTZg4glT2IByIKK2ouIAlGOEFnhlTyga6GVIXM3WuFhrmNXUZcvCn8MvBylOqaXWwHAFeO-VADrVedc&dbm_d=AKAmf-CTVX0HdqeMpjLkDDgk8DxeRazlqbbvEyyRTDUqWTjNlSMefFGkwK0r_wZntOD2hcd5VfaUOq2YzTe8zkKBplMAw9UIGjv8Tr91abRd3WHnNQluix0AzZ3IGt4eJ2DObaHTtyWzNmjkUinWAmuR_7Xp9YXOYwdk8oyi22U0pgWw3_9Z2MRbG0dScCpm-VtZLbDr4F_f33v_-NYld6ToB1qsJS0Keinl1q2n7YSZHHevGBm7zNAngv-O4u5ATUlIlYlOd74gFXFxSZrPOEnU9SHg1C7BjQKRUnjjuA-2sHfZieZ8oelqtjJbQDaPZHkJKfj5m9DBdm3sC8bRNlfJrUj0UYKIB8XY1f_anz-7AzY2eB9LK2Juis9NnMzAnNa7AKVo0awU2oN0J-On3XN75VYaWEmtGftzKR0xaC-lTFDhRdvL6UT5lYqKGaCL14oRKaVWsRqAUQTkCgm_gH9LO8sqKdyrCmYLaK-_s9OcZiAZXFD5vk1YFX9gPVXuA7y3t0wln46FWfc10SJm_KVOm0EKgSBGFw7UZmZWiEJlM22JoMURQkrQHKK0fz_wrbRgt7mvcOG_xk7Xc0D6GF1IGGspPZyhR8KRWW5GlRW40MfLI5P3oEoE6YndQp8FfrqO3J1R8TSHitXATnOlPIF_LwamUAbuSZdh2jSk2DU3nXXiUlLCNl_2aANMWq5aHyuiYlSq7O_-pxWQMiDvkFchLKVVs7fGx4kxBeOKyhRbsZ1tZqz3DeFX4yLoOFpfssKh2p_mt_B5kfmFNcREDk57nNyBHpsYtAk0onPwve2ZE7zbL7-gpwPXkLD6So-16GTDzd_RUCnH3bx6yzjlWVvYzdvCF5Yo18WanyKtmZCMaLc4o6WLTiUWiVubBz2JC4h8eVVOjRN-LuHEhz5pIXdA5BpY8bgG8GkIXUXd2cDXWhzmj89Jlf9GMs1KAfw_glFMs3XEE5U2_GlezDbdGJbMv6Hdqbz7DBQBaiLUctnXDpNMZAmtPvProsLeACzXRxpC2QLLFMIEPHDeZ7d-ksFv0weaXwXtuyx45L_agtOY8POcqjmcwbH-SyRVmafACDHEHYSuIpBzD5bv8TZ4cjotn30iVwm5gx6R6UQc5yjh8rkI4G3PdpK2IFjnbV5F_GW5Tyo5Kia0vJtNl0LgImNysEqKB7kNKXBGWNBun5K0AT_jNUE5y7H2LVbbvPtSy8DflYP13uxRO2F7FEGjFANhSZZwSE0EDKUZ0UtRvulYiyTL7mJNJOIncAZDE51M6H8G-jLDZfjKc8HnCX6MyXbtHs_D2H97XVmKq5CC4Xv3qXCcJ4pwGWtmd6OcyFwjLtpGC2IK9t6-vVpfG_ZbP1wD6yy5mEAHP69f7N-pQ326DUv91KWs1-ZJ1BQVa7m706QBi6DQ_SuJ27-MEFR-rkL_BEagylljAQqoAE4EH87uECNhz5vq91B1I72-g7eD3QM2eJTEpcpsT_Ff1VKw95A6cDdth-OmPlu409SQDpn9gpFIq-qt3KImGdc-MPbihWAhxCSaBKx2Nto-dFE54KLb9Xr6wGtLCKhLhNxbguuKWk--odjRlJdZb8uiScswLO8S50Ew5_i51KqbnIyHLfYld6wrakAZ1QM4Z2A-4_t03Ke9__RsH2ywgL6cth_TYU-6sfQnVbjeiPGnKviX7Xrs1TfFl3X59g2j0LymBSwa9HFU0G7gkw2JOdw8ZNS7Hd-7pAksAR1MqB4NE_vWyGKbv797KaMP57w6A5q-TrFraR7J968B7X7uZ7julCJtgz6wGxfsvt36mIgUb1m5YsmGkI0co8SLpy-EahqSXiSSSh3j2LaVKwaKq7_jZtbzHVAoZ5X2nGbyEUmu1zYJQjeOSvladPqxiNYaYCA7DWSa1JFSdCQw6DFKa3a7JeW1w0Dp49UbxpJGZbuiViIn1mqdYuHFe3IoSHSvRstBZXsje38-q38bKYLRVXUOv6zXHERFq2ysJAOuUmYGgmXBFtoDEy40-9zceYHNNgvy8_RVDQbxO_bwokvYQmX6vT79_i22h-ghj47hbY8zv18GU5fytjkPK1VC983RHE3pjKnqTFwIcFbWnM8LyuKcwCzWSlZ9wzxCFHBD185J_51wWEJNs4AXEenhEZPJqFWq3bhj4gVLCSrKzj_iOqp4euIHSZY0eVfUO8ETg9Cyx6Jk_lJFKv0CcAI_Vi3OhmaEcd2dUi7nnli5E_aDt-zTGIP0HZQhSg2Zs4-n2LobTyCBT4AcFpd1xFGC13PjDdmIBu5UNie2v04GpvZsHwnbe2j62yFfDIR4mMl_eEZ2AWLO_N0Pb9pbNXq5_9M_w4ur5HKlUZEt4gCtbhP6W9KExJOyL-1z2PWpWntC1FTzhNJWu53bXEYkf03ToFY050Npt-E03oXyTB22UC5lpI_N9sNN-DGpOLSAfcPRt3dgnEdDPYl05J_uqI2kQMW77VfaMY_Ir9iD6z4mywS18caqKwQu2foSCcUqLN9-UxbGdr4whzAPYFqBR-v0dnkIXFjd9DTieN4ZQktQrIxYe8qzWXIgyooJImN3iuklKIACsDVbeXWUxaw1AbS5yln3vg1G4krSaypu8QQjyRXbejB23IRLcT1wPxmHwbl7K4jLuu5X2sy3-Ow-QLJCX6my70MiMuf-fDvetJdno971GcOW_i-2OtADSSxTU-ur1tBlTpAoaz_eqtokCiM94wLd062rmeSudhmRduJ8H2n6WUl9rboOpk4CaN41yV_6-FJxgz7wikrSSbsG_js6O8Q-h8tDnTLvmRBiHEtpmCfFulusprxDmO3M8KQFOSEivCHNhNoH1lMc9OhhkosK07V9sph1YVMbFD4mXa5GrTsVvgmsQaPRr8rfsPyeTMlOMtad5PKTudXpV9wHOYUEv6Jt46_FMWGdCIlSTQ5kPV_zz5RruMAra7SZVwoPhVrZJJ0-e1IJEa2AHWa-rdr2XG36EKSEKC26SywpEGH2x06ZWMlA3gke_CJ02XjR-rL_ACnhHRlCoEb7UgKRCtAyv_hIrWuEFZ-1bPArCsuYwYInYLLi1kHnDwhwNPNJH0kHE2dPnYCgSbbn3H3mkHRimgepLB70FFC1FuXXDb5O7IV9XE8V9wJrgmTPvIVLBywF7yfSH4ZpAP3t2XWK4uAHqCj2EHAWKl78aeFEKIVuxXRdFON_ZvjddGOUt8PIWuBv4uEyt70ikqEaOPzLJsj6dQ&cid=CAASEuRoDYTQBczhhnfgOYAi467z3g&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:29:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 9D20
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUncTLtRyHX9LMtHas1ou1ZLGOApqlDh08-_tyCE2D2abQNVxfYWjuJSQ28FfuJmSwxpi3LOl8-WO6VHI698wzVLAkaxWIduehoTZg4glT2IByIKK2ouIAlGOEFnhlTyga6GVIXM3WuFhrmNXUZcvCn8MvBylOqaXWwHAFeO-VADrVedc&dbm_d=AKAmf-CTVX0HdqeMpjLkDDgk8DxeRazlqbbvEyyRTDUqWTjNlSMefFGkwK0r_wZntOD2hcd5VfaUOq2YzTe8zkKBplMAw9UIGjv8Tr91abRd3WHnNQluix0AzZ3IGt4eJ2DObaHTtyWzNmjkUinWAmuR_7Xp9YXOYwdk8oyi22U0pgWw3_9Z2MRbG0dScCpm-VtZLbDr4F_f33v_-NYld6ToB1qsJS0Keinl1q2n7YSZHHevGBm7zNAngv-O4u5ATUlIlYlOd74gFXFxSZrPOEnU9SHg1C7BjQKRUnjjuA-2sHfZieZ8oelqtjJbQDaPZHkJKfj5m9DBdm3sC8bRNlfJrUj0UYKIB8XY1f_anz-7AzY2eB9LK2Juis9NnMzAnNa7AKVo0awU2oN0J-On3XN75VYaWEmtGftzKR0xaC-lTFDhRdvL6UT5lYqKGaCL14oRKaVWsRqAUQTkCgm_gH9LO8sqKdyrCmYLaK-_s9OcZiAZXFD5vk1YFX9gPVXuA7y3t0wln46FWfc10SJm_KVOm0EKgSBGFw7UZmZWiEJlM22JoMURQkrQHKK0fz_wrbRgt7mvcOG_xk7Xc0D6GF1IGGspPZyhR8KRWW5GlRW40MfLI5P3oEoE6YndQp8FfrqO3J1R8TSHitXATnOlPIF_LwamUAbuSZdh2jSk2DU3nXXiUlLCNl_2aANMWq5aHyuiYlSq7O_-pxWQMiDvkFchLKVVs7fGx4kxBeOKyhRbsZ1tZqz3DeFX4yLoOFpfssKh2p_mt_B5kfmFNcREDk57nNyBHpsYtAk0onPwve2ZE7zbL7-gpwPXkLD6So-16GTDzd_RUCnH3bx6yzjlWVvYzdvCF5Yo18WanyKtmZCMaLc4o6WLTiUWiVubBz2JC4h8eVVOjRN-LuHEhz5pIXdA5BpY8bgG8GkIXUXd2cDXWhzmj89Jlf9GMs1KAfw_glFMs3XEE5U2_GlezDbdGJbMv6Hdqbz7DBQBaiLUctnXDpNMZAmtPvProsLeACzXRxpC2QLLFMIEPHDeZ7d-ksFv0weaXwXtuyx45L_agtOY8POcqjmcwbH-SyRVmafACDHEHYSuIpBzD5bv8TZ4cjotn30iVwm5gx6R6UQc5yjh8rkI4G3PdpK2IFjnbV5F_GW5Tyo5Kia0vJtNl0LgImNysEqKB7kNKXBGWNBun5K0AT_jNUE5y7H2LVbbvPtSy8DflYP13uxRO2F7FEGjFANhSZZwSE0EDKUZ0UtRvulYiyTL7mJNJOIncAZDE51M6H8G-jLDZfjKc8HnCX6MyXbtHs_D2H97XVmKq5CC4Xv3qXCcJ4pwGWtmd6OcyFwjLtpGC2IK9t6-vVpfG_ZbP1wD6yy5mEAHP69f7N-pQ326DUv91KWs1-ZJ1BQVa7m706QBi6DQ_SuJ27-MEFR-rkL_BEagylljAQqoAE4EH87uECNhz5vq91B1I72-g7eD3QM2eJTEpcpsT_Ff1VKw95A6cDdth-OmPlu409SQDpn9gpFIq-qt3KImGdc-MPbihWAhxCSaBKx2Nto-dFE54KLb9Xr6wGtLCKhLhNxbguuKWk--odjRlJdZb8uiScswLO8S50Ew5_i51KqbnIyHLfYld6wrakAZ1QM4Z2A-4_t03Ke9__RsH2ywgL6cth_TYU-6sfQnVbjeiPGnKviX7Xrs1TfFl3X59g2j0LymBSwa9HFU0G7gkw2JOdw8ZNS7Hd-7pAksAR1MqB4NE_vWyGKbv797KaMP57w6A5q-TrFraR7J968B7X7uZ7julCJtgz6wGxfsvt36mIgUb1m5YsmGkI0co8SLpy-EahqSXiSSSh3j2LaVKwaKq7_jZtbzHVAoZ5X2nGbyEUmu1zYJQjeOSvladPqxiNYaYCA7DWSa1JFSdCQw6DFKa3a7JeW1w0Dp49UbxpJGZbuiViIn1mqdYuHFe3IoSHSvRstBZXsje38-q38bKYLRVXUOv6zXHERFq2ysJAOuUmYGgmXBFtoDEy40-9zceYHNNgvy8_RVDQbxO_bwokvYQmX6vT79_i22h-ghj47hbY8zv18GU5fytjkPK1VC983RHE3pjKnqTFwIcFbWnM8LyuKcwCzWSlZ9wzxCFHBD185J_51wWEJNs4AXEenhEZPJqFWq3bhj4gVLCSrKzj_iOqp4euIHSZY0eVfUO8ETg9Cyx6Jk_lJFKv0CcAI_Vi3OhmaEcd2dUi7nnli5E_aDt-zTGIP0HZQhSg2Zs4-n2LobTyCBT4AcFpd1xFGC13PjDdmIBu5UNie2v04GpvZsHwnbe2j62yFfDIR4mMl_eEZ2AWLO_N0Pb9pbNXq5_9M_w4ur5HKlUZEt4gCtbhP6W9KExJOyL-1z2PWpWntC1FTzhNJWu53bXEYkf03ToFY050Npt-E03oXyTB22UC5lpI_N9sNN-DGpOLSAfcPRt3dgnEdDPYl05J_uqI2kQMW77VfaMY_Ir9iD6z4mywS18caqKwQu2foSCcUqLN9-UxbGdr4whzAPYFqBR-v0dnkIXFjd9DTieN4ZQktQrIxYe8qzWXIgyooJImN3iuklKIACsDVbeXWUxaw1AbS5yln3vg1G4krSaypu8QQjyRXbejB23IRLcT1wPxmHwbl7K4jLuu5X2sy3-Ow-QLJCX6my70MiMuf-fDvetJdno971GcOW_i-2OtADSSxTU-ur1tBlTpAoaz_eqtokCiM94wLd062rmeSudhmRduJ8H2n6WUl9rboOpk4CaN41yV_6-FJxgz7wikrSSbsG_js6O8Q-h8tDnTLvmRBiHEtpmCfFulusprxDmO3M8KQFOSEivCHNhNoH1lMc9OhhkosK07V9sph1YVMbFD4mXa5GrTsVvgmsQaPRr8rfsPyeTMlOMtad5PKTudXpV9wHOYUEv6Jt46_FMWGdCIlSTQ5kPV_zz5RruMAra7SZVwoPhVrZJJ0-e1IJEa2AHWa-rdr2XG36EKSEKC26SywpEGH2x06ZWMlA3gke_CJ02XjR-rL_ACnhHRlCoEb7UgKRCtAyv_hIrWuEFZ-1bPArCsuYwYInYLLi1kHnDwhwNPNJH0kHE2dPnYCgSbbn3H3mkHRimgepLB70FFC1FuXXDb5O7IV9XE8V9wJrgmTPvIVLBywF7yfSH4ZpAP3t2XWK4uAHqCj2EHAWKl78aeFEKIVuxXRdFON_ZvjddGOUt8PIWuBv4uEyt70ikqEaOPzLJsj6dQ&cid=CAASEuRoDYTQBczhhnfgOYAi467z3g&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttp%253A%252F%252Fzdorovia.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:51:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C418
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFZQdbCpDm7CV4_VYEmxuLITpLElIywvjajKBmkSJLrY5gLeh60T392ekHcP2_q8eSEc_BMNkQwUvWyIQnMKaatn4fOhN6vtCu6iHZeQusAc14HAk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C418
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C418
141 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C418
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:54:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F442
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtYhIAmLiZyLxfAhTI_lJGmbMHo2MzBk0N-DqHwH9dxjc3D0pBGs1hYylid3eB0W0dQtElKJOzppAZIAN59TKG-CWs1Oo8XoIa0phL7X6wK1DlOdU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F442
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 03:59:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F442
141 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F442
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:54:53 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D8AE
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNXA4UV0IMgu3murVA5Sfba-GUFlS4AtskTNZU0nz2fvLvu0PyJ5ya5UQrAo6EMJ2DjgmiqKmCybe9tl_z1ig-0s6q51fg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C418
80 KB
34 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKZHTcilbGU95rxS6yUu_XHMrXOcAOn8PnVOsVJvRmjZz4W_49K-WaHLJOfkBUGKy4iW19ZM_s-L2V-_08ldC-HsyLNQ&cry=1&dbm_d=AKAmf-Bb5pQiZKtkf97T9Ls5ydUZD77ExlJ9iLYNyjook_uY2Smw_Nn8HbXlwxG86Gom1Iv9sd5OCXpncBgPJgXJ0wWu9rzIhHNNPJ2aUJf6jt0szE0ISQQnpKD-NiWVDnRw_Zt3rY7kZoOB889NNRPR8bCWuOduTGJYMrWXvyuqAfccJWqSdv9tbq7IA9_7fmPnl2tBukBprMLNhTR74efqovmYz3q-u6yhJ96_Mrd1kTz_HZEnhMlWqKaZQn8BuNHSleOPEo0HBlvLPrqWvMvNE7oda_QE43zhTk2oP-7dgXEDfV3mHULjquyvMEjXrOguIQEn6VdyJbnHlJSEZKDRI-2KH_ccBTS7j2hxxFASoPYX-bWctteRn6jLiQTrPZsqkGNd2Ei4Ar0GzCPZjSzcADMASI5PcjV5RyVuTJ4IJamN7pOOK-pc7-leueRdjrb5cJsZ11YC2A2HGUVW4BCe9GmAFLwEDlsLXXJbDqlO9LMun2pUKU6_KqQfbhJG3kSO8xIabDlXKp2tSh-kJSwpqg2VbZArHXEQ2P_8thr9DBLHBSU2QwQZ73u-lsxBkxOrj8UldSSZsi1oZgZA2oonGyskV86PBUNpInXd9YCSSsN_v3mgXy6Er5y6j1Hn7a1-AZ3feMwWzjM5Ma_hO-FXuyKSMBOQnrXamCKRPJbxAPDrYkL6eKBsU_6kmQCXxN84RoOQa_a2qHJZcGBL0s_-n2_MLeTsIf6ENYvYZrMCr6PDsR2RhVQVOXSXulOwJrESsD5gP9U2SSzkIQ11uxmSpm5gSxkbkp1vu-p2vFw5L1OHLUXcXCVt9gH6KEGiI-5V22T_T-Pvd1Ew732YvcYSOmxVKwKa-ehp1M0BNItgXYm4f8MMceTf-2wEOBpZ1m4NdEg7Re0q9cptn1lVVF9FdccpA1GSmBkUbo-iBfIrUzioyZWWY0TMIb8HWJgL2l0_5I_gU-Skl4dape1n4nXPEGlKmJuaUJvBQ2Obl2ltrRMjxDZ1b8WiSR3cVOU4QQKTTmERxDGicBiWeH7l-ZvwLVk7soc5OPYJJhcpGyfTp1HJE73G3oipOYLse3ns2j-pc2gVhdAdD7ezAJ3TT_vyOAwrsWCYfnnRiJaO3plwO3iNujyKJ_JhAWkOsvaT1hC6Usz_FhDWb-dELXEfG8H1DvgH82OtRdu7TaVN8gfjF0Odp6x3IkW5ieTtB6kXaY62yHYOVenM-2SBog3PdSqMduCRJKgzqf8_U9N6_yBeGz9aZbZKeFltNyRocUbdX8-k4sTvtye4zlwTJLtLRSu3DxqJtWus1ODumleaRwVXOLLMoMwp8M1eitHzrFFDG8tyZgRxcgjF7aoZdlEjZT27Hy34fuk9gGPEMQKOYWVtXIlGqDjrIiAuwu6gG72tXEPsStN0jb5jPOxosXThyi9kwZneXbIXgKsquDKLFHS1aOZ63h6mzA1mHLsIW071f9dmqKetAwOdJEDl782S5MLTuHJgRrRISQWtQmDI2i3CNuF3ReHPsc2YoRJZ73PvsUhD01gPFzJCnjVqtDGa_RvIzVC-zwpb4UTJOhbmXlh0uRmJF8ti90dKvhjxHh_CTlraX-b92ILqRUJ-oNZSs3FeuJ24VilZ-mlLeXIDmYpXY3xPNSKEZB-48t2Ut1jLWGr6rw9fEiuxb9gu8GEkr9BYE72bldIWYmlTWWW3voIts4wvMj0dTMpo8GOqUvWxECusOGLwZ7TH6suIghNOkSTTW7shtJMy76_WcoQazi9GCH_00Lis0VnMUqlm7uVsrWXrXiD2ds7YZsZj1Zoj8zO5vSNDZT_LK71n6IPdAEaFIAbRYP6LdcjvTiA1cOKPJoUMknxmgwha69XqahHr6Nvm_HB5RoyXM38SpWZJDDCln_WeZyak0_4s0JhgOXhoDsYtr_WAAun9prHTZZGYzwIoBmBzDB52neil6xCMRKcKIZag7-joB40KqH3-XdOpR-u4MqD9h-VhbKCe2PPamnacVAgzJpEPx6eqc06reSQGgEFTMI42blqjABk_aAaGzQc7TFJNQnJJLcATCb9MfHAEnr2Dd6sKNdkqlcIvj1ZVfD7a2nM43VjtjICgsZQ4_RPHk0rsWtUrD0l_II-JIZOVSe4yWMJmeyx5jYa2BIkBvNjVsVmhJGCw_ALDpjc87uWqmJRPth9vxDlDqWKNgNR9dEBoPUTOm7KbSAp-0plPedS2eX6CoW46q5P_6bZtYrT6ci0aGQaypQ88PebcVPa8LpvnAxh6RJPjiyi5td0lTOk82OzXqiEDdRnRvhHyVf-7GeI5g_XmmwsjdXCFdXDpH6Ols3kQ2ZQOsvN6x2Qb1ym2UnuzyndgnEzxzKp8pSUSMYCG-10w4cTxfzJkCdQmeqORfd2TD3tKCbwONDGVD9jViFDBtuxbgDQ1CyFO8-YTn2aQ_0e63gsDlRDwHNKRQChEBamJPTRygrdA8eTLPGmUWK2mgaTuz5_lySPs-P18wRX6-pIh0ooPbtFzAVQKjoATWznms4v5oIes4-4SdbbmBH9ZZJ-8wCTZ21xhUm1MfAoeuX0GeejSEgXCgF4Z8NV1ZogOG8QxjwhKqOEqN7RF9KMjlZUUmfO-6kerWQXjc2WqutokBHz3pzxM8-7Dam8RU6vMw6pJnzmOLQqbiQ5kNCYBVLEXhPzOztP-HydcNamvPF4kM6BZgoCMQ_jIvc6RF8qarsmX_NRH0EfEudzqL19uMIx8DES-kY2kraeQ0VqSh4g_qeCQr2ajDgBG2jGP3Ez6Y13Hztaq1KJKLAWwXJHvBnirDMa9YduDAbSpiqDIbaIxtLTKa2g3TnYGlEkDwnteU-JUslfxHCg6bFgT3ZEVWVjajTAu09tsWI8zNLKd7opYCWtyCnbAy7eZzHaVDlBgftmGDjRi05zpGqYQnb7iEIkEBZXCX1xua55Qm_S-LW11hh1lPNpv6MgkdTWwNkt8Qb7GURo4651gl1eYE1AIqxo-XmeHPCbEio-w15l5tR9D6Y-70CVdcVA4zfdHHXgVkdSUjvlG-9ubd2FnnA0SGvUcMt6Oq0Tyy9BO0d3EDxwWmYrAp62bwCnK2tP0hfSn6qolpuchYy2UBMHex6IsKiPh05AaYOL3GI1dl_NtYF8jz2lMPHHnDW0ABIy8PcOv-OpMKCUmUaGnHaKOxR7F_52hu7EeCpkDRA2V6_wdhqE-TvOsCZrgeoymeAeAXKro_Z9cx2WGbESAi2mI4CDmFbeH9IU6KbyQcf8vNU_3_p9do8CGx4aO6ny0pAfOJR8f5xkELkqJSnu2q87Q19jY8B0EWwrJhMrYQHLVJImU6hBg&cid=CAASEuRoau1IsrAIdrlowCbTMsoeDg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89bdbc062078c991e5d8778f400f3e3ef7124270dc68fca0d860554f7949ee46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 27B8
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6EB3
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNVbwEGQ3oV4hALj1drJGOsxavVrWtN9NpHldABLTf5WY0nIY0K2tzqaalHb-tSTXW3VoK6xiRb2dRt5w83KaG9auER3Ow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F442
80 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1PQ0VXcoLUSlG9wMqk_kGPWJggeUfAUPCMThv46fecW8o9nZC4-SVDbXMmWHOCnnE-9ejAJeEF-BmtxuAjDcECh2zAQ&cry=1&dbm_d=AKAmf-A76jQgEFUfdFrAr8rKvVi-pDCCkplJ6hpptKQGE1hwzKFShFv0yTCs2rymOyl7Qf-yhpcQ5S_GnWu5gY1iURY6xmVMXrcsz6_q3Ox0wOkeuuwe6IYq1G0StQhnkihWJJSYDoxC99Mu8du3rMWMujDdd1RVruQt_kgPybbqkqmPArUz8X3N5MvjOF6Cfnn5nNnX1LHDq-0TdLR-F4W5NjXKI6qsTuKvfmSDCirSrgx1XWFYrMg6_ykNEexBP58F7lykI50vYy5E6EeV3Nwsrwl529Xd-DD3yW6XKE_hq2eac9_NeptXL0dwqn9bSOioAbVUn2CFaFHs-Ew0_cAJwjIpiIRK1omPWCg1QyAFEVHr9lEWQhXmu0jdddcydN1Nmv9A4QTrqjixF0LvaPpqVE1og9oEDIhK7qNWl2ytOcVsisj_hz3mtV7e-zPx64XPMGeQWEv-M1cgf-a2c4SHvC90S3C_Iwi1jcCZ9I69aShIYgR_NUCixhv6ut8XZLeUEzVqlDO46YxILgJFr1MzifIKgV_iZP_TdwrwG6SfjJeBjLO5uZnJzoNXf7655EKfFDWr8tEoazYcf8X_qOtLv2LoPtsea3lvj42316Se64baP_MgC3nfUTauNeS1UopcFs1ULCQadzMmx6vhNbhUK2AP2FM6l9PU-kJdXmsfnmo5Ifnsn8Itzd2BQCCXBlQAkey80s3fFgnWyHBEyPKf2TV7FQpmKbthq1LmSt7Nz9pYAUDDvmdGEWS1jWpAwBxPB10g3OuExugDZSNDDIGrrneArj9NDy8KszZXskvtkIJN5Ih37wWtokXvKMMMWSWFFnVao9aRg-DreEVMlVurSo7pjZYWfjM-kuoZOuL7lhuUM8cPeySNBi09lqDsONOP5qSXTs91D2hI3I7U1Bwzu-Q_3qOicQYrxGOJ1EXpOg5F4i9c16WAwn0Rl46wEac6P061ms_ntFRvqvn43z2VfTSMlKDA8Tlj7zqV8rOtz9bG-bglSG9diMEqpNTOWi6pRgaJqOtam8TglUWlfjqFI4Zs97m21nHxSB08YlunY9kO0VM0yGwvPRmS_yqeCYZVSpysWUVbmI4yNz3VMo6FjuUTRmOUgJIsHpr3VXFdIj_rGso0yMAA8k3gxVa_xM_KEnbOht60JvWcV58Qr_y-W9aywFoB9HW3KNmgnQqJx2R5KsAbRw0IXqMlcbi_KafHG40NHdzqg32sLpvXoNeDWhBG6UN2aSUQWaZlEtRW7mElj39liP_Cvt-dYMhq9CUkUai__p2_PyCT3acBkW38gVbe8gfiFiV8Hj-pIc_s-HaXQhrUgzgJvmZ_J2TJ9VKum1fzMy-t7Qb3YS7AjcNEIm48Dg4OFvZdYez6dOeugXzBHikavTVuMkre3DVQ2fnftPf9HqnKLm3Zh4p1r71Z5G3Qxyf_89IZpOI6TdwiJgpB8gZ4ua6X0x479oRMZSlIjr0PzbM-1pbLHH25ELztlJjwhRYtjSBgnnXz5BbLme7H1MsIpNhRH-h_o7rYaKkHFzabgZLLLZiLuJ_04jTGKUQd6mNYREKAxJpnd8coxIf-W7HSgDjpCTyEwJMJqpOoSI4Sqvdht_0lITYJJ7yCfu74-J1ogIJEHToYXb3ORlX4oqBB5nhzF1HRr5YNHhFLpywO5G72nUhkWUeuMQYsg2B4IUGMoyzKfZnHVNMoBNU1QYDZuG3gYDInke65duuCA0XKgyV1kj4cfcmMEF2YfniMW9-OppjYN3zLYFf5o0bCsDIjopT_bI9d7oKDK-dIQf_EOZCdZyyzGahXvdYeiw_RcxvIDVkpICUV3TZj9HjwuVTU7wZZgk-Mi3_xLpRndWjUFZL9II1gP7IJ8tFhb4UDGkiKPVrd0ze4Hy9UtgrsYWHI3tC6uqrS1-AI51414tcDm24KcYTBvpkp_fo75KOKI64s9TJaUUOu0-zrXf1oM47IoF7zanhQH6Zl9kBqKQRKn3CL0omieoK5B4F_jvwaD-fvGMCNfZ_7LdilgEM31T5BFrEn9m8blZTClYnXD7h8mW10n3gi1Bap4S7qnJsaOzytwjHK-CTCBgSULN6WSyArCtTo6TxAMituojhfl4M9_kGE7ZBY-Ta8g9TklUbrLu_CBe-bSVM4pcMgjucq0O56wlwF2dUs6UOS7MUUSxloXZ3hg-iUXH0Oxak9XVBG3-TT5WW0qUMPKAp_P52RfouJT_wzwd3y3Tpy0NRwS7jSpz8iDYxIm8AVNWglShmmu8QY80vqlmAyop7VdzrMWEZmrO1Hfyx-wYCJhLlWMDqTRnzWl9yclVzj5HTZ4Ue-FNjEvDLXD1a5A-YDImnB0Bvgk6O5RZbkT71IPKS2uN1g1jmyBT7q-Gq94PegPeBx_BaWAHrgY-U33E8IjSPSJIAUM93dytyzyng0pS2QqJ509WviDYeeKCoEjlWSNNorjkdMiR4TsDfUitWojP-Zv86KVA9IhK2q1foFqfEBus-AuNtb-7RsxQak6zASzihrJ1KcnlWi9zLOk4LWGp1hy7wWqggGFpL1YTBKeGzM_VKuRRav69x61-g5zlFdhK_B4c3ZK9aY1_vaLx1RskWhUGbxx9HvQ4lrAMrllWGzfeKyya3CKM2OvMHEkDSFAe6e0SnPItCXD2DljXdmJovut5tIBfrfbAZkn5os75RJV3n7A5zRFcZ9Fb3zEuBw8bLEkPUZTUjVJYsS5z9x2Lli14YaxyrDTkv-9rBKPQkWjklSuqdaG45zp7ZkAQcg2qKgitaOjbB66X9_eUajGB9U-neeMAqrhW7_2vIbj3A9mwB9sP6HWcZWnPB72_V9Q5A14TRF3vR3ObskEaN0-NfiN_wXz_C9r0gQNpDncrF59Q_ty8d_FoRiskWCWw9GWBC30fj6Yms-Gh9j0jIkRxduCzwv7Oy-qu5bE1uxf5hJE_pxGE4vNSscJSbptOMIHnEBFNwSiWVKa05yIwgcJXxj24zmk4thpL7UMTj3g_yRku4EeBEtMmPo8O_kTcIkBntDQyM9K7rH_JoNtN_QbAR5-C6-md2p5feGkbaEJBFmuTtOgpF10ChM2_GobZYTbYv-335afMQgEa3HFguRsdJ29gTGwqr048i70gNb34TVP_5vN1azuPt2Wvj5uv6cZKt6RtxPuRAkAjwqh7iK4vew4XTshtcWKLDIR5BIX4bsVPngdffyc-r-FAQpK0oSaSD_P_f7JH1ciCbbTkcVFij5Nsar-r8oXGGR5H5V0WFD3aFj-4u9AcnkKwD-QkqpXMPeWpzEYZmU5qAE1jhJuXedhJIJwpDk4PMMxObw1sWNOWUlfuCD&cid=CAASEuRoDSBBABlSOfLlCltlAVu2fg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a777f159e928681060a1bbf68cec35a088786e5f01c5cb359305e1fa7e540920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34209
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A409
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2936807560043403&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 2032
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=2200721137496599&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 1643
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 84B6
170 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 15:19:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Sep 2022 15:19:18 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 84B6
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI4JaHfrKz3vlzU6T6Raks9BQPmwgo7VajwagBYtido0GCVrFKgKk4aWsGuxdggVBjT2MzjJ9ZJGd-qSwXXJzdqCoPXDK4eI5_BP6MEUXATov2Vs21pUXxR4wkQV6cuwXe0nxkDXDDt5m9EEBeXGZkluaSkmnOWmKCc76ruhe59TWh8NI&dbm_d=AKAmf-Bd4-kaaEEbLHhZCszYtL6E06QexuK-8Gp4P2vVDy7nMEHzT9uxzBjhCKuOxOOf8wbvdWStpxKagZPMuiE8wfD0G1w48COUzfEzCzCMiQAJ5l9-8jQwVDarS1GL8KA-jXKzMPvMcgtkNqK9A40Bh-n6rwYC4x7DQYzFsgRUaQ1xa2DDmj8nNi5IQWVad8WElt_ZlSoF1Sb9Q7OjaTgjUqI_QkqphiXi9sQiNCfE6poIRRSTBq2LG2L_Irxm8jnzPyRDrzvQOEwun766ELOAR-s8sONctOYOzEOT3MruEr-M8CzrbKeGhyXapH2p9byizSe3_QrgVp3QEdw6tyseR76jmLlnhM9GctmwcgdgZYJLo2nTRpRwZOspPXLvT4RHIdOM69VFT3SZNv0jBRMlYgcus-kMPxr6agpeSqlatvSZwSHDqFJfpeWY0CzsTvXzkS1l-dx_QhPwRboVS6BUa_kuc7bjg935E59gpQ_f3hCfjrsAKxDbvayDZJ92wti2dIYzJLxae6lygyiV8S_1pMEzgJDyX3pLzi60vGtzeg-9z-Ay0WBDuW1N0WRI7DRbxevRDdIwPFLMS5l6eIztH_wmc4Tkt5xOsAebishPVu2t0_Jj_ygZZkZkB7_g5TQBBwSv7_6sM6A1wf-gBOanRYyWf_64QHO9Xk82-MS274uX6ifxLmDRQkWd-Fg8N6Mu1rfZQIYtOF9yNprsyqZc5LUpod6NZNKZAKi7Z9_shRBXcQwP6nCp3sub8nooxSCiGBhI7J7R9Nh48BxOh2nyq3fQVbcp0BD6hD4tATbtbjqT7XmoQIse2cr9UHfFkE-3FEpewgLUA9crIYvX1itKr6frQywHnHHWkzcFwugACFFN_n123BE1xcamzF70iJR5hMnDGSBbPiWIz-5gwZnATf6NsDxzRgGznGSytFcfAvDrNl3yLYafiyVp7_cLeZH4LDlQWZFcs3P0jrG3hgr2HlhG2D2_bFDX8bHGyHIIj4EdZ6NnFT9IOTj8s9DnW5i8iHilBLePDwwTCFuY5exEKBDVKxjMVa2FlXGUTKnT9TDhHtGC0_YZ37mPfIxgsfGh_1Gx3h6wId4WSc4VHA3nHUlPupKACfgv4lOtQke4namvRo16ICX9wXBAskOJj9pH-whsjPpyape6Ie5O0DGm_Jou5LI--mfQ7Md2MdHR4pq-7R01DwDU8ePYq3cO89F4UPzUBhCPHg21njH17pYE4NU1P8y0he9pUyv7RuUWNP59v89PG968FbaULy65vQ1F5w7Madc_BcaQ_DIvLMswa2hDq3GjabeoiadspPLGy-jF3qBvarIrfM_pMNdGIrC3-1Ht7dvhOPpyA3G_g6to7MMWxCoHzrJn2HgszATAkhaemN2oofPN1LlTI4EZo32q5aQRUduWcm_ueiu4kLjDyf6M03KIMZf8dLrx73rafp8T6us4-i_Ymp3HZY7EsbaUG9pcqoMWPIlZ5Lud2IyvErQFEAPeHXe5NAQh3p4Dv7YUf0AUFf4J5GIl7hgPnAdspioofDCvgsZVavFmBIjrvtQnHCavTFb-6fElGdhcC3uKdxoFwrx6CrhKvj7MPt7zDWi6JbxdUlnNnTVPxoAKX8rOkZRLbZCAYn7sVaISfN0KoTFzFovm0TYd7tfFWAvS7QA9Ap0H7Y-BU9nVjjxMbyzzjuAZWjeh9X54qYzm38bHz76SrCSXppyuiB4Hhf1M25MxaZqGx1Ao1mKoBZyAEL000iMfnZroI0nieQCZK79u7blGtcUVEj-mDP6e2OANDD5aUC211IvHDR2ilqCsf8USqKHWlJ4ox4xTYaW13ZbBWDk-tuP-jXUazEiTME1pJGqiDLfoo7SlAClDR4mohvTWwtrP5opePURFDb-9Nm6hKnYU_n76q4VC5TAD9Flg3s7GEebvJzzYxIvtjIK3Vo9G_tkPQAA40Zk84tq_KPg9SZDnuU0mwci27J5j5xHnEOwZr9xKLIjRVYtUsq2JThLK8ezophiEYnv8bcJsgTJKEVUoMKR1NJC5a0xy6B1uY3Jckg5Z2Qvsk-DnJ2asXYFyCFouhAvQJW3DJd30w65LYodNK_AIi3l9zV-2Cj_1gPTZ7uFazJyhuAyutlObNG0USgzJlwis9YWFOXJDrSuoBJthLBKuS276pN_81HfMV6GqFqHJqag1fHggtmabUG6G2IB0lk3dczEmw4aXor0lhUXE4HF_8NKq9dCF2jvVvFGjjTMNAmLT0BLO3KBXPSRCUXF_Ftyv22E6NEA0Yg2HeE7tyEgwEhYmQ4Xp8amB2hytoAAT4qWegjHDYtpb0NO-Zs18K-myvRc-7UMYeQLR_AZMxwV1BRCisZNqdtjw97y4m0hQ0Cup6qYcjK35ANOqhETnUDNLq6QWrwq0qw9ao_6zWnmsMbztRnvzelBqDQ5c2u0a8NL5jn_2CtPIpzzs5DQ01XrfF3AU5ON3ekNbFLk7QlHxykkpmZ1WYv1qlDJ5gS4CEguv6XAzBcVfll6VAWg8EnwRVzKrgkBQpalVwX164nrfzkPQHMwvaXoOtNL2IE7Kzi4VfWp_V34v_iLfrb_5dom2sLAf5iRfT0L7BU_NPZGzlSvCRYDM1yJAGUA1Q8rytPwXLYYt11EGPXP7jFvKN4hsmxnYYcyghTBEAy_Ic8zvyLS-3M6PoWA4k8njNZCuy9vOCfquL26EhlVvcka7qeBLWzdevLZ7s4I7KAj2D6Olm1g2HNOBClWFpLnPsUk3wJn6z88uUtWtKT8NHNYDRuPlobIDhq4_TS97naLfXjt0JCWui2t9Ae1Zk_XghNIhYV2ew8NHl-PLtiq9N4sVez0OZeriGKnw-P69J6mVsa9i_0oTnjbLN7S21y1lZNxUhawcAG5Zvmy7c1MEVO1Iv_DRANNc8fdFYKOlZbZQxZiyxNAqkTmXGyHoVRjPqbwnHuy_wBY5omFVwneTE4DfzTSbQQ582mZRl3vbh8zga5Pn_GDcse5X8Wm0lzGW8NYrp8MpW8NTduPUj1uKjFIFZVugUUKea1SB_njjfIK-8mfVyuCClGpXRWi7uVTgDxj3AfUdmSwDUvWBq1pNqq26BVFTwqjLb1mS5KgI_0ETrSu-haWAXzAAOO5YrPJzYLYZdk3bfNFoKEuoRfWc38A7JKtbbrV22EBzpGw4IuW6A8VTskcd4_rDZueRyy8uPgF81aXSWCsOrhs2mFQV_-SBj0YiMT6JsyFSTfKtma7FPoI&cid=CAASEuRoKlAZCmU6yRR3t-M-TCSWjA&dv3_ver=m202207220101&rfl=http%3A%2F%2Fzdorovia.com.ua&ds=l&xdt=0&iif=1&cor=10072556989674424000&idt=103&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:29:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 84B6
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BI4JaHfrKz3vlzU6T6Raks9BQPmwgo7VajwagBYtido0GCVrFKgKk4aWsGuxdggVBjT2MzjJ9ZJGd-qSwXXJzdqCoPXDK4eI5_BP6MEUXATov2Vs21pUXxR4wkQV6cuwXe0nxkDXDDt5m9EEBeXGZkluaSkmnOWmKCc76ruhe59TWh8NI&dbm_d=AKAmf-Bd4-kaaEEbLHhZCszYtL6E06QexuK-8Gp4P2vVDy7nMEHzT9uxzBjhCKuOxOOf8wbvdWStpxKagZPMuiE8wfD0G1w48COUzfEzCzCMiQAJ5l9-8jQwVDarS1GL8KA-jXKzMPvMcgtkNqK9A40Bh-n6rwYC4x7DQYzFsgRUaQ1xa2DDmj8nNi5IQWVad8WElt_ZlSoF1Sb9Q7OjaTgjUqI_QkqphiXi9sQiNCfE6poIRRSTBq2LG2L_Irxm8jnzPyRDrzvQOEwun766ELOAR-s8sONctOYOzEOT3MruEr-M8CzrbKeGhyXapH2p9byizSe3_QrgVp3QEdw6tyseR76jmLlnhM9GctmwcgdgZYJLo2nTRpRwZOspPXLvT4RHIdOM69VFT3SZNv0jBRMlYgcus-kMPxr6agpeSqlatvSZwSHDqFJfpeWY0CzsTvXzkS1l-dx_QhPwRboVS6BUa_kuc7bjg935E59gpQ_f3hCfjrsAKxDbvayDZJ92wti2dIYzJLxae6lygyiV8S_1pMEzgJDyX3pLzi60vGtzeg-9z-Ay0WBDuW1N0WRI7DRbxevRDdIwPFLMS5l6eIztH_wmc4Tkt5xOsAebishPVu2t0_Jj_ygZZkZkB7_g5TQBBwSv7_6sM6A1wf-gBOanRYyWf_64QHO9Xk82-MS274uX6ifxLmDRQkWd-Fg8N6Mu1rfZQIYtOF9yNprsyqZc5LUpod6NZNKZAKi7Z9_shRBXcQwP6nCp3sub8nooxSCiGBhI7J7R9Nh48BxOh2nyq3fQVbcp0BD6hD4tATbtbjqT7XmoQIse2cr9UHfFkE-3FEpewgLUA9crIYvX1itKr6frQywHnHHWkzcFwugACFFN_n123BE1xcamzF70iJR5hMnDGSBbPiWIz-5gwZnATf6NsDxzRgGznGSytFcfAvDrNl3yLYafiyVp7_cLeZH4LDlQWZFcs3P0jrG3hgr2HlhG2D2_bFDX8bHGyHIIj4EdZ6NnFT9IOTj8s9DnW5i8iHilBLePDwwTCFuY5exEKBDVKxjMVa2FlXGUTKnT9TDhHtGC0_YZ37mPfIxgsfGh_1Gx3h6wId4WSc4VHA3nHUlPupKACfgv4lOtQke4namvRo16ICX9wXBAskOJj9pH-whsjPpyape6Ie5O0DGm_Jou5LI--mfQ7Md2MdHR4pq-7R01DwDU8ePYq3cO89F4UPzUBhCPHg21njH17pYE4NU1P8y0he9pUyv7RuUWNP59v89PG968FbaULy65vQ1F5w7Madc_BcaQ_DIvLMswa2hDq3GjabeoiadspPLGy-jF3qBvarIrfM_pMNdGIrC3-1Ht7dvhOPpyA3G_g6to7MMWxCoHzrJn2HgszATAkhaemN2oofPN1LlTI4EZo32q5aQRUduWcm_ueiu4kLjDyf6M03KIMZf8dLrx73rafp8T6us4-i_Ymp3HZY7EsbaUG9pcqoMWPIlZ5Lud2IyvErQFEAPeHXe5NAQh3p4Dv7YUf0AUFf4J5GIl7hgPnAdspioofDCvgsZVavFmBIjrvtQnHCavTFb-6fElGdhcC3uKdxoFwrx6CrhKvj7MPt7zDWi6JbxdUlnNnTVPxoAKX8rOkZRLbZCAYn7sVaISfN0KoTFzFovm0TYd7tfFWAvS7QA9Ap0H7Y-BU9nVjjxMbyzzjuAZWjeh9X54qYzm38bHz76SrCSXppyuiB4Hhf1M25MxaZqGx1Ao1mKoBZyAEL000iMfnZroI0nieQCZK79u7blGtcUVEj-mDP6e2OANDD5aUC211IvHDR2ilqCsf8USqKHWlJ4ox4xTYaW13ZbBWDk-tuP-jXUazEiTME1pJGqiDLfoo7SlAClDR4mohvTWwtrP5opePURFDb-9Nm6hKnYU_n76q4VC5TAD9Flg3s7GEebvJzzYxIvtjIK3Vo9G_tkPQAA40Zk84tq_KPg9SZDnuU0mwci27J5j5xHnEOwZr9xKLIjRVYtUsq2JThLK8ezophiEYnv8bcJsgTJKEVUoMKR1NJC5a0xy6B1uY3Jckg5Z2Qvsk-DnJ2asXYFyCFouhAvQJW3DJd30w65LYodNK_AIi3l9zV-2Cj_1gPTZ7uFazJyhuAyutlObNG0USgzJlwis9YWFOXJDrSuoBJthLBKuS276pN_81HfMV6GqFqHJqag1fHggtmabUG6G2IB0lk3dczEmw4aXor0lhUXE4HF_8NKq9dCF2jvVvFGjjTMNAmLT0BLO3KBXPSRCUXF_Ftyv22E6NEA0Yg2HeE7tyEgwEhYmQ4Xp8amB2hytoAAT4qWegjHDYtpb0NO-Zs18K-myvRc-7UMYeQLR_AZMxwV1BRCisZNqdtjw97y4m0hQ0Cup6qYcjK35ANOqhETnUDNLq6QWrwq0qw9ao_6zWnmsMbztRnvzelBqDQ5c2u0a8NL5jn_2CtPIpzzs5DQ01XrfF3AU5ON3ekNbFLk7QlHxykkpmZ1WYv1qlDJ5gS4CEguv6XAzBcVfll6VAWg8EnwRVzKrgkBQpalVwX164nrfzkPQHMwvaXoOtNL2IE7Kzi4VfWp_V34v_iLfrb_5dom2sLAf5iRfT0L7BU_NPZGzlSvCRYDM1yJAGUA1Q8rytPwXLYYt11EGPXP7jFvKN4hsmxnYYcyghTBEAy_Ic8zvyLS-3M6PoWA4k8njNZCuy9vOCfquL26EhlVvcka7qeBLWzdevLZ7s4I7KAj2D6Olm1g2HNOBClWFpLnPsUk3wJn6z88uUtWtKT8NHNYDRuPlobIDhq4_TS97naLfXjt0JCWui2t9Ae1Zk_XghNIhYV2ew8NHl-PLtiq9N4sVez0OZeriGKnw-P69J6mVsa9i_0oTnjbLN7S21y1lZNxUhawcAG5Zvmy7c1MEVO1Iv_DRANNc8fdFYKOlZbZQxZiyxNAqkTmXGyHoVRjPqbwnHuy_wBY5omFVwneTE4DfzTSbQQ582mZRl3vbh8zga5Pn_GDcse5X8Wm0lzGW8NYrp8MpW8NTduPUj1uKjFIFZVugUUKea1SB_njjfIK-8mfVyuCClGpXRWi7uVTgDxj3AfUdmSwDUvWBq1pNqq26BVFTwqjLb1mS5KgI_0ETrSu-haWAXzAAOO5YrPJzYLYZdk3bfNFoKEuoRfWc38A7JKtbbrV22EBzpGw4IuW6A8VTskcd4_rDZueRyy8uPgF81aXSWCsOrhs2mFQV_-SBj0YiMT6JsyFSTfKtma7FPoI&cid=CAASEuRoKlAZCmU6yRR3t-M-TCSWjA&dv3_ver=m202207220101&rfl=http%3A%2F%2Fzdorovia.com.ua&ds=l&xdt=0&iif=1&cor=10072556989674424000&idt=103&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:51:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9D20
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 778B
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
48433
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:31:44 GMT
etag
48472445140208031
expires
Fri, 16 Sep 2022 15:31:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9D20
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50615a8a76e29fa2da457b38203751587adbce47b909f627464992921d554439

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame A8B7
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A8B7
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ABEC
603 B
65 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=250&slotname=zdorovia.com.ua_970x250&adk=2065851769&adf=4155820291&pi=t.ma~as.zdorovia.com.ua_970_&w=970&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304337241&bpp=13&bdt=141&idt=251&shv=r20220914&mjsv=m202209080101&ptt=5&saldr=sa&correlator=1832594280039&frm=8&ife=1&pv=2&ga_vid=1495455549.1663304337&ga_sid=1663304337&ga_hid=1570198590&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2357944085&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44770881%2C31067825%2C31062931&oid=2&pvsid=1509434242826946&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.s5sqx25yg99l&fsb=1&dtd=256
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 84B6
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 445F
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
48433
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 15:31:44 GMT
etag
48472445140208031
expires
Fri, 16 Sep 2022 15:31:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 84B6
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6654488286bdf8dacb9b7e890fe75d6e10c158892baf8494d0cbae218088828

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C418
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 15:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Sep 2022 15:22:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame C418
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKZHTcilbGU95rxS6yUu_XHMrXOcAOn8PnVOsVJvRmjZz4W_49K-WaHLJOfkBUGKy4iW19ZM_s-L2V-_08ldC-HsyLNQ&cry=1&dbm_d=AKAmf-Bb5pQiZKtkf97T9Ls5ydUZD77ExlJ9iLYNyjook_uY2Smw_Nn8HbXlwxG86Gom1Iv9sd5OCXpncBgPJgXJ0wWu9rzIhHNNPJ2aUJf6jt0szE0ISQQnpKD-NiWVDnRw_Zt3rY7kZoOB889NNRPR8bCWuOduTGJYMrWXvyuqAfccJWqSdv9tbq7IA9_7fmPnl2tBukBprMLNhTR74efqovmYz3q-u6yhJ96_Mrd1kTz_HZEnhMlWqKaZQn8BuNHSleOPEo0HBlvLPrqWvMvNE7oda_QE43zhTk2oP-7dgXEDfV3mHULjquyvMEjXrOguIQEn6VdyJbnHlJSEZKDRI-2KH_ccBTS7j2hxxFASoPYX-bWctteRn6jLiQTrPZsqkGNd2Ei4Ar0GzCPZjSzcADMASI5PcjV5RyVuTJ4IJamN7pOOK-pc7-leueRdjrb5cJsZ11YC2A2HGUVW4BCe9GmAFLwEDlsLXXJbDqlO9LMun2pUKU6_KqQfbhJG3kSO8xIabDlXKp2tSh-kJSwpqg2VbZArHXEQ2P_8thr9DBLHBSU2QwQZ73u-lsxBkxOrj8UldSSZsi1oZgZA2oonGyskV86PBUNpInXd9YCSSsN_v3mgXy6Er5y6j1Hn7a1-AZ3feMwWzjM5Ma_hO-FXuyKSMBOQnrXamCKRPJbxAPDrYkL6eKBsU_6kmQCXxN84RoOQa_a2qHJZcGBL0s_-n2_MLeTsIf6ENYvYZrMCr6PDsR2RhVQVOXSXulOwJrESsD5gP9U2SSzkIQ11uxmSpm5gSxkbkp1vu-p2vFw5L1OHLUXcXCVt9gH6KEGiI-5V22T_T-Pvd1Ew732YvcYSOmxVKwKa-ehp1M0BNItgXYm4f8MMceTf-2wEOBpZ1m4NdEg7Re0q9cptn1lVVF9FdccpA1GSmBkUbo-iBfIrUzioyZWWY0TMIb8HWJgL2l0_5I_gU-Skl4dape1n4nXPEGlKmJuaUJvBQ2Obl2ltrRMjxDZ1b8WiSR3cVOU4QQKTTmERxDGicBiWeH7l-ZvwLVk7soc5OPYJJhcpGyfTp1HJE73G3oipOYLse3ns2j-pc2gVhdAdD7ezAJ3TT_vyOAwrsWCYfnnRiJaO3plwO3iNujyKJ_JhAWkOsvaT1hC6Usz_FhDWb-dELXEfG8H1DvgH82OtRdu7TaVN8gfjF0Odp6x3IkW5ieTtB6kXaY62yHYOVenM-2SBog3PdSqMduCRJKgzqf8_U9N6_yBeGz9aZbZKeFltNyRocUbdX8-k4sTvtye4zlwTJLtLRSu3DxqJtWus1ODumleaRwVXOLLMoMwp8M1eitHzrFFDG8tyZgRxcgjF7aoZdlEjZT27Hy34fuk9gGPEMQKOYWVtXIlGqDjrIiAuwu6gG72tXEPsStN0jb5jPOxosXThyi9kwZneXbIXgKsquDKLFHS1aOZ63h6mzA1mHLsIW071f9dmqKetAwOdJEDl782S5MLTuHJgRrRISQWtQmDI2i3CNuF3ReHPsc2YoRJZ73PvsUhD01gPFzJCnjVqtDGa_RvIzVC-zwpb4UTJOhbmXlh0uRmJF8ti90dKvhjxHh_CTlraX-b92ILqRUJ-oNZSs3FeuJ24VilZ-mlLeXIDmYpXY3xPNSKEZB-48t2Ut1jLWGr6rw9fEiuxb9gu8GEkr9BYE72bldIWYmlTWWW3voIts4wvMj0dTMpo8GOqUvWxECusOGLwZ7TH6suIghNOkSTTW7shtJMy76_WcoQazi9GCH_00Lis0VnMUqlm7uVsrWXrXiD2ds7YZsZj1Zoj8zO5vSNDZT_LK71n6IPdAEaFIAbRYP6LdcjvTiA1cOKPJoUMknxmgwha69XqahHr6Nvm_HB5RoyXM38SpWZJDDCln_WeZyak0_4s0JhgOXhoDsYtr_WAAun9prHTZZGYzwIoBmBzDB52neil6xCMRKcKIZag7-joB40KqH3-XdOpR-u4MqD9h-VhbKCe2PPamnacVAgzJpEPx6eqc06reSQGgEFTMI42blqjABk_aAaGzQc7TFJNQnJJLcATCb9MfHAEnr2Dd6sKNdkqlcIvj1ZVfD7a2nM43VjtjICgsZQ4_RPHk0rsWtUrD0l_II-JIZOVSe4yWMJmeyx5jYa2BIkBvNjVsVmhJGCw_ALDpjc87uWqmJRPth9vxDlDqWKNgNR9dEBoPUTOm7KbSAp-0plPedS2eX6CoW46q5P_6bZtYrT6ci0aGQaypQ88PebcVPa8LpvnAxh6RJPjiyi5td0lTOk82OzXqiEDdRnRvhHyVf-7GeI5g_XmmwsjdXCFdXDpH6Ols3kQ2ZQOsvN6x2Qb1ym2UnuzyndgnEzxzKp8pSUSMYCG-10w4cTxfzJkCdQmeqORfd2TD3tKCbwONDGVD9jViFDBtuxbgDQ1CyFO8-YTn2aQ_0e63gsDlRDwHNKRQChEBamJPTRygrdA8eTLPGmUWK2mgaTuz5_lySPs-P18wRX6-pIh0ooPbtFzAVQKjoATWznms4v5oIes4-4SdbbmBH9ZZJ-8wCTZ21xhUm1MfAoeuX0GeejSEgXCgF4Z8NV1ZogOG8QxjwhKqOEqN7RF9KMjlZUUmfO-6kerWQXjc2WqutokBHz3pzxM8-7Dam8RU6vMw6pJnzmOLQqbiQ5kNCYBVLEXhPzOztP-HydcNamvPF4kM6BZgoCMQ_jIvc6RF8qarsmX_NRH0EfEudzqL19uMIx8DES-kY2kraeQ0VqSh4g_qeCQr2ajDgBG2jGP3Ez6Y13Hztaq1KJKLAWwXJHvBnirDMa9YduDAbSpiqDIbaIxtLTKa2g3TnYGlEkDwnteU-JUslfxHCg6bFgT3ZEVWVjajTAu09tsWI8zNLKd7opYCWtyCnbAy7eZzHaVDlBgftmGDjRi05zpGqYQnb7iEIkEBZXCX1xua55Qm_S-LW11hh1lPNpv6MgkdTWwNkt8Qb7GURo4651gl1eYE1AIqxo-XmeHPCbEio-w15l5tR9D6Y-70CVdcVA4zfdHHXgVkdSUjvlG-9ubd2FnnA0SGvUcMt6Oq0Tyy9BO0d3EDxwWmYrAp62bwCnK2tP0hfSn6qolpuchYy2UBMHex6IsKiPh05AaYOL3GI1dl_NtYF8jz2lMPHHnDW0ABIy8PcOv-OpMKCUmUaGnHaKOxR7F_52hu7EeCpkDRA2V6_wdhqE-TvOsCZrgeoymeAeAXKro_Z9cx2WGbESAi2mI4CDmFbeH9IU6KbyQcf8vNU_3_p9do8CGx4aO6ny0pAfOJR8f5xkELkqJSnu2q87Q19jY8B0EWwrJhMrYQHLVJImU6hBg&cid=CAASEuRoau1IsrAIdrlowCbTMsoeDg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:29:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame C418
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKZHTcilbGU95rxS6yUu_XHMrXOcAOn8PnVOsVJvRmjZz4W_49K-WaHLJOfkBUGKy4iW19ZM_s-L2V-_08ldC-HsyLNQ&cry=1&dbm_d=AKAmf-Bb5pQiZKtkf97T9Ls5ydUZD77ExlJ9iLYNyjook_uY2Smw_Nn8HbXlwxG86Gom1Iv9sd5OCXpncBgPJgXJ0wWu9rzIhHNNPJ2aUJf6jt0szE0ISQQnpKD-NiWVDnRw_Zt3rY7kZoOB889NNRPR8bCWuOduTGJYMrWXvyuqAfccJWqSdv9tbq7IA9_7fmPnl2tBukBprMLNhTR74efqovmYz3q-u6yhJ96_Mrd1kTz_HZEnhMlWqKaZQn8BuNHSleOPEo0HBlvLPrqWvMvNE7oda_QE43zhTk2oP-7dgXEDfV3mHULjquyvMEjXrOguIQEn6VdyJbnHlJSEZKDRI-2KH_ccBTS7j2hxxFASoPYX-bWctteRn6jLiQTrPZsqkGNd2Ei4Ar0GzCPZjSzcADMASI5PcjV5RyVuTJ4IJamN7pOOK-pc7-leueRdjrb5cJsZ11YC2A2HGUVW4BCe9GmAFLwEDlsLXXJbDqlO9LMun2pUKU6_KqQfbhJG3kSO8xIabDlXKp2tSh-kJSwpqg2VbZArHXEQ2P_8thr9DBLHBSU2QwQZ73u-lsxBkxOrj8UldSSZsi1oZgZA2oonGyskV86PBUNpInXd9YCSSsN_v3mgXy6Er5y6j1Hn7a1-AZ3feMwWzjM5Ma_hO-FXuyKSMBOQnrXamCKRPJbxAPDrYkL6eKBsU_6kmQCXxN84RoOQa_a2qHJZcGBL0s_-n2_MLeTsIf6ENYvYZrMCr6PDsR2RhVQVOXSXulOwJrESsD5gP9U2SSzkIQ11uxmSpm5gSxkbkp1vu-p2vFw5L1OHLUXcXCVt9gH6KEGiI-5V22T_T-Pvd1Ew732YvcYSOmxVKwKa-ehp1M0BNItgXYm4f8MMceTf-2wEOBpZ1m4NdEg7Re0q9cptn1lVVF9FdccpA1GSmBkUbo-iBfIrUzioyZWWY0TMIb8HWJgL2l0_5I_gU-Skl4dape1n4nXPEGlKmJuaUJvBQ2Obl2ltrRMjxDZ1b8WiSR3cVOU4QQKTTmERxDGicBiWeH7l-ZvwLVk7soc5OPYJJhcpGyfTp1HJE73G3oipOYLse3ns2j-pc2gVhdAdD7ezAJ3TT_vyOAwrsWCYfnnRiJaO3plwO3iNujyKJ_JhAWkOsvaT1hC6Usz_FhDWb-dELXEfG8H1DvgH82OtRdu7TaVN8gfjF0Odp6x3IkW5ieTtB6kXaY62yHYOVenM-2SBog3PdSqMduCRJKgzqf8_U9N6_yBeGz9aZbZKeFltNyRocUbdX8-k4sTvtye4zlwTJLtLRSu3DxqJtWus1ODumleaRwVXOLLMoMwp8M1eitHzrFFDG8tyZgRxcgjF7aoZdlEjZT27Hy34fuk9gGPEMQKOYWVtXIlGqDjrIiAuwu6gG72tXEPsStN0jb5jPOxosXThyi9kwZneXbIXgKsquDKLFHS1aOZ63h6mzA1mHLsIW071f9dmqKetAwOdJEDl782S5MLTuHJgRrRISQWtQmDI2i3CNuF3ReHPsc2YoRJZ73PvsUhD01gPFzJCnjVqtDGa_RvIzVC-zwpb4UTJOhbmXlh0uRmJF8ti90dKvhjxHh_CTlraX-b92ILqRUJ-oNZSs3FeuJ24VilZ-mlLeXIDmYpXY3xPNSKEZB-48t2Ut1jLWGr6rw9fEiuxb9gu8GEkr9BYE72bldIWYmlTWWW3voIts4wvMj0dTMpo8GOqUvWxECusOGLwZ7TH6suIghNOkSTTW7shtJMy76_WcoQazi9GCH_00Lis0VnMUqlm7uVsrWXrXiD2ds7YZsZj1Zoj8zO5vSNDZT_LK71n6IPdAEaFIAbRYP6LdcjvTiA1cOKPJoUMknxmgwha69XqahHr6Nvm_HB5RoyXM38SpWZJDDCln_WeZyak0_4s0JhgOXhoDsYtr_WAAun9prHTZZGYzwIoBmBzDB52neil6xCMRKcKIZag7-joB40KqH3-XdOpR-u4MqD9h-VhbKCe2PPamnacVAgzJpEPx6eqc06reSQGgEFTMI42blqjABk_aAaGzQc7TFJNQnJJLcATCb9MfHAEnr2Dd6sKNdkqlcIvj1ZVfD7a2nM43VjtjICgsZQ4_RPHk0rsWtUrD0l_II-JIZOVSe4yWMJmeyx5jYa2BIkBvNjVsVmhJGCw_ALDpjc87uWqmJRPth9vxDlDqWKNgNR9dEBoPUTOm7KbSAp-0plPedS2eX6CoW46q5P_6bZtYrT6ci0aGQaypQ88PebcVPa8LpvnAxh6RJPjiyi5td0lTOk82OzXqiEDdRnRvhHyVf-7GeI5g_XmmwsjdXCFdXDpH6Ols3kQ2ZQOsvN6x2Qb1ym2UnuzyndgnEzxzKp8pSUSMYCG-10w4cTxfzJkCdQmeqORfd2TD3tKCbwONDGVD9jViFDBtuxbgDQ1CyFO8-YTn2aQ_0e63gsDlRDwHNKRQChEBamJPTRygrdA8eTLPGmUWK2mgaTuz5_lySPs-P18wRX6-pIh0ooPbtFzAVQKjoATWznms4v5oIes4-4SdbbmBH9ZZJ-8wCTZ21xhUm1MfAoeuX0GeejSEgXCgF4Z8NV1ZogOG8QxjwhKqOEqN7RF9KMjlZUUmfO-6kerWQXjc2WqutokBHz3pzxM8-7Dam8RU6vMw6pJnzmOLQqbiQ5kNCYBVLEXhPzOztP-HydcNamvPF4kM6BZgoCMQ_jIvc6RF8qarsmX_NRH0EfEudzqL19uMIx8DES-kY2kraeQ0VqSh4g_qeCQr2ajDgBG2jGP3Ez6Y13Hztaq1KJKLAWwXJHvBnirDMa9YduDAbSpiqDIbaIxtLTKa2g3TnYGlEkDwnteU-JUslfxHCg6bFgT3ZEVWVjajTAu09tsWI8zNLKd7opYCWtyCnbAy7eZzHaVDlBgftmGDjRi05zpGqYQnb7iEIkEBZXCX1xua55Qm_S-LW11hh1lPNpv6MgkdTWwNkt8Qb7GURo4651gl1eYE1AIqxo-XmeHPCbEio-w15l5tR9D6Y-70CVdcVA4zfdHHXgVkdSUjvlG-9ubd2FnnA0SGvUcMt6Oq0Tyy9BO0d3EDxwWmYrAp62bwCnK2tP0hfSn6qolpuchYy2UBMHex6IsKiPh05AaYOL3GI1dl_NtYF8jz2lMPHHnDW0ABIy8PcOv-OpMKCUmUaGnHaKOxR7F_52hu7EeCpkDRA2V6_wdhqE-TvOsCZrgeoymeAeAXKro_Z9cx2WGbESAi2mI4CDmFbeH9IU6KbyQcf8vNU_3_p9do8CGx4aO6ny0pAfOJR8f5xkELkqJSnu2q87Q19jY8B0EWwrJhMrYQHLVJImU6hBg&cid=CAASEuRoau1IsrAIdrlowCbTMsoeDg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:51:51 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3D81
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
249970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F442
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 15:22:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Sep 2022 15:22:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame F442
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1PQ0VXcoLUSlG9wMqk_kGPWJggeUfAUPCMThv46fecW8o9nZC4-SVDbXMmWHOCnnE-9ejAJeEF-BmtxuAjDcECh2zAQ&cry=1&dbm_d=AKAmf-A76jQgEFUfdFrAr8rKvVi-pDCCkplJ6hpptKQGE1hwzKFShFv0yTCs2rymOyl7Qf-yhpcQ5S_GnWu5gY1iURY6xmVMXrcsz6_q3Ox0wOkeuuwe6IYq1G0StQhnkihWJJSYDoxC99Mu8du3rMWMujDdd1RVruQt_kgPybbqkqmPArUz8X3N5MvjOF6Cfnn5nNnX1LHDq-0TdLR-F4W5NjXKI6qsTuKvfmSDCirSrgx1XWFYrMg6_ykNEexBP58F7lykI50vYy5E6EeV3Nwsrwl529Xd-DD3yW6XKE_hq2eac9_NeptXL0dwqn9bSOioAbVUn2CFaFHs-Ew0_cAJwjIpiIRK1omPWCg1QyAFEVHr9lEWQhXmu0jdddcydN1Nmv9A4QTrqjixF0LvaPpqVE1og9oEDIhK7qNWl2ytOcVsisj_hz3mtV7e-zPx64XPMGeQWEv-M1cgf-a2c4SHvC90S3C_Iwi1jcCZ9I69aShIYgR_NUCixhv6ut8XZLeUEzVqlDO46YxILgJFr1MzifIKgV_iZP_TdwrwG6SfjJeBjLO5uZnJzoNXf7655EKfFDWr8tEoazYcf8X_qOtLv2LoPtsea3lvj42316Se64baP_MgC3nfUTauNeS1UopcFs1ULCQadzMmx6vhNbhUK2AP2FM6l9PU-kJdXmsfnmo5Ifnsn8Itzd2BQCCXBlQAkey80s3fFgnWyHBEyPKf2TV7FQpmKbthq1LmSt7Nz9pYAUDDvmdGEWS1jWpAwBxPB10g3OuExugDZSNDDIGrrneArj9NDy8KszZXskvtkIJN5Ih37wWtokXvKMMMWSWFFnVao9aRg-DreEVMlVurSo7pjZYWfjM-kuoZOuL7lhuUM8cPeySNBi09lqDsONOP5qSXTs91D2hI3I7U1Bwzu-Q_3qOicQYrxGOJ1EXpOg5F4i9c16WAwn0Rl46wEac6P061ms_ntFRvqvn43z2VfTSMlKDA8Tlj7zqV8rOtz9bG-bglSG9diMEqpNTOWi6pRgaJqOtam8TglUWlfjqFI4Zs97m21nHxSB08YlunY9kO0VM0yGwvPRmS_yqeCYZVSpysWUVbmI4yNz3VMo6FjuUTRmOUgJIsHpr3VXFdIj_rGso0yMAA8k3gxVa_xM_KEnbOht60JvWcV58Qr_y-W9aywFoB9HW3KNmgnQqJx2R5KsAbRw0IXqMlcbi_KafHG40NHdzqg32sLpvXoNeDWhBG6UN2aSUQWaZlEtRW7mElj39liP_Cvt-dYMhq9CUkUai__p2_PyCT3acBkW38gVbe8gfiFiV8Hj-pIc_s-HaXQhrUgzgJvmZ_J2TJ9VKum1fzMy-t7Qb3YS7AjcNEIm48Dg4OFvZdYez6dOeugXzBHikavTVuMkre3DVQ2fnftPf9HqnKLm3Zh4p1r71Z5G3Qxyf_89IZpOI6TdwiJgpB8gZ4ua6X0x479oRMZSlIjr0PzbM-1pbLHH25ELztlJjwhRYtjSBgnnXz5BbLme7H1MsIpNhRH-h_o7rYaKkHFzabgZLLLZiLuJ_04jTGKUQd6mNYREKAxJpnd8coxIf-W7HSgDjpCTyEwJMJqpOoSI4Sqvdht_0lITYJJ7yCfu74-J1ogIJEHToYXb3ORlX4oqBB5nhzF1HRr5YNHhFLpywO5G72nUhkWUeuMQYsg2B4IUGMoyzKfZnHVNMoBNU1QYDZuG3gYDInke65duuCA0XKgyV1kj4cfcmMEF2YfniMW9-OppjYN3zLYFf5o0bCsDIjopT_bI9d7oKDK-dIQf_EOZCdZyyzGahXvdYeiw_RcxvIDVkpICUV3TZj9HjwuVTU7wZZgk-Mi3_xLpRndWjUFZL9II1gP7IJ8tFhb4UDGkiKPVrd0ze4Hy9UtgrsYWHI3tC6uqrS1-AI51414tcDm24KcYTBvpkp_fo75KOKI64s9TJaUUOu0-zrXf1oM47IoF7zanhQH6Zl9kBqKQRKn3CL0omieoK5B4F_jvwaD-fvGMCNfZ_7LdilgEM31T5BFrEn9m8blZTClYnXD7h8mW10n3gi1Bap4S7qnJsaOzytwjHK-CTCBgSULN6WSyArCtTo6TxAMituojhfl4M9_kGE7ZBY-Ta8g9TklUbrLu_CBe-bSVM4pcMgjucq0O56wlwF2dUs6UOS7MUUSxloXZ3hg-iUXH0Oxak9XVBG3-TT5WW0qUMPKAp_P52RfouJT_wzwd3y3Tpy0NRwS7jSpz8iDYxIm8AVNWglShmmu8QY80vqlmAyop7VdzrMWEZmrO1Hfyx-wYCJhLlWMDqTRnzWl9yclVzj5HTZ4Ue-FNjEvDLXD1a5A-YDImnB0Bvgk6O5RZbkT71IPKS2uN1g1jmyBT7q-Gq94PegPeBx_BaWAHrgY-U33E8IjSPSJIAUM93dytyzyng0pS2QqJ509WviDYeeKCoEjlWSNNorjkdMiR4TsDfUitWojP-Zv86KVA9IhK2q1foFqfEBus-AuNtb-7RsxQak6zASzihrJ1KcnlWi9zLOk4LWGp1hy7wWqggGFpL1YTBKeGzM_VKuRRav69x61-g5zlFdhK_B4c3ZK9aY1_vaLx1RskWhUGbxx9HvQ4lrAMrllWGzfeKyya3CKM2OvMHEkDSFAe6e0SnPItCXD2DljXdmJovut5tIBfrfbAZkn5os75RJV3n7A5zRFcZ9Fb3zEuBw8bLEkPUZTUjVJYsS5z9x2Lli14YaxyrDTkv-9rBKPQkWjklSuqdaG45zp7ZkAQcg2qKgitaOjbB66X9_eUajGB9U-neeMAqrhW7_2vIbj3A9mwB9sP6HWcZWnPB72_V9Q5A14TRF3vR3ObskEaN0-NfiN_wXz_C9r0gQNpDncrF59Q_ty8d_FoRiskWCWw9GWBC30fj6Yms-Gh9j0jIkRxduCzwv7Oy-qu5bE1uxf5hJE_pxGE4vNSscJSbptOMIHnEBFNwSiWVKa05yIwgcJXxj24zmk4thpL7UMTj3g_yRku4EeBEtMmPo8O_kTcIkBntDQyM9K7rH_JoNtN_QbAR5-C6-md2p5feGkbaEJBFmuTtOgpF10ChM2_GobZYTbYv-335afMQgEa3HFguRsdJ29gTGwqr048i70gNb34TVP_5vN1azuPt2Wvj5uv6cZKt6RtxPuRAkAjwqh7iK4vew4XTshtcWKLDIR5BIX4bsVPngdffyc-r-FAQpK0oSaSD_P_f7JH1ciCbbTkcVFij5Nsar-r8oXGGR5H5V0WFD3aFj-4u9AcnkKwD-QkqpXMPeWpzEYZmU5qAE1jhJuXedhJIJwpDk4PMMxObw1sWNOWUlfuCD&cid=CAASEuRoDSBBABlSOfLlCltlAVu2fg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:29:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:29:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame F442
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1PQ0VXcoLUSlG9wMqk_kGPWJggeUfAUPCMThv46fecW8o9nZC4-SVDbXMmWHOCnnE-9ejAJeEF-BmtxuAjDcECh2zAQ&cry=1&dbm_d=AKAmf-A76jQgEFUfdFrAr8rKvVi-pDCCkplJ6hpptKQGE1hwzKFShFv0yTCs2rymOyl7Qf-yhpcQ5S_GnWu5gY1iURY6xmVMXrcsz6_q3Ox0wOkeuuwe6IYq1G0StQhnkihWJJSYDoxC99Mu8du3rMWMujDdd1RVruQt_kgPybbqkqmPArUz8X3N5MvjOF6Cfnn5nNnX1LHDq-0TdLR-F4W5NjXKI6qsTuKvfmSDCirSrgx1XWFYrMg6_ykNEexBP58F7lykI50vYy5E6EeV3Nwsrwl529Xd-DD3yW6XKE_hq2eac9_NeptXL0dwqn9bSOioAbVUn2CFaFHs-Ew0_cAJwjIpiIRK1omPWCg1QyAFEVHr9lEWQhXmu0jdddcydN1Nmv9A4QTrqjixF0LvaPpqVE1og9oEDIhK7qNWl2ytOcVsisj_hz3mtV7e-zPx64XPMGeQWEv-M1cgf-a2c4SHvC90S3C_Iwi1jcCZ9I69aShIYgR_NUCixhv6ut8XZLeUEzVqlDO46YxILgJFr1MzifIKgV_iZP_TdwrwG6SfjJeBjLO5uZnJzoNXf7655EKfFDWr8tEoazYcf8X_qOtLv2LoPtsea3lvj42316Se64baP_MgC3nfUTauNeS1UopcFs1ULCQadzMmx6vhNbhUK2AP2FM6l9PU-kJdXmsfnmo5Ifnsn8Itzd2BQCCXBlQAkey80s3fFgnWyHBEyPKf2TV7FQpmKbthq1LmSt7Nz9pYAUDDvmdGEWS1jWpAwBxPB10g3OuExugDZSNDDIGrrneArj9NDy8KszZXskvtkIJN5Ih37wWtokXvKMMMWSWFFnVao9aRg-DreEVMlVurSo7pjZYWfjM-kuoZOuL7lhuUM8cPeySNBi09lqDsONOP5qSXTs91D2hI3I7U1Bwzu-Q_3qOicQYrxGOJ1EXpOg5F4i9c16WAwn0Rl46wEac6P061ms_ntFRvqvn43z2VfTSMlKDA8Tlj7zqV8rOtz9bG-bglSG9diMEqpNTOWi6pRgaJqOtam8TglUWlfjqFI4Zs97m21nHxSB08YlunY9kO0VM0yGwvPRmS_yqeCYZVSpysWUVbmI4yNz3VMo6FjuUTRmOUgJIsHpr3VXFdIj_rGso0yMAA8k3gxVa_xM_KEnbOht60JvWcV58Qr_y-W9aywFoB9HW3KNmgnQqJx2R5KsAbRw0IXqMlcbi_KafHG40NHdzqg32sLpvXoNeDWhBG6UN2aSUQWaZlEtRW7mElj39liP_Cvt-dYMhq9CUkUai__p2_PyCT3acBkW38gVbe8gfiFiV8Hj-pIc_s-HaXQhrUgzgJvmZ_J2TJ9VKum1fzMy-t7Qb3YS7AjcNEIm48Dg4OFvZdYez6dOeugXzBHikavTVuMkre3DVQ2fnftPf9HqnKLm3Zh4p1r71Z5G3Qxyf_89IZpOI6TdwiJgpB8gZ4ua6X0x479oRMZSlIjr0PzbM-1pbLHH25ELztlJjwhRYtjSBgnnXz5BbLme7H1MsIpNhRH-h_o7rYaKkHFzabgZLLLZiLuJ_04jTGKUQd6mNYREKAxJpnd8coxIf-W7HSgDjpCTyEwJMJqpOoSI4Sqvdht_0lITYJJ7yCfu74-J1ogIJEHToYXb3ORlX4oqBB5nhzF1HRr5YNHhFLpywO5G72nUhkWUeuMQYsg2B4IUGMoyzKfZnHVNMoBNU1QYDZuG3gYDInke65duuCA0XKgyV1kj4cfcmMEF2YfniMW9-OppjYN3zLYFf5o0bCsDIjopT_bI9d7oKDK-dIQf_EOZCdZyyzGahXvdYeiw_RcxvIDVkpICUV3TZj9HjwuVTU7wZZgk-Mi3_xLpRndWjUFZL9II1gP7IJ8tFhb4UDGkiKPVrd0ze4Hy9UtgrsYWHI3tC6uqrS1-AI51414tcDm24KcYTBvpkp_fo75KOKI64s9TJaUUOu0-zrXf1oM47IoF7zanhQH6Zl9kBqKQRKn3CL0omieoK5B4F_jvwaD-fvGMCNfZ_7LdilgEM31T5BFrEn9m8blZTClYnXD7h8mW10n3gi1Bap4S7qnJsaOzytwjHK-CTCBgSULN6WSyArCtTo6TxAMituojhfl4M9_kGE7ZBY-Ta8g9TklUbrLu_CBe-bSVM4pcMgjucq0O56wlwF2dUs6UOS7MUUSxloXZ3hg-iUXH0Oxak9XVBG3-TT5WW0qUMPKAp_P52RfouJT_wzwd3y3Tpy0NRwS7jSpz8iDYxIm8AVNWglShmmu8QY80vqlmAyop7VdzrMWEZmrO1Hfyx-wYCJhLlWMDqTRnzWl9yclVzj5HTZ4Ue-FNjEvDLXD1a5A-YDImnB0Bvgk6O5RZbkT71IPKS2uN1g1jmyBT7q-Gq94PegPeBx_BaWAHrgY-U33E8IjSPSJIAUM93dytyzyng0pS2QqJ509WviDYeeKCoEjlWSNNorjkdMiR4TsDfUitWojP-Zv86KVA9IhK2q1foFqfEBus-AuNtb-7RsxQak6zASzihrJ1KcnlWi9zLOk4LWGp1hy7wWqggGFpL1YTBKeGzM_VKuRRav69x61-g5zlFdhK_B4c3ZK9aY1_vaLx1RskWhUGbxx9HvQ4lrAMrllWGzfeKyya3CKM2OvMHEkDSFAe6e0SnPItCXD2DljXdmJovut5tIBfrfbAZkn5os75RJV3n7A5zRFcZ9Fb3zEuBw8bLEkPUZTUjVJYsS5z9x2Lli14YaxyrDTkv-9rBKPQkWjklSuqdaG45zp7ZkAQcg2qKgitaOjbB66X9_eUajGB9U-neeMAqrhW7_2vIbj3A9mwB9sP6HWcZWnPB72_V9Q5A14TRF3vR3ObskEaN0-NfiN_wXz_C9r0gQNpDncrF59Q_ty8d_FoRiskWCWw9GWBC30fj6Yms-Gh9j0jIkRxduCzwv7Oy-qu5bE1uxf5hJE_pxGE4vNSscJSbptOMIHnEBFNwSiWVKa05yIwgcJXxj24zmk4thpL7UMTj3g_yRku4EeBEtMmPo8O_kTcIkBntDQyM9K7rH_JoNtN_QbAR5-C6-md2p5feGkbaEJBFmuTtOgpF10ChM2_GobZYTbYv-335afMQgEa3HFguRsdJ29gTGwqr048i70gNb34TVP_5vN1azuPt2Wvj5uv6cZKt6RtxPuRAkAjwqh7iK4vew4XTshtcWKLDIR5BIX4bsVPngdffyc-r-FAQpK0oSaSD_P_f7JH1ciCbbTkcVFij5Nsar-r8oXGGR5H5V0WFD3aFj-4u9AcnkKwD-QkqpXMPeWpzEYZmU5qAE1jhJuXedhJIJwpDk4PMMxObw1sWNOWUlfuCD&cid=CAASEuRoDSBBABlSOfLlCltlAVu2fg&rfl=2%2Chttp%253A%252F%252Fzdorovia.com.ua%242%2Chttps%253A%252F%252Ffile.adpartner.pro%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Sep 2022 04:51:51 GMT
pixel
cm.g.doubleclick.net/ Frame 778B
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOOn63DHp-2lg8F2k6yUTgE&google_cver=1&google_push=AZmPxg_IJKXikZzmeodUNkTHcb3bnpcIYaxoSUqSQvrrHHSi6yra32NrEl...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_IJKXikZzmeodUNkTHcb3bnpcIYaxoSUqSQvrrHHSi6yra32NrElC04a31G5m4CIomaGDiqd5fzm_l1XaZL7QrxMHAqw&google_hm=fczD8cWTRSmqIp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_IJKXikZzmeodUNkTHcb3bnpcIYaxoSUqSQvrrHHSi6yra32NrElC04a31G5m4CIomaGDiqd5fzm_l1XaZL7QrxMHAqw&google_hm=fczD8cWTRSmqIp5tFUwNmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg_IJKXikZzmeodUNkTHcb3bnpcIYaxoSUqSQvrrHHSi6yra32NrElC04a31G5m4CIomaGDiqd5fzm_l1XaZL7QrxMHAqw&google_hm=fczD8cWTRSmqIp5tFUwNmw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 778B
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESELeZGNe1usFeiQg6Lwxqthk&google_cver=1&google_push=AZmPxg9X8sgnyJc8WA4jC5mNn-OMlc_4TY4jBG0mr6NvjIMyC5G2cyfJ45PlSgpRBkAK3E6CAcD2HRBuBvlpSZs7UHjsaSsa
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9X8sgnyJc8WA4jC5mNn-OMlc_4TY4jBG0mr6NvjIMyC5G2cyfJ45PlSgpRBkAK3E6CAcD2HRBuBvlpSZs7UHjsaSsa&google_hm=Q0FFU0VMZVpHTmUxdXNGZWlRZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9X8sgnyJc8WA4jC5mNn-OMlc_4TY4jBG0mr6NvjIMyC5G2cyfJ45PlSgpRBkAK3E6CAcD2HRBuBvlpSZs7UHjsaSsa&google_hm=Q0FFU0VMZVpHTmUxdXNGZWlRZzZMd3hxdGhr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg9X8sgnyJc8WA4jC5mNn-OMlc_4TY4jBG0mr6NvjIMyC5G2cyfJ45PlSgpRBkAK3E6CAcD2HRBuBvlpSZs7UHjsaSsa&google_hm=Q0FFU0VMZVpHTmUxdXNGZWlRZzZMd3hxdGhr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 778B
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEF-UxHicYPJXssV7i6mDr6U&google_cver=1&google_push=AZmPxg904RZH0TeZYQgp4a3akFVCyhipDwb_AjN8uWjAbgjvWwODFrifoI1TY8h9oyLaLrn7WQq3hogXfq14ZVDvchDM3Nc2jA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3hrc8uki4lif3ap1dc3laq2pakgn8l2i
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 778B
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJCUdlVjz4DHgR0FnEDcXcY&google_cver=1&google_push=AZmPxg9T9qGsMT5Jf3ofYCTNMrsJiKd_cSF3LFmAfiR3eoKZev7UrJaeL2wfVgHeUiz3vwixqmR22A5Vb4z3kL8s1-ksMcZD_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 778B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKJT4YAJtVJ-i_lpHyr_5V0&google_cver=1&google_push=AZmPxg87Cv7ll0hPEFwqHarmjGFgszSvZMd4fC2dePfwuPDu47B4uFq2DZVwfzhISx1YBDE0Aru...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0MEdHUzItMjMtMUoyRQ==&google_push=AZmPxg87Cv7ll0hPEFwqHarmjGFgszSvZMd4fC2dePfwuPDu47B4uFq2DZVwfzhISx1YBDE0Arunss-tW0O6nizvZsipCzklCA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0MEdHUzItMjMtMUoyRQ==&google_push=AZmPxg87Cv7ll0hPEFwqHarmjGFgszSvZMd4fC2dePfwuPDu47B4uFq2DZVwfzhISx1YBDE0Arunss-tW0O6nizvZsipCzklCA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0MEdHUzItMjMtMUoyRQ==&google_push=AZmPxg87Cv7ll0hPEFwqHarmjGFgszSvZMd4fC2dePfwuPDu47B4uFq2DZVwfzhISx1YBDE0Arunss-tW0O6nizvZsipCzklCA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
cma
dsum-sec.casalemedia.com/ Frame 778B
43 B
498 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEAWQlR7kvValOTwekbD6D8I&google_cver=1&google_push=AZmPxg-IKU3RoODb2B38g3qq10ExEk_rbzh97NU8GnZY65H1XYkj8wutjckiVn80s_3wQv7dIzTLGzvTMCccOjX8d-SEXF9oiw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqeE0d5hgr9vHbyN4qJPmNyF68K42tJaQfOg%2F%2BG11%2B5tz8g%2FRHpMudZqT7609MOWWOF8jTpioiUizmOGG56mLea3iDErZHCKtNQqnHpU6wG54kL68f8NnrnbV4c%2BpnyW9mr6k4%2FKtgG%2FZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
74b707ae48dbdc67-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 778B
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 778B
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJ21_9nP7uxoy2JQRKID1ohjN1dJmdBtqQxy7tK16TSDKUc9h9GiUIDd7mI_tiOkK1_rZw-A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 568B
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7cd1812d15b5a9fd9803070f2ec92cb1e375e69a7aa318682c7bf4ee90d424d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11251
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2415
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
249970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
creative.html
s0.2mdn.net/sadbundle/8757864584733261824/ Frame D08C
1 KB
473 B
Document
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4317cf568ce364f433b3d3654bd15634c4e32ab44c4691b3ae41bbde15ae2b7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
445
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
expires
Sat, 16 Sep 2023 04:58:57 GMT
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9D20
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9Px56nI0gUsOfDqIzbisbznp6CcVBCtK_0Xi8fRoY57nbwigP4-6JMDd6dlLoeU5j0RIeFHoYUYT0r_WJIldjxDphQl1DfCJBgtofkCWRaGl9UhGgxrKyFJixgGPwQ4MvtyTKmzhAUXnp3EKqBHgdHhtJdnuq6hPHqbq3VtF9R3MaDffHY9zIc4TD7T02AVzNqX6M377n3ILf3JObyZp7xMtz6mahGreiVvgFwza0XzAQJ2C1RstScwqbgcOt4al_C89veJlM4sn5CtlPKxTYmgcYBJbu0Ar8gX0s9MQZUs0uxI3Ptwyq8VwHTO9ECuh1XvJBrV9LM6fzV9JrVJvOdIlLEKAUAPGnRf4gZmZKyDelZBGGdsGIidQQSmrNmDCo-kM_UBMciDMNXJfa_5gtUomAUhI_jtbNxy2IKD2gK3Hm7OMHdwZ5UeQDjMkkU6c69srcqDW4xQfH8b6bN_EmGW_TdCul4aKn7vFZGbG4E-NY4wDTqRWeX2Xoup8x4uK758sqnFiSZ9BeosXWdH0jAQug831dUO_Ho1JoBCWjp8seCouxPIZQOxRbi3fVaiH0067FPDDNF3P_0v3_YxzLjNEPZR20MZpEW-OExTVtXaSk09v40BsaQFU7tr_xt88ySAxmeGn2XtFNkhfWA_-7pPengP23C9LDUl9IUkuL0oquQ_OC5ZHQePF8FgWc3E-WP2Ib-bHLbZ6qWUObxCohQZ21PAHT6f2-2jL4xag9CkqderfELHcHymKDC7uIaWqm56dVgkvpR7U6V56ziM0Mr0C-NlfzDvQXE-btd43gdK5g8ZBmYW8tYhWl_h4dI1P9_ec731O02CeL0w_4vWOjq8TV7u189T1TjOvH7Zg15xgdQ1dTJFASvajmkf8b1rpUq-_z31oCudVEu3uAZrSX9RufC7iuTyqvFQHf9k-I14Km2wLCu6cR7LKLAkupvwm-9yY5dXYCyzBf-cz26yufLsH4qvcm6-nQFJmExquFteSTsYjpIWcAmXLyTUk0mkcs-gjlLX_2uTRnEPTtxyNo02boxQb_BAoGNsKQFMUgZXLybwdCp_i3HzyXqYsyxJc4a_3WM3VIaDERP_VrX89aOp52Vd8jftRarOOhKKIJI_3swpWkeBz7i57q_AkxfPdKlun_u6BVOKP0-zlzn4HrAI8Ne284G5MyCQb7aGReKlcN&sai=AMfl-YT5n0ktrpvTbXJL41grZD7qfso8zDxEnO7jxfw0Li73KY1hpTjy6NBX1uvm1Vw2slu6mvAcnllEIdL7y1AxRpB_VBwVoswYRYgwJA61LdvrkJYoNusacy2HVTQEPRMuptyV1bMkju_1FWatTckUxiN48r_jrg&sig=Cg0ArKJSzDioAuM-jqoLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=341&cbvp=1&cstd=334&cisv=r20220914.81855&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame 445F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOOn63DHp-2lg8F2k6yUTgE&google_cver=1&google_push=AZmPxg-EwStnx7WpS2Sn2mrlC9Z7woCIXqLBfhtuT4zKvspiPjVTLPVuQL...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-EwStnx7WpS2Sn2mrlC9Z7woCIXqLBfhtuT4zKvspiPjVTLPVuQL6T69m29XbX89gVcBDagzIx4kZmhAfxPlSei01uiJ0&google_hm=fczD8cWTRSmqI...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-EwStnx7WpS2Sn2mrlC9Z7woCIXqLBfhtuT4zKvspiPjVTLPVuQL6T69m29XbX89gVcBDagzIx4kZmhAfxPlSei01uiJ0&google_hm=fczD8cWTRSmqIp5tFUwNmw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg-EwStnx7WpS2Sn2mrlC9Z7woCIXqLBfhtuT4zKvspiPjVTLPVuQL6T69m29XbX89gVcBDagzIx4kZmhAfxPlSei01uiJ0&google_hm=fczD8cWTRSmqIp5tFUwNmw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 445F
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESELeZGNe1usFeiQg6Lwxqthk&google_cver=1&google_push=AZmPxg_W_dwoUnulV_xeUR6b1iWjBEZK4xUXwyAmOAyLiue5O_rm9D1DN-41if18XbUp3DeN_85ieKHoLpLNfAoRUttu51lRKZQ
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_W_dwoUnulV_xeUR6b1iWjBEZK4xUXwyAmOAyLiue5O_rm9D1DN-41if18XbUp3DeN_85ieKHoLpLNfAoRUttu51lRKZQ&google_hm=Q0FFU0VMZVpHTmUxdXNGZW...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_W_dwoUnulV_xeUR6b1iWjBEZK4xUXwyAmOAyLiue5O_rm9D1DN-41if18XbUp3DeN_85ieKHoLpLNfAoRUttu51lRKZQ&google_hm=Q0FFU0VMZVpHTmUxdXNGZWlRZzZMd3hxdGhr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Sep 2022 04:58:57 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_W_dwoUnulV_xeUR6b1iWjBEZK4xUXwyAmOAyLiue5O_rm9D1DN-41if18XbUp3DeN_85ieKHoLpLNfAoRUttu51lRKZQ&google_hm=Q0FFU0VMZVpHTmUxdXNGZWlRZzZMd3hxdGhr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 445F
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEF-UxHicYPJXssV7i6mDr6U&google_cver=1&google_push=AZmPxg98uUfHcpKe3tTm8lHu1twm6DEmY0p8VGeD4EsJR66G0NzuFES3j4PA5-JcaOl9b_5d3ZG-jMoTQrsHoQIsLad4SYEP1bA0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
sbpqtm014ru7j8ufqm4nv6m5ij4v2il0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 445F
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJCUdlVjz4DHgR0FnEDcXcY&google_cver=1&google_push=AZmPxg-HUXNkKhwHAk4QzOFaR06CShs3MpvgQK5dctjemVQZJLD-8zV3cCOH6Pqz0ECh7rg0Mgcl7tlS8qKu4LTGW_ZJU0u6tOAe
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 445F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKJT4YAJtVJ-i_lpHyr_5V0&google_cver=1&google_push=AZmPxg9dT2389vXM1ZP9Z6yY8sgJaekm2RzVkKCnHhNtmfDv386CuJ_6LR1NABFyq98qnkH2heW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0MEdHVEktMVktQ0JMNQ==&google_push=AZmPxg9dT2389vXM1ZP9Z6yY8sgJaekm2RzVkKCnHhNtmfDv386CuJ_6LR1NABFyq98qnkH2heWlAvIwk6GhwUFxo_2Zhahqarx6
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0MEdHVEktMVktQ0JMNQ==&google_push=AZmPxg9dT2389vXM1ZP9Z6yY8sgJaekm2RzVkKCnHhNtmfDv386CuJ_6LR1NABFyq98qnkH2heWlAvIwk6GhwUFxo_2Zhahqarx6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg0MEdHVEktMVktQ0JMNQ==&google_push=AZmPxg9dT2389vXM1ZP9Z6yY8sgJaekm2RzVkKCnHhNtmfDv386CuJ_6LR1NABFyq98qnkH2heWlAvIwk6GhwUFxo_2Zhahqarx6
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
cma
dsum-sec.casalemedia.com/ Frame 445F
43 B
493 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEAWQlR7kvValOTwekbD6D8I&google_cver=1&google_push=AZmPxg8zWSweQxj4rxM8QK4i4ZfTRza-52RnDYJV7xzxGy9h8S6Q6ZmI3CtG6U3HT5560_tEnKzIsqDoEeD6lz2UPPpLRzM_mAES
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:57 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edeuaJEBIAfWkR5j6%2Fh8LHRYkjhf1XCWqbOhzrNhURxdI9rTx%2FpIL4sjsWSOg6DJVEaI8kbB0u3lPJNqgFtNG6oFQCRLUJaT41xInUPjX2IGAC5sVJTxnvNZTdfwrk2xXSJjCTqaQiCuow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
74b707ae9934dc67-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 445F
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 445F
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxdBN-raV9tzwznbJqK8k0FvgFRUGc_jhXL1m1GBIrxugAqBvFjVkXmJCHpzLK-tLLo-PW9g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=200&slotname=7414118804&adk=132049923&adf=2751417943&pi=t.ma~as.7414118804&w=300&fwrn=3&fwrnh=100&lmt=1663304336&rafmt=1&psa=0&format=300x200&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&dt=1663304336296&bpp=3&bdt=899&idt=380&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=2&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=1437421402&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=270&biw=1600&bih=1200&isw=300&ish=250&ifk=1564989781&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44772488&oid=2&pvsid=2200721137496599&tmod=2085715228&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=132&bc=23&ifi=1&uci=1.z5c68pk4tb60&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
creative.html
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/ Frame 9268
927 B
430 B
Document
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f20c487da288a57a0f215a7913dd47d337d56d69c183883c5b5ae5d82edac8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
402
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
expires
Sat, 16 Sep 2023 04:58:57 GMT
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 84B6
0
64 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucNoICBx-OGG5si6XjfStAQGtiRxb8TiYVpsO5de1AqZ8eM0sxv8kJfI38sYqsfa1OTDsJIkwl86MC3niB2kSy1mLWlzcQImR94sApWhBPv-LN5IKUCzmC8R3DmVSzpxJ5ysJjFEPHMI98V2MRqvcUVyJ40HBq01uaeTM6vFsdis9kEQ7FneBWQbNVNcQppFyNLHPEDpm-QG7W0vg_RQQxaHprBI5ujgoWJiJ2QYWJq451sf1vDkBoxeG0tMOueDKLmtpDhEBAyfA1Ovxuyus2UqRk0XtzZpvDQfbSBxsInRVIh_Repc4m7qqvMWpXi5gmerYG9CsUl4QeKp0u2s3RQktcxjYijiSxYWZVfJt325NACd0ySqYJ--0QaWhNRrhnqThTFgAgjTI8UjkDJqnB4At7-uCtKD87yixZ0tWH4Pd47MZ8lVu9KR_JDjJOIvYRkd87Mk9tp-mj52QPEjRsV6ReCWutRVf_Y50_yU61ZF6kW0_FF5Ug9x0RGC1gadWpN_lxsTom7Eb-KqsCUjq_KdHcQ_VnGX3zbVext8Y0iICw33mqB624TSvEHACWTX9Sjv77d3Z3UMwEt2Om7SDP_SxJehrwFWRxt2qZW2_Wpk_IqfKpZpFu2j10-K4xfZrkcRyGOnrXV2pgIyC5k_PjaQNze7UQbcqTAfMnu4u8yRxSQqBuAb90dmrTTK9ozjdbBm_v5RpOEW21YzixSUT-fipF4FYkOx45_Gnc58i25krEK_It-wr_QvL95NarLxtmPGLlyGD4-oTun7jaR8ZhY70MLFCQfTapAnFRzgqEOmfj3ZLxwKvdP171EvfiNo4V5s14_LVDZYpVEPniH5mIHd8SNqLtSJy-ft3ivt4HU06roVwk5XaqHRJnVoARKI7CyEXfxKSbCZYkdALaLHkQsQCEuGreMZl_z_8nBpSgpvpTl-nBIV6JFh6X2jG4m2r3VxUtJsg_VPUxMQbP-o2TpLf9J1Fg09YV_d853OhItnycJIOB0-hHiXpTbAYcU_6yhusfNhB-gH3250OrOnz0Swz8Y1Ii5uOZ9YMqyBb2woi8BWISR3hKwhWuculHG9Dv9Wiope0ZIzRWp4bNKhUQy2rMRv5Ht-DGjxpXv6AjqjSbXh7HFK8Cuk_bFGHEWqFoDmB8LOXU66jBOjpwtZoUm9rdZ_80N_B6gPbeBAcNi5UagQ&sai=AMfl-YTEnhJlAVp8gBJS821-e-P7Lf-fAw9I65goTlTC4bxQZD4eGzq6bZYFdpyKXXRDjV3kOCvLOZmtAQ4M8lWYW4xSFiwY5ZwhbvzM0ctARmhFY8fIbvNkoF6Qm5_Bsrbl5zcKWkW1eeFq3tfd6u_sd48HAdpQJg&sig=Cg0ArKJSzLRzav3gVyQWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=333&cbvp=1&cstd=328&cisv=r20220914.94793&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C418
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_1&adk=1620915178&adf=2429112191&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336840&bpp=12&bdt=200&idt=214&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&correlator=8219050313230&frm=22&ife=1&pv=2&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=1.qplixlv9060j&fsb=1&xpc=RIQumwvAtK&p=https%3A//file.adpartner.pro&dtd=229
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
generate_204
tpc.googlesyndication.com/ Frame 27B8
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?xgcFBQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F442
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=zdorovia.com.ua_160x600_br_2&adk=1974494150&adf=1045959010&pi=t.ma~as.zdorovia.com.ua_160_&w=160&lmt=1653899014&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fzdorovia.com.ua_160x600_br1.html%3Fcontent_width%3D980px%26background_size%3D1710.5454545454545%26top_padding%3D0%26side_width%3D310%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297845%252Fbackground_empty.jpg%26unit_num%3D1550_1214764331083829%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1550%252F2297845%252F5da022c4-834d-47d9-995b-c38a3c734f90%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%2526hash%253D3f99791fabf2ef55bee6a29f3f2178a0&wgl=1&dt=1663304336855&bpp=2&bdt=215&idt=220&shv=r20220914&mjsv=m202209120101&ptt=5&saldr=sa&prev_slotnames=zdorovia.com.ua_160x600_br_1&correlator=8219050313230&frm=22&ife=1&pv=1&ga_vid=703166733.1663304337&ga_sid=1663304337&ga_hid=592361208&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=1727117145&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069508%2C31069575%2C31068919&oid=2&pvsid=1815264941557681&uas=0&nvt=1&top=http%3A%2F%2Fzdorovia.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=2.6kv2f6u6klm9&fsb=1&xpc=7yk3eWtqdz&p=https%3A//file.adpartner.pro&dtd=224
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 07:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 07:32:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 568B
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:57 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 3D81
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
generate_204
tpc.googlesyndication.com/ Frame 1643
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?dsTxSg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ptrack
a.audrte.com/ Frame EC3D
368 B
881 B
XHR
General
Full URL
https://a.audrte.com/ptrack?arlocation=82.199.130.37&p=M1353665098&artime=2022-09-16T04:58:57.859Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMS81NTQ1M2RlOTdhMTE4Y2U5P3J1aW1kPTEmZHU9aHR0cHMlM0ElMkYlMkZpbnYtbmV0cy5hZG1peGVyLm5ldCUyRmFkeGNtLmFzcHglM0Zzc3AlM0RENTZEQzA5RC1DMzlDLTRCRDYtQkQ3My0wM0NBQjREQTlDNTAlMjZpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=emRvcm92aWEuY29tLnVhLw==
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4ef96e355d5077b87f98641922263428bdd86df939938fd3e283f7a37af10e35

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
264
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0CBF
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
249970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 1131
35 KB
6 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c692a30ba514fd36fdf3aa960d0b027ef22bcc81fa8ae10e531da07dbf5512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2624
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5714
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:15:13 GMT
expires
Sat, 16 Sep 2023 04:15:13 GMT
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C418
0
64 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLP3lYgd077I8l6gWVGAb5PcESP68CpsMvqaiZtxUfde1TFJWzCcRAeD26RFfw9VkYAj9HKmlLmyaCN5_DxjX0uMQ1mJdGC_9P3Xjp1Jk4AsDUtvOEIF2u1SPiPkPhgJxoTvT4fhm6jkJwIM8KyfzAB-QMytXu4TXjBndcGDKLTiH8r3ybTTxmtgNIMnL6VCykmJOk7tdyDTpIDS0l7s0tO52wnEuv1T3tBFXd2elQV7vNO46DMMBCDkIpPe6VQpwegSysH0SPlsrqYMuB1nq8zua6tXerGXPcD_giaNwaoX1x-hBP3aQNGabEkWKUYuePydQoEBjwOVoXqIj00yneuLX1HTJs_gjBPczgcFHY2Al5XXesq1Ni396WxX2345ouuhJkxuLnKL6blJqUvQDzXqj4rxRfzUPZgvzuEHMx8XG0WZzQh2eXIN2TfwpKW-aHlf3ift7R35VoCVYT-416Fue5lbYbWBkZFJZoFgSXYzF_2jEUMU9OSwqprNuFwHH-WFZli3X6ssIH8Qzvuwi-U1tZo5ix63aSvggwN83wxOQlvK_-dxDZqwNePbqX4wBsvxWvMZynI3mzd86lcSBHgGnHuybbi2cCsO5AfAPvwi0fEvB5XShxgePstYKipP8tXOqCVszmWwC0Dv3tk3A3pWbMCb_YbsUNF27IpQzLwGhSOnxBdH9vHB1YILGfeihH7LXqSgqfWIdbF_J5VFNHH2wzYgnLgKKKYJ7XDY0abHNOFLVITgBKfsUXYv10tQtVSmrfDxE7SVshxjIjDLdF-W1WqaGnuoVCnKtPVKMAUH4NiB_GfAKHxSFEoPDmoEZEVOCZszVwUjb7mrgehgT2zl7iKCjohg4Ju0x_Fpcpax_GXr5x24Z29LVVKuTLUFkLmiiKXZyWeeq_QlRvVIXFiUG2vK7GBw79q16Q-5wC6O2HJuPbCbpiXFjT0XdIklaM5CGlD0av60w-TubCexemLwdKQXoObgO4FcyRj6njN7Mm9zYpRWRLjohmHy-Z2H9BWGm3VynzwNrITXLMWx1-yujcfesunOkhNhGAXXmVHoFEY4SlwXmic27ewtyfWFb_TC3bGUkj9s_Kvw29mExd2oimaYTemSczIT1jLbolIOVZxNPXE_aFHEk_laS1OADjzhkL9QlVJg8JwmIRp98kpIZJwssKoOheLkLtUZAiqbN-lhvMbXmLc27f0Rv0GtBmddlbVSwuy3uOHQXKMZyb-RpcBmechEhVWSesb-SU7RxZ0x_Weriz_AwvGTxB49cIeA&sai=AMfl-YQo6RPznf_cu9Sgc5PXSMZHId9mezX_wpk0H7pyXV3ll1oV3j8usFhTS_p0JmrMCV_1USP_C4oK1ypJAY_PdAgmTmgrO3f63MNC1-iMrmnX3yIO9158jVIG4b2mPlMPaAf-v-Jd2sKNQ02Imq2sxcfMd8ATz5tZYNzaO9VIvXaesOIe5KVZ&sig=Cg0ArKJSzCLNwA8wORSoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&cbvp=1&cstd=287&cisv=r20220914.98795&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 4DB1
35 KB
6 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c692a30ba514fd36fdf3aa960d0b027ef22bcc81fa8ae10e531da07dbf5512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2624
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5714
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:15:13 GMT
expires
Sat, 16 Sep 2023 04:15:13 GMT
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F442
0
64 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnTEJk8qROnyk_VU1iXUJ1zxeJ27pLiS6MwXlbaAhOBwQCG0HhndLfdHf1aJLhh5-P2P3lTlmuapg_Bgm786cOL9aYnk0ACNeHMmrOVPHzMKrMXgHXjRxW-_Jrq92yqV0uZ7PiPkcrL1NlzzqCC1R0NK0qyIzWYQAnoGneEJSgcTVv9RaabeZLbwvKltwS3J7QyirwQzJWGfoZsuub4OVYYbq52-Z9rI2jYSKrG3fPPLV6PmjiwR0cecJYs4RJJlrHbiafzL9kH70SF3Ugz-ilmeGSabjhkEZKUIm5JkQQA11XS823Gi-zQj8HR30ykb0EIFuD_-8JKq9pK9p4G7wFsoFXhDVqGYXOUveYuNXDgTcBsOQrgNbHINc3uBq_ri0rB58VD4qNYlov6cwAjxjkgtymtWftsSe3LFoaAHTH5PLyTrnBWpLhIEaEXoOSImK9nZJcw3kg4T37C1ju3CjZ9-WX5e0gZVJHL9YO5pAcRReHlfR6n-wUrRDoiJAxaj74hmbBOUH0hTLd5dLVESjSGcONcdrajaYT6tbvL9-uAP68KEURVJJQRZfrJ9CzxwsSdkFFvOoxCa38Xi1UjFEE1pdICwodHzzoAAOKQxCV2zDV3LmDk4Xf98QHU8X8kwNKN96Jb8oK_bLBJqihziM44tTChlTe0TUNqYeGfOkDQPcCG8Mrl_PFI9SArso2-gKGbtGiGyVhIliTKnX9e795CuDSXSt3iqr5EPOAg0a34le0umvD3SGV-qT9BoP8DeEKylRY6P3vCOqAmAXl3uvvmdPznlMRHlR-t8YuPyho-vg_s7If6yW2NGFBlsGT5R5h3H6srl1ism_9IcszE469Z9WBCsPxUEBqsOulAb3OVxAWJW5-btFGkViCObqO1GuHaFqkV6htmJ01Z2d_s4J5eVALukvGHgCmO1tlFJliOaqTuUUY70gducppTnpHHtViUMh58ksZjH9UOKDnwRaRtxtRhrCu5_IApiTxGPzrIZZqCMRZH_HR-F_O4yi0Ueqor2teHOO05zDeKU51gPUxTlessR8kAldW_0fRMj4gkY-TiK93yRr_jAqP2aR6MpElNMxVELvlP65Mh0qKUXdKCZQwAEGr5Qt4GjowYwrv_hF8hLkQaIoGXMiAC-_8oQn63Rus1A42vB6q8FCplTpzVpMD7qv_8dCwed2br-kiF4dCDBr2xlMcXCcE3qXegem_2KCkJkkPABvF21KlCVArKwYY154L3Rb-tW998WgW5oqvW0UIINuzCOHg8vwzbAhwTg&sai=AMfl-YSB4_K-dKE1tTbFbjyzpODJOMFWIMLW6gw6iZ-pk3XtesqNdELAa3N70iAbVd0MQxrzZFZ1dClr5BTa-CW2GvPV5ZNTpelJRYl3SuY-KE0a-nTfzNOVGE5dWokSlG2TG7x80uF7gWPyKYL-iEk-onP9RkwnrPYtsGZaim9YQewLC5DVF2RQ&sig=Cg0ArKJSzI71-24RE61OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=274&cbvp=1&cstd=273&cisv=r20220914.91251&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 16 Sep 2022 04:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
initial.css
s0.2mdn.net/sadbundle/8757864584733261824/assets/css/ Frame D08C
3 KB
1 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/css/initial.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9961ff8ce61a82e625d8237184b98fed1f2717647e567fab38ea32a49cf42f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1029
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame D08C
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 15:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Sep 2022 15:19:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame D08C
82 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 03:11:25 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame D08C
233 KB
62 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 17:20:53 GMT
initial.js
s0.2mdn.net/sadbundle/8757864584733261824/assets/js/ Frame D08C
17 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/initial.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a87a1c72b2e889b01c62c7093236a5996d011ffef5a5db018a7e4ee78f04cf9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3062
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
logo.jpg
s0.2mdn.net/sadbundle/8757864584733261824/assets/images/ Frame D08C
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/images/logo.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2754
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
spinner.gif
s0.2mdn.net/sadbundle/8757864584733261824/assets/images/ Frame D08C
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/images/spinner.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6841
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
initial.css
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/css/ Frame 9268
2 KB
899 B
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/css/initial.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
284ad04845b7380ab09d988a65a8136842b4a297bd063889b5062f731389177c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
870
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:56:15 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 9268
118 KB
40 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 15:19:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Sep 2022 15:19:19 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 9268
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 03:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 03:11:25 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame 9268
233 KB
62 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 17:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 17:20:53 GMT
initial.js
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/ Frame 9268
16 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/initial.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d08cdad175344acba124ab88b2afbeec7779e8ddf5c9cf456c1133b8885192ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 13:24:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2929
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 13:24:09 GMT
logo.jpg
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/images/ Frame 9268
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/images/logo.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4927978f916c67a75b089f975343a53f686c38f1fc69c11252c2d5c6a1eb1913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:56:15 GMT
x-content-type-options
nosniff
age
43363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2209
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:56:15 GMT
spinner.gif
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/images/ Frame 9268
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/images/spinner.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:56:15 GMT
x-content-type-options
nosniff
age
43363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6841
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:56:15 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 2415
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A8B7
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
336089b26e94a1c9ed6ccb0933a31b0be3620e88f17df76bd98216ef1ee965c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11119
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0945
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
249970
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Sep 2022 07:32:47 GMT
expires
Wed, 13 Sep 2023 07:32:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 580B
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29573
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 20:46:04 GMT
expires
Fri, 15 Sep 2023 20:46:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 871C
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb5447229d4076d8d91ddc1cc95574532bdb8733a41d06f2689a6dc5d915de23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EQsWfcXX7If6rs95nQvgqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-EQsWfcXX7If6rs95nQvgqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:57 GMT
expires
Fri, 16 Sep 2022 04:58:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
45d92f8f595e6f0d29129d0a9e75108b.js
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 1131
89 KB
25 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221064
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25351
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:34 GMT
45d92f8f595e6f0d29129d0a9e75108b.js
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 4DB1
89 KB
25 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221064
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25351
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A8B7
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:58 GMT
p
a.audrte.com/ Frame EC3D
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7243443043593630516
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:58 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 16 Sep 2022 04:58:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame EC3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent=&google_gid=CAESEPykcb4Lrj98PJawEWySFTI&google_cver=1
  • https://a.audrte.com/p
68 B
617 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Server
35.172.39.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-39-147.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:58 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 16 Sep 2022 04:58:58 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame EC3D
1 KB
1 KB
Image
General
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=418s-1YRKShQTKfvIqLP1zFaw&gdpr=0&gdpr_consent=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 16 Sep 2022 04:58:58 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 0CBF
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 0945
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 871C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=3083802158083473&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/getconfig/ Frame D08C
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b89c23f6edff4a12c3ff51c184d20050547784de40e4b7be2f3c6200d8fe2668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5862
x-xss-protection
0
css
fonts.googleapis.com/ Frame 1131
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 04:19:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 16 Sep 2022 04:58:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Sep 2022 04:58:58 GMT
e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e5a4e9e60432da330be3b3d17497a10b1659c15c6bc14ff3799aef950baac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15099
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11083
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1998
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 01:54:15 GMT
acc5c17728f028f57f16718c418461ef.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/acc5c17728f028f57f16718c418461ef.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c68bdf21064ef525d1f6e50a15ac91b19241ae234052e1af638f6779ef774fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3095
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
b7210f500535c8288be2604129e6fe04.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/b7210f500535c8288be2604129e6fe04.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42c696e26e85d04757438b0bf420efd5616a06d2ec2b29509c66a59f2d2c6b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7493
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
632415e511d90bf43f0fcc4f84015553.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/632415e511d90bf43f0fcc4f84015553.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024ffe99145eb57f19b2018afe139a905a511945c76ad69f55424576d3f758f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7405
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
eca40c269a0c0b9d48779f70ba269b13.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/eca40c269a0c0b9d48779f70ba269b13.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
311eb83d5389fc84ab98b996fd9583c0ca158bcde96826dceb72972f90c0a210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3639
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 580B
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e5a4e9e60432da330be3b3d17497a10b1659c15c6bc14ff3799aef950baac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15099
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11083
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1998
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 01:54:15 GMT
acc5c17728f028f57f16718c418461ef.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/acc5c17728f028f57f16718c418461ef.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c68bdf21064ef525d1f6e50a15ac91b19241ae234052e1af638f6779ef774fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3095
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
b7210f500535c8288be2604129e6fe04.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/b7210f500535c8288be2604129e6fe04.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42c696e26e85d04757438b0bf420efd5616a06d2ec2b29509c66a59f2d2c6b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7493
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
632415e511d90bf43f0fcc4f84015553.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/632415e511d90bf43f0fcc4f84015553.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024ffe99145eb57f19b2018afe139a905a511945c76ad69f55424576d3f758f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7405
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
eca40c269a0c0b9d48779f70ba269b13.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/eca40c269a0c0b9d48779f70ba269b13.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
311eb83d5389fc84ab98b996fd9583c0ca158bcde96826dceb72972f90c0a210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3639
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
css
fonts.googleapis.com/ Frame 4DB1
4 KB
666 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 04:04:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 16 Sep 2022 04:58:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Sep 2022 04:58:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36E9
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 20:46:04 GMT
expires
Fri, 15 Sep 2023 20:46:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0153
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d24d15fb3db6eb6596da4bef4cea5d6205cf5d80b519c9dab1085055e4f9cbc9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zGCS-uePIA-A8PvsiVrh6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-zGCS-uePIA-A8PvsiVrh6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:58 GMT
expires
Fri, 16 Sep 2022 04:58:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
um
u-ams03.e-planning.net/ Frame 4698
42 B
103 B
Document
General
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=9d12aa55d264e60e&uid=f480e52263601e65ea80c40c597af449
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D9d12aa55d264e60e%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 16 Sep 2022 04:58:58 GMT
server
openresty
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9268
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7cbb9e69db713c18a156fec645f54d002f1f5627abb2e5ab63f3d5a88601e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5715
x-xss-protection
0
um
u-ams03.e-planning.net/ Frame 66CD
42 B
103 B
Document
General
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=9d12aa55d264e60e&uid=f66c2b0869940a26a878505394b8e720
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D9d12aa55d264e60e%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 16 Sep 2022 04:58:58 GMT
server
openresty
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D81
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSEB_kQIkY6SvDJCY-gaAvanAAgAAAAA4AeAEAg&bg=!7u2l7anNAAZqQh0mSkI7ACkAdvg8WoAQXnQRGdth1h-q2U8aUJ8vztJoAijYndjsdsl_MRHmOmHc3AIAAAE-UgAAAAFoAQeZAteTCbpPpftjFcv8B3dsCuD9q9W--xeWbaodZZKGBVu4hxGXSAsadJHgf1_9UBL9MDIxsYU-laMLLDJbxQ5M4s3jOwK4IRpoogqBZF2sYn3eVlL8wrBwhIDJTpzJ6H0okaw5CHP7NASYNgyKoPWRDK1ZAPeyYlbPXBPD_Tit3k2r_fP4LllbT1K3MiQQqGg0Ny-QasDoL6um3LvupOCzBqK-5_G5lGQ5ubt5E2hIIKpWendXUoW3pT_91vNLlNkGKvRhAWAxdM6sD2E7jMp1EUz2UJ_0TZDxKSLpGJmgOqhPfakVeR9uhs0xDIYfjZyNE7_qnT45XcnYwuXo7bhP1sGu7kv9t5EqpbwOx8jiQLOVSbHE6JwEKT7yWAqYIqjroCmSdKLjTcOr88kcGZ8QyQEYcTDheFkGrwi1mI0krz3a0ZXL7uqsnv64HXb91xtf2LuVcF7ATDFcpUX1GvP0NPbPltE0FOFrgOEMDx8_szGzMeb4mJClcUjs7O2FeXxf-HkHDMYJDP4OdCec_eSWGkrBN0oEaghmL3-io1YIw6NPteIJLyM1M91c0LvzLdyiv0HLpJRp8PRofIL05WULb_poIVPca_uw9FgwDvMjATVhhsu0JL3yjcwoqBQO9Ms_jeR1zFNS3TxAK0Sah989JYfmX-HZD771_DwE6JbztjomAICqrjH5Uw0E6Z0y68sJwuRKilQVJ9cQPUV1fl9Y6pHIUEk6fosb34x30hXva5Z1u6A73wpPRER72UPG7iGruNLFsTDNY4lcHOfDGW_-qwo6ZlTXC-9ZaHQT5K1FSC-PReli5GPOa5kG50hVpkxsr5KqUhwcrx2x_zRxvrvSsfVfDiQMVxe_1HheUGJpE-a6mRwdKDAkxer-0RxX-AV8zzyqtjsW_Nhs9uCTVJpvQhPY0BOivwFRnGVleBrk_7jvQ8LzYhwaWTdMIKPjZJcjxyOkJWkwdDeD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4577254435597104&output=html&h=90&slotname=7553037928&adk=3481491427&adf=2751417942&pi=t.ma~as.7553037928&w=728&lmt=1663304336&psa=0&format=728x90&url=http%3A%2F%2Fzdorovia.com.ua%2F&ea=0&wgl=1&dt=1663304336233&bpp=5&bdt=846&idt=520&shv=r20220914&mjsv=m202209080101&ptt=9&saldr=aa&correlator=3142005123360&frm=23&ife=5&pv=1&ga_vid=821327299.1663304335&ga_sid=1663304335&ga_hid=586776090&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=542&ady=61&biw=1600&bih=1200&isw=728&ish=90&ifk=3879291087&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31067825&oid=2&pvsid=2936807560043403&tmod=806512231&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.sy2kl3m5jou1&fsb=1&dtd=533
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D08C
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9D20
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9Px56nI0gUsOfDqIzbisbznp6CcVBCtK_0Xi8fRoY57nbwigP4-6JMDd6dlLoeU5j0RIeFHoYUYT0r_WJIldjxDphQl1DfCJBgtofkCWRaGl9UhGgxrKyFJixgGPwQ4MvtyTKmzhAUXnp3EKqBHgdHhtJdnuq6hPHqbq3VtF9R3MaDffHY9zIc4TD7T02AVzNqX6M377n3ILf3JObyZp7xMtz6mahGreiVvgFwza0XzAQJ2C1RstScwqbgcOt4al_C89veJlM4sn5CtlPKxTYmgcYBJbu0Ar8gX0s9MQZUs0uxI3Ptwyq8VwHTO9ECuh1XvJBrV9LM6fzV9JrVJvOdIlLEKAUAPGnRf4gZmZKyDelZBGGdsGIidQQSmrNmDCo-kM_UBMciDMNXJfa_5gtUomAUhI_jtbNxy2IKD2gK3Hm7OMHdwZ5UeQDjMkkU6c69srcqDW4xQfH8b6bN_EmGW_TdCul4aKn7vFZGbG4E-NY4wDTqRWeX2Xoup8x4uK758sqnFiSZ9BeosXWdH0jAQug831dUO_Ho1JoBCWjp8seCouxPIZQOxRbi3fVaiH0067FPDDNF3P_0v3_YxzLjNEPZR20MZpEW-OExTVtXaSk09v40BsaQFU7tr_xt88ySAxmeGn2XtFNkhfWA_-7pPengP23C9LDUl9IUkuL0oquQ_OC5ZHQePF8FgWc3E-WP2Ib-bHLbZ6qWUObxCohQZ21PAHT6f2-2jL4xag9CkqderfELHcHymKDC7uIaWqm56dVgkvpR7U6V56ziM0Mr0C-NlfzDvQXE-btd43gdK5g8ZBmYW8tYhWl_h4dI1P9_ec731O02CeL0w_4vWOjq8TV7u189T1TjOvH7Zg15xgdQ1dTJFASvajmkf8b1rpUq-_z31oCudVEu3uAZrSX9RufC7iuTyqvFQHf9k-I14Km2wLCu6cR7LKLAkupvwm-9yY5dXYCyzBf-cz26yufLsH4qvcm6-nQFJmExquFteSTsYjpIWcAmXLyTUk0mkcs-gjlLX_2uTRnEPTtxyNo02boxQb_BAoGNsKQFMUgZXLybwdCp_i3HzyXqYsyxJc4a_3WM3VIaDERP_VrX89aOp52Vd8jftRarOOhKKIJI_3swpWkeBz7i57q_AkxfPdKlun_u6BVOKP0-zlzn4HrAI8Ne284G5MyCQb7aGReKlcN&sai=AMfl-YT5n0ktrpvTbXJL41grZD7qfso8zDxEnO7jxfw0Li73KY1hpTjy6NBX1uvm1Vw2slu6mvAcnllEIdL7y1AxRpB_VBwVoswYRYgwJA61LdvrkJYoNusacy2HVTQEPRMuptyV1bMkju_1FWatTckUxiN48r_jrg&sig=Cg0ArKJSzDioAuM-jqoLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1048&vt=11&dtpt=707&dett=3&cstd=334&cisv=r20220914.81855&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9268
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 84B6
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsucNoICBx-OGG5si6XjfStAQGtiRxb8TiYVpsO5de1AqZ8eM0sxv8kJfI38sYqsfa1OTDsJIkwl86MC3niB2kSy1mLWlzcQImR94sApWhBPv-LN5IKUCzmC8R3DmVSzpxJ5ysJjFEPHMI98V2MRqvcUVyJ40HBq01uaeTM6vFsdis9kEQ7FneBWQbNVNcQppFyNLHPEDpm-QG7W0vg_RQQxaHprBI5ujgoWJiJ2QYWJq451sf1vDkBoxeG0tMOueDKLmtpDhEBAyfA1Ovxuyus2UqRk0XtzZpvDQfbSBxsInRVIh_Repc4m7qqvMWpXi5gmerYG9CsUl4QeKp0u2s3RQktcxjYijiSxYWZVfJt325NACd0ySqYJ--0QaWhNRrhnqThTFgAgjTI8UjkDJqnB4At7-uCtKD87yixZ0tWH4Pd47MZ8lVu9KR_JDjJOIvYRkd87Mk9tp-mj52QPEjRsV6ReCWutRVf_Y50_yU61ZF6kW0_FF5Ug9x0RGC1gadWpN_lxsTom7Eb-KqsCUjq_KdHcQ_VnGX3zbVext8Y0iICw33mqB624TSvEHACWTX9Sjv77d3Z3UMwEt2Om7SDP_SxJehrwFWRxt2qZW2_Wpk_IqfKpZpFu2j10-K4xfZrkcRyGOnrXV2pgIyC5k_PjaQNze7UQbcqTAfMnu4u8yRxSQqBuAb90dmrTTK9ozjdbBm_v5RpOEW21YzixSUT-fipF4FYkOx45_Gnc58i25krEK_It-wr_QvL95NarLxtmPGLlyGD4-oTun7jaR8ZhY70MLFCQfTapAnFRzgqEOmfj3ZLxwKvdP171EvfiNo4V5s14_LVDZYpVEPniH5mIHd8SNqLtSJy-ft3ivt4HU06roVwk5XaqHRJnVoARKI7CyEXfxKSbCZYkdALaLHkQsQCEuGreMZl_z_8nBpSgpvpTl-nBIV6JFh6X2jG4m2r3VxUtJsg_VPUxMQbP-o2TpLf9J1Fg09YV_d853OhItnycJIOB0-hHiXpTbAYcU_6yhusfNhB-gH3250OrOnz0Swz8Y1Ii5uOZ9YMqyBb2woi8BWISR3hKwhWuculHG9Dv9Wiope0ZIzRWp4bNKhUQy2rMRv5Ht-DGjxpXv6AjqjSbXh7HFK8Cuk_bFGHEWqFoDmB8LOXU66jBOjpwtZoUm9rdZ_80N_B6gPbeBAcNi5UagQ&sai=AMfl-YTEnhJlAVp8gBJS821-e-P7Lf-fAw9I65goTlTC4bxQZD4eGzq6bZYFdpyKXXRDjV3kOCvLOZmtAQ4M8lWYW4xSFiwY5ZwhbvzM0ctARmhFY8fIbvNkoF6Qm5_Bsrbl5zcKWkW1eeFq3tfd6u_sd48HAdpQJg&sig=Cg0ArKJSzLRzav3gVyQWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=995&vt=11&dtpt=662&dett=3&cstd=328&cisv=r20220914.94793&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
style.css
s0.2mdn.net/sadbundle/8757864584733261824/assets/css/ Frame D08C
21 KB
2 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1228656137379454ffd580dcc21076f83efc3d34a198902c7d039353596efe22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 16:02:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565009
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2394
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 16:02:09 GMT
jquery.textfit.min.js
s0.2mdn.net/sadbundle/8757864584733261824/assets/js/ Frame D08C
1 KB
681 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/jquery.textfit.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
648
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
nhdynamic.js
s0.2mdn.net/sadbundle/8757864584733261824/assets/js/ Frame D08C
35 KB
6 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/nhdynamic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d74bee7fd7f696f1d12267064500896b813520e0eba8b058c9895e9f13d12130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5646
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
youtubeApi.js
s0.2mdn.net/sadbundle/8757864584733261824/assets/js/ Frame D08C
1 KB
474 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/youtubeApi.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
445
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
style.css
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/css/ Frame 9268
24 KB
3 KB
Stylesheet
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15179e81f131befdd6e603ba3ddca00b8cc4e43aa70583d9e7b41fd56698ebbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 13:24:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2812
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Sep 2023 13:24:10 GMT
jquery.textfit.js
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/ Frame 9268
3 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/jquery.textfit.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b818254dfc983fb2732ecfc54815327606434288e6eb0c0c0b7e8523e14b6c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1127
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:56:16 GMT
nhdynamic.js
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/ Frame 9268
44 KB
6 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/nhdynamic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c599f96659ce07649e90b86b90732f1293b042e212423e7366794ada841d688d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5782
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:56:16 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C418
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLP3lYgd077I8l6gWVGAb5PcESP68CpsMvqaiZtxUfde1TFJWzCcRAeD26RFfw9VkYAj9HKmlLmyaCN5_DxjX0uMQ1mJdGC_9P3Xjp1Jk4AsDUtvOEIF2u1SPiPkPhgJxoTvT4fhm6jkJwIM8KyfzAB-QMytXu4TXjBndcGDKLTiH8r3ybTTxmtgNIMnL6VCykmJOk7tdyDTpIDS0l7s0tO52wnEuv1T3tBFXd2elQV7vNO46DMMBCDkIpPe6VQpwegSysH0SPlsrqYMuB1nq8zua6tXerGXPcD_giaNwaoX1x-hBP3aQNGabEkWKUYuePydQoEBjwOVoXqIj00yneuLX1HTJs_gjBPczgcFHY2Al5XXesq1Ni396WxX2345ouuhJkxuLnKL6blJqUvQDzXqj4rxRfzUPZgvzuEHMx8XG0WZzQh2eXIN2TfwpKW-aHlf3ift7R35VoCVYT-416Fue5lbYbWBkZFJZoFgSXYzF_2jEUMU9OSwqprNuFwHH-WFZli3X6ssIH8Qzvuwi-U1tZo5ix63aSvggwN83wxOQlvK_-dxDZqwNePbqX4wBsvxWvMZynI3mzd86lcSBHgGnHuybbi2cCsO5AfAPvwi0fEvB5XShxgePstYKipP8tXOqCVszmWwC0Dv3tk3A3pWbMCb_YbsUNF27IpQzLwGhSOnxBdH9vHB1YILGfeihH7LXqSgqfWIdbF_J5VFNHH2wzYgnLgKKKYJ7XDY0abHNOFLVITgBKfsUXYv10tQtVSmrfDxE7SVshxjIjDLdF-W1WqaGnuoVCnKtPVKMAUH4NiB_GfAKHxSFEoPDmoEZEVOCZszVwUjb7mrgehgT2zl7iKCjohg4Ju0x_Fpcpax_GXr5x24Z29LVVKuTLUFkLmiiKXZyWeeq_QlRvVIXFiUG2vK7GBw79q16Q-5wC6O2HJuPbCbpiXFjT0XdIklaM5CGlD0av60w-TubCexemLwdKQXoObgO4FcyRj6njN7Mm9zYpRWRLjohmHy-Z2H9BWGm3VynzwNrITXLMWx1-yujcfesunOkhNhGAXXmVHoFEY4SlwXmic27ewtyfWFb_TC3bGUkj9s_Kvw29mExd2oimaYTemSczIT1jLbolIOVZxNPXE_aFHEk_laS1OADjzhkL9QlVJg8JwmIRp98kpIZJwssKoOheLkLtUZAiqbN-lhvMbXmLc27f0Rv0GtBmddlbVSwuy3uOHQXKMZyb-RpcBmechEhVWSesb-SU7RxZ0x_Weriz_AwvGTxB49cIeA&sai=AMfl-YQo6RPznf_cu9Sgc5PXSMZHId9mezX_wpk0H7pyXV3ll1oV3j8usFhTS_p0JmrMCV_1USP_C4oK1ypJAY_PdAgmTmgrO3f63MNC1-iMrmnX3yIO9158jVIG4b2mPlMPaAf-v-Jd2sKNQ02Imq2sxcfMd8ATz5tZYNzaO9VIvXaesOIe5KVZ&sig=Cg0ArKJSzCLNwA8wORSoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=831&vt=11&dtpt=541&dett=3&cstd=287&cisv=r20220914.98795&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame F442
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnTEJk8qROnyk_VU1iXUJ1zxeJ27pLiS6MwXlbaAhOBwQCG0HhndLfdHf1aJLhh5-P2P3lTlmuapg_Bgm786cOL9aYnk0ACNeHMmrOVPHzMKrMXgHXjRxW-_Jrq92yqV0uZ7PiPkcrL1NlzzqCC1R0NK0qyIzWYQAnoGneEJSgcTVv9RaabeZLbwvKltwS3J7QyirwQzJWGfoZsuub4OVYYbq52-Z9rI2jYSKrG3fPPLV6PmjiwR0cecJYs4RJJlrHbiafzL9kH70SF3Ugz-ilmeGSabjhkEZKUIm5JkQQA11XS823Gi-zQj8HR30ykb0EIFuD_-8JKq9pK9p4G7wFsoFXhDVqGYXOUveYuNXDgTcBsOQrgNbHINc3uBq_ri0rB58VD4qNYlov6cwAjxjkgtymtWftsSe3LFoaAHTH5PLyTrnBWpLhIEaEXoOSImK9nZJcw3kg4T37C1ju3CjZ9-WX5e0gZVJHL9YO5pAcRReHlfR6n-wUrRDoiJAxaj74hmbBOUH0hTLd5dLVESjSGcONcdrajaYT6tbvL9-uAP68KEURVJJQRZfrJ9CzxwsSdkFFvOoxCa38Xi1UjFEE1pdICwodHzzoAAOKQxCV2zDV3LmDk4Xf98QHU8X8kwNKN96Jb8oK_bLBJqihziM44tTChlTe0TUNqYeGfOkDQPcCG8Mrl_PFI9SArso2-gKGbtGiGyVhIliTKnX9e795CuDSXSt3iqr5EPOAg0a34le0umvD3SGV-qT9BoP8DeEKylRY6P3vCOqAmAXl3uvvmdPznlMRHlR-t8YuPyho-vg_s7If6yW2NGFBlsGT5R5h3H6srl1ism_9IcszE469Z9WBCsPxUEBqsOulAb3OVxAWJW5-btFGkViCObqO1GuHaFqkV6htmJ01Z2d_s4J5eVALukvGHgCmO1tlFJliOaqTuUUY70gducppTnpHHtViUMh58ksZjH9UOKDnwRaRtxtRhrCu5_IApiTxGPzrIZZqCMRZH_HR-F_O4yi0Ueqor2teHOO05zDeKU51gPUxTlessR8kAldW_0fRMj4gkY-TiK93yRr_jAqP2aR6MpElNMxVELvlP65Mh0qKUXdKCZQwAEGr5Qt4GjowYwrv_hF8hLkQaIoGXMiAC-_8oQn63Rus1A42vB6q8FCplTpzVpMD7qv_8dCwed2br-kiF4dCDBr2xlMcXCcE3qXegem_2KCkJkkPABvF21KlCVArKwYY154L3Rb-tW998WgW5oqvW0UIINuzCOHg8vwzbAhwTg&sai=AMfl-YSB4_K-dKE1tTbFbjyzpODJOMFWIMLW6gw6iZ-pk3XtesqNdELAa3N70iAbVd0MQxrzZFZ1dClr5BTa-CW2GvPV5ZNTpelJRYl3SuY-KE0a-nTfzNOVGE5dWokSlG2TG7x80uF7gWPyKYL-iEk-onP9RkwnrPYtsGZaim9YQewLC5DVF2RQ&sig=Cg0ArKJSzI71-24RE61OEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=817&vt=11&dtpt=543&dett=3&cstd=273&cisv=r20220914.91251&adurl=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 48A3
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f882b91884d56eb2ed330cd73ab06f2560a49faeae0d1eaacb52b2a6c538036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 04:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11257
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297845/ Frame 48A3
13 KB
13 KB
Image
General
Full URL
https://file.adpartner.pro/2297/2297845/background_empty.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297845/zdorovia.com.ua_160x600_br1.html?content_width=980px&background_size=1710.5454545454545&top_padding=0&side_width=310&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297845%2Fbackground_empty.jpg&unit_num=1550_1214764331083829&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1550%2F2297845%2F5da022c4-834d-47d9-995b-c38a3c734f90%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjYzMzA0MzM1LCJzaG93X2lkIjoiNWRhMDIyYzQtODM0ZC00N2Q5LTk5NWItYzM4YTNjNzM0ZjkwIiwiYWRfdW5pdF9pZCI6MTU1MCwicnVsZV9pZCI6MjA5OTYzLCJhZF9pZCI6MjI5Nzg0NSwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiZmExY2Y5NmQtYzFiZS00MGQ0LTg5MjAtODA2OWFkMDg0ZjIyIiwicmVnaW9uX2lkIjo4Niwic3ViX3JlZ2lvbl9pZCI6MCwiY2l0eV9pZCI6MCwiaXNfcmVmcmVzaCI6ZmFsc2V9%26hash%3D3f99791fabf2ef55bee6a29f3f2178a0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:58 GMT
last-modified
Fri, 03 Dec 2021 11:35:48 GMT
server
nginx
etag
"61aa0114-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
sodar
pagead2.googlesyndication.com/pagead/ Frame 0153
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=1509434242826946&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

truncated
/ Frame C418
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b1fbb863d343993c75af940f2054e27dba27ba0293943c3d33ae4a4297a861b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e5a4e9e60432da330be3b3d17497a10b1659c15c6bc14ff3799aef950baac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15099
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
acc5c17728f028f57f16718c418461ef.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/acc5c17728f028f57f16718c418461ef.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c68bdf21064ef525d1f6e50a15ac91b19241ae234052e1af638f6779ef774fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3095
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
b7210f500535c8288be2604129e6fe04.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/b7210f500535c8288be2604129e6fe04.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42c696e26e85d04757438b0bf420efd5616a06d2ec2b29509c66a59f2d2c6b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7493
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
632415e511d90bf43f0fcc4f84015553.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/632415e511d90bf43f0fcc4f84015553.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024ffe99145eb57f19b2018afe139a905a511945c76ad69f55424576d3f758f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7405
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
eca40c269a0c0b9d48779f70ba269b13.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/eca40c269a0c0b9d48779f70ba269b13.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
311eb83d5389fc84ab98b996fd9583c0ca158bcde96826dceb72972f90c0a210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3639
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1131
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:00 GMT
x-content-type-options
nosniff
age
159238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 08:45:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1131
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:10:25 GMT
x-content-type-options
nosniff
age
118113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 20:10:25 GMT
truncated
/ Frame F442
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b9df9d28062db318d46ecc5de1428fc3e0aa94fbe5ac8753385ffb187904ed8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
15 KB
15 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54e5a4e9e60432da330be3b3d17497a10b1659c15c6bc14ff3799aef950baac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15099
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
acc5c17728f028f57f16718c418461ef.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/acc5c17728f028f57f16718c418461ef.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c68bdf21064ef525d1f6e50a15ac91b19241ae234052e1af638f6779ef774fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3095
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
b7210f500535c8288be2604129e6fe04.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/b7210f500535c8288be2604129e6fe04.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42c696e26e85d04757438b0bf420efd5616a06d2ec2b29509c66a59f2d2c6b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7493
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
632415e511d90bf43f0fcc4f84015553.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/632415e511d90bf43f0fcc4f84015553.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024ffe99145eb57f19b2018afe139a905a511945c76ad69f55424576d3f758f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7405
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
eca40c269a0c0b9d48779f70ba269b13.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/eca40c269a0c0b9d48779f70ba269b13.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
311eb83d5389fc84ab98b996fd9583c0ca158bcde96826dceb72972f90c0a210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:35 GMT
x-content-type-options
nosniff
age
221063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3639
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:35 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4DB1
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 08:45:00 GMT
x-content-type-options
nosniff
age
159238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 08:45:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4DB1
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:10:25 GMT
x-content-type-options
nosniff
age
118113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 20:10:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2415
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl540kQIkY_7IEtfmgQfmvZ_4AQAAAAA4AeAEAg&bg=!bW6lbirNAAZqQh0mSkI7ACkAdvg8WsYJaN78MoT-0FQeQi6eliA1XOVQlla_M74X2jIkuAdGmkMyIwIAAAFcUgAAAAFoAQcKAA5dzIOY_Gj921HfjH-n35kDD9NNaICDhiO4U0zv7uJbmRRgxWW_1_EE6Ro3yqTSwLMtY8k9Xy7v_h494s7TOKaCLJG_yAprhTWkyxxbt17ijBovrUDzu4DPHcjOyCdz--oiR9Z5z27Uhq1jWUJwtTDKLeUs7TyV9WR5ECpO8kYRFMErSkjg46vHhlxkRwiFivL3ck2ZeV9yGxPpwd9nghJtjFBBRZ7Lykv6Igy-HHvzTOND8HkuX_BPF8_dTa6vwO2jVTFiVxXAAfH-3cHcyEQXSlu5jIfsy629Noo2pv92gzF8jB3cUFEuhX381O-UKfEC6Xp7gabDj_TuaF6hknrD1bhUEf8acPEyNXpQzAEpvwGLZQc2lz73fcweg7nlOjq9L7EAvbE34xbQjvXYhrWZKwVE3Ehxn2_oowc3v0f9LrSjcub_lFTSF5tfg6FWDF-FFcd-PQoYyv95GtYfEW9g5FtfCICzDYVjtE8Ndi67PKXUrFS-8HX8krLO14QFPtEu4odyMpq7X0-Sqe8-8I8c6l0tBC8b0ub7-4XzU6H_fiYg_fJi0I9SmI192dSlj77IXATcEClqPMFj62UWpAPyEirVkhHg3_noc8xvX6YQYiMnoO79fE9nvHYmg7AhxYB8c2Ygjiv9XQuq36e6hIcNdFGwQ1VTD6JUsWD9ihyvZI7Z1AudAN0ha0ahFtFWjvjriALpcXzRmJcqwBFrVYR8DQdtZ0Eea2Ni3KEWub7hf0LP52CM1oA-KSclvTbY4zVKfWC24jWPh1_K7-M_gpfOvZa4eUDHdaK3jjnAQic0ZzGieP0pK47RZB8xdSFkC6JHKrSuP4CPiUDVFDXbqB8OPspUFKdhRTDKepk_Zd8La3z5-INrlnHx-ilGMUSEBPNvcmUoykNjJzquLbWsHRm0pn3jK2fK0auYJrrlnM75WAfXOXrDXOuC73tKa-o9g8hu2WIVSytYjjRZjARvh4rWDhTaksehsPTGsWelIu7wDdAy55V-1Fv7cKa4fc7A-RqyZo1LxqHk385tsVYvLofwQ8owA3uXP4b-0mzbpc5Ljw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 36E9
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7AB4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=2936807560043403&bg=!VlWlVRHNAAZqQh0mSkI7ACkAdvg8WlvHYlsoYca3_hPS5nEgfvLvd1x-LGC9jdQ_TXuByCwTbQqoOQIAAAGhUgAAAAFoAQeZAroo9ua6XFPW3NANltF6YailhJmm5d-FVC4aehZytja2q_QAB1L4W09Xvh-HjPA7Vd1j2aCY7eTNfNi4CK9KbDlB5-NjPa09cwgn4ebVVKZ2gTL0BZCy4HLXXPQh5gd3e_9mVm499x9AnljaGVnCnDcgGz8YUNJ4t0GofNu9kuXvIyNCjATBs-mvXoGXq_X6ZNwSb_QnXBtd0BkkZdGKqLHsqj7aDXQcFaJZZ3cUKctKbgoPhFTYyWi0VT8UUIZI1ntdBVV81QqCX3U5dkkFZPlB23wRNffwDF_q_8tHvBFp3r6O9_lGxVS_teW5wxeSJRjBHvNVVTvzZKFjho0DL87lg3ZNmwGen4Y0DOaZa5Ga2iuUOfcOogGh5yjKbN4EUZREjaHUut1tB3x9zr6IhH_N5GNBK8RpXNqE26GbYUCKvYOPEZ0N-zSFUXgaGYgKkDwJt2rC1lIAiWpcQQ3l1brqyVt-BWWEmj1n2BgSANmOkJKC0N5JLhciElS3xsYmoZbSdugfF2v8-nwQ8_tUN1pX8x5m1fwI6MOyCmC3RVaLHz3EE-BBJLj_PiTXHdql-jjFaURB64C3Wd3KYClIiYtpwicI3dly0OEKq3yfyfosmlBC5pWI9GgjzH8bIRFQNYIY_sbaQJz0EJemXBKgOP67tpJzbHAjZ0LoziZcC7SUM98D20v-LQ3hty38pXqgHDkuxgqVhbsHMRNO4fUPpQj01aycuCCPcABokWjge1OHUO0INMTkcqAvH8y5kPHnnPpbt6SwDVAIwwyHHJ4CWLBtoX9uATH4jCpfwOn0Yv5FOpLqrseW3pmDGcQoZ70idKVK6paaSRziDGCXcKoOcYE-UTxvez6r8sOOkjKCvQbWRuEgnIjAHBJeTr_HTPpy1xE0hNfYi5Uj2_u8KLp36eCoTEXQAXmm5i3yXg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 580B
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?-i-9Tw
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B8F1
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=2200721137496599&bg=!BAelB0PNAAZqQh0mSkI7ACkAdvg8WmeVTt1cWp0ehw4rej7nk5Ilzp9OgPMkDtAuqFxrvKbNGvZO8gIAAAGBUgAAAAFoAQcKAEtmTP2bHSEL6RFdScSIcyhGdOssTd5cnBgmru80apV52QJlDUvpJ4OeH8SK_eLxuMFqO8dyIHDXono9MjnOkfNDASr-opS9QwLPEzaZAr7VtWqvj_qJ1TkvvYbisXj6Q8ads4QQHD2-f9u6Mx1-gvBg4htacUY714GDtzJRsufXxui_mlNPreTUAD5aE0jr-P53BdXbPROeHpTgHoX6IoHqbEsa1RCtd9_D1FOSNccqfwlY48vF-zIJ1Kf7pzagPlKNpl9XD6-sx3ZCP3troCDz39lDp2UvcgpFFumXlcJEJ8G4lbxin3ZcQzxJhIjTjqiHrNEfmdBWJxXFvI-II7oSkQYx8qHRybH15HqvG9FnEtEcLUcIFQXH3G1cwnBjS9XQ9YjHvzI0WvkKnbccbYXSdvDk5gNJx-nxydJM0Z6xLIb5K_wVadDwM8oYHSp0YVVYFHMwdTNEHt4rx_N37S9N-Mbmt2Uo7NZF2-v86Vf9YsJN-WKi5We_W_vjj13lMac-f4PC5JIDgTHMB80eh--k5keR08dhEJoJ-Y9A70HoRxzFMJI2wdxX_BdIvVg0U-Td8jPv6BHYJc0VtkpF7o_GvLebQ6wD1YcbVZuiDqoIwobArHJzxgjtEtzmTI1VmKPepZYTcp46eVKVMFaVlhd1ccSnV0qQ4KZtdRVwakYsy6Lb3EJLrS1rCKW1lt2DBNaLJZoJHcTPVtUZHY0ZE_i2XoyeLtgP807KrvVtPj8goY2aFidOBUa-wG3w9Aon2cmtVKLXRzSANZol6X_baUPUcS36mDd3HvW2OJhg5VZC6j-LCPvFHuj1RVDHCFIVPQX2zgiNi0Imkna1G-D5AIQYnvlwDNoASEA4MCJtgYhSQSEwv2gvDsysPSUSEQNB9_mvJ9UgO5gKvBl5JhdUG4ZAIDUi0jqdfzNmtLoHlT5fBKPsJIgg04UYgxME5HBM7toqZVogQrHWwwH3crzzuqyOnw2WiPcAY7XTgcEL0NwQVoKjmV81R7LPsF3hjkQCUGbf3IaOjCRXB6TenAY
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://zdorovia.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame F888
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
iframe_api
www.youtube.com/ Frame D08C
992 B
516 B
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/assets/js/youtubeApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad4233d382a13f75eca9f55dbce03b0cc519d92dc9f809cd39621f028071fdfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 16 Sep 2022 04:58:58 GMT
63009_20220829030421850_background_728x90_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame D08C
22 KB
22 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220829030421850_background_728x90_1.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be1488d5f04affaf2faef15fe3b96a8828ee41aa3df4e5928f8dac13f315c6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:30:05 GMT
x-content-type-options
nosniff
age
1733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22417
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:04:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 04:30:05 GMT
63009_20220829030427060_background_728x90_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame D08C
22 KB
22 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220829030427060_background_728x90_2.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be1488d5f04affaf2faef15fe3b96a8828ee41aa3df4e5928f8dac13f315c6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:30:05 GMT
x-content-type-options
nosniff
age
1733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22417
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:04:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 04:30:05 GMT
63009_20220829030430398_background_728x90_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame D08C
22 KB
22 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220829030430398_background_728x90_3.jpg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be1488d5f04affaf2faef15fe3b96a8828ee41aa3df4e5928f8dac13f315c6d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:30:05 GMT
x-content-type-options
nosniff
age
1733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22417
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:04:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Sep 2022 04:30:05 GMT
GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/8757864584733261824/assets/fonts/ Frame D08C
80 KB
80 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/fonts/GothamNarrow-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81884
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
GothamNarrow-Medium.woff
s0.2mdn.net/sadbundle/8757864584733261824/assets/fonts/ Frame D08C
81 KB
81 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/fonts/GothamNarrow-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8757864584733261824/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82744
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
flecha.png
s0.2mdn.net/sadbundle/8757864584733261824/assets/images/ Frame D08C
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/8757864584733261824/assets/images/flecha.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
316c626585650b118dc2ca02a311b72962a5d160f89a3b686a942548cea022d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8757864584733261824/creative.html?e=69&leftOffset=0&topOffset=0&c=UJ7f31Y59W&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 12:51:32 GMT
x-content-type-options
nosniff
age
58046
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 11:49:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 12:51:32 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 74DC
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/fonts/ Frame 9268
80 KB
80 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/fonts/GothamNarrow-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:56:16 GMT
x-content-type-options
nosniff
age
43362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81884
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:56:16 GMT
GothamNarrow-Medium.woff
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/fonts/ Frame 9268
81 KB
81 KB
Font
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/fonts/GothamNarrow-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 09:09:04 GMT
x-content-type-options
nosniff
age
244194
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82744
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 09:09:04 GMT
flecha.png
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/images/ Frame 9268
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/images/flecha.png
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
316c626585650b118dc2ca02a311b72962a5d160f89a3b686a942548cea022d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:56:16 GMT
x-content-type-options
nosniff
age
43362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:56:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 48A3
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31069575
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 16 Sep 2022 04:58:58 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 84B6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEbT62SeHUFWqCqmE-8cIwOE6Js0L8m7hvCG-T3gHF7-nX5BNQJdYSKRP0A_4PAxO_xGa-LLWrigu134N2ZBSUq-ng6-icNWTLLScRTJLUKIixgtV7rhJR70h4v_mwQIVoljW9VQ&sai=AMfl-YRCoB0BzJnLHEI1G0WvTID-eaM789khNGiE6DxEhXaBj3giJypXJDq8KLFcONUJRKM3yx_vurgPWD429oBfLNONcgH7H5Z_O8A&sig=Cg0ArKJSzLoTmyukIZyOEAE&cid=CAASEuRoKlAZCmU6yRR3t-M-TCSWjA&id=lidar2&mcvt=1036&p=0,0,200,200&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=132049923&rs=2&la=0&cr=0&vs=4&r=v&rst=1663304337127&rpt=410&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CBF
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN6zFkQIkY-iLGaWwx_APkL2esAoAAAAAOAHgBAI&bg=!5uWl5aHNAAZqQh0mSkI7ACkAdvg8WgAmvRdi7VvPUojDKEyD3NTH4fieW8zCdTFDoURskwDiWyzUGAIAAAFlUgAAAAFoAQeZAt-hWtSpQZH8Ut_3jujZ3I1u7wu2NL7X5SzJlPiWMOUHE7rKhVTl0F8M5Dl2QXEb_fwPXLw-ouSsnRULOF7ZVUVJdejZI8zKOIrJ9dBVEK99bAIzVoo22mcocbaLLEVigNSAJALJ5R5H6wIZmYk0pZKYJp4OaDIe_wSZQwTGgZOwhkxzmti8Sq1ZtrIQRDV2DIo5-J_xBU2o5C8hSsiYD9uWhOSQ1rCKZOuj6oC8ogc83oiZLSWqDEK6CFhA7OpUebq-igWENjl7q1mR773hTmoJPWXQVv6o_bmtRrfHn9fRCPtqQiygYow788Mdq5VWWaybkDaK17HXP_24kWkovcRlTRq0iN_mrlnS0SwYEtkdtuoEzol85uO5MHMVo3z4sORUjuFprzYZoYYFZzRzhno43snUnkeZLFIix_9VyVrKYCBknd28HpBAAqkrwsVJqQ1cBz95DTJ3j1jJMaQAfYJmVMjcGKJxi3NvAuFc6yT-7yJQNYwKCvzGJKxhq_dqq2EpSMBJTizhM933iMQmXPGmGFzbITpTsJf5v5TbU3Qx0pCndAmW3ZnnlESVey5VdGJt6Cm7TupOP7Zf5_QOEF_YxOqpRiulsrbo92exf5AS5zLUUg6GCADIIxsPuuROY_wusCu6O0cwnjvWiV-kmvz5ig6nWz6UK53hb9rmQNVbj30iJIzWx3ked2i_JKZAHwWz9ATRkAbVJZMILiAmovcEC_GRntvTla-sFEbGZp0qQEMnb2Z35UnrTv-ici8QJU705JaM2Zw8tEhgsI-U_JFJAQcFy3_EhG8FMsYkJbS5Bv3-VMRUt_t3A4yh3Znh4W-NjL-CNz7eUdUPXrkOMyIAX3iCxWth8MrMEe07LdKdqo4iOrYtAadjoqkQXnaVGH5TJSk3Hx5zaanEZFMQW9y3ZQ8iYzrZkWKuqMtJoMsiah6LUBJb66BEoXtPCOCqR2zhW09nNgBT6UIucwjVg68
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0945
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByFd_kQIkY_7TGbGwx_AP2pSq8AEAAAAAOAHgBAI&bg=!d3SldDDNAAZqQh0mSkI7ACkAdvg8WrYhreropuw4Z7PfkQTvnuVCNNGeocD1QFWnDE1lCQfsWSojGgIAAAFPUgAAAAJoAQeZAt51mZOD4QxGj_KqwRKQ8ym8BTNXPqMqqdC2aZBMGZxJ8AsKBCe7ERYHxfxPzFzat5qKpSTKZ5EqS6CbxOhXyKwXSe0dDpdEUR5v9P6tvUHF9cyKWSgNjky56NzVYZkCQPvoAliTW1_gNPtQOpZ8ywvvCvEM9sGp3IoQ4W__aIJDskT34m_fq6E8A2l3iGI_DIDXWwyFndEHHedTYRJDohiVCP1Ug4cD5HMV4FH8RlyuXBEOPtNtuU7NE7eK8nqtLkhzGE_IrqZhhdEf5o_a9xmifZf9H66Bgumoev_mqFWlN5iL95qciH9mDQJWSRkySVSug7Yp5tC7dYOPLx63c1z8tzwAhpMU_eSlpUWXXffpQKW_qbnej9wc5W373ca4dZ-fN7nJ-G4ZL66EvLL8j505iBCs1io8H5guZgvlqtExaZraZGQGNlukNL7u8H05glUk8Ix3cCtCRVfxk3nIfdpXpex7wSzHRuc0ppd2xOawSPNjjMcUxUi_IY-rzA7YhRrtu3XIMwJf6ucFhwKgPPWrQwFPjF4gDareXX5iogr023gqMCph0bhJHgR2U1nUNWT_y9PCTeTtTfNDcSZ-3-Ykfx66s1jj95-RjFSV_W9aC2Lp3GMJPk-ZzUSQ0ns0Z3q9LKPoy970T9PZ4RFrhS4bJBDJ-buIMTP78Ec7fL5wTG3oy2fObuRegjI3NRCzu4qUEjdpNLRnk6ZINp4_iI176KDAhekok6xjXIaq7WKBnxyvtozvvGFcAfmpUtGpVeOMIrH645mYbyDJ9vxwbWa0zR5-vHjP7tYIOjXTTtRIsYLHdqz9J8bzb4oeRcOhv5yrl5quzSzyhE4HiUAyapZb11s58lsUxQ3M_2h2Jfmky0FNq7S3XM4OzWHXhax9M1SXx0nb_1vFawftzv0GytyQQJzBX98M-R64K2Kq3oV_o20uDty1cVlqo0QVKTvEGwgmSmteQVqLMCz9CxJdLg
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/f6383696/www-widgetapi.vflset/ Frame D08C
161 KB
52 KB
Script
General
Full URL
https://www.youtube.com/s/player/f6383696/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
3090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53518
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 00:18:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 16 Sep 2023 04:07:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7676
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
29574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 20:46:04 GMT
expires
Fri, 15 Sep 2023 20:46:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A663
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b2446a5c0c3b7d51ba936ccf65b620542bc8b282ccaea304a2ad1efaa4b7ea88
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y5aNcVO37ydufRsYxeKgHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-y5aNcVO37ydufRsYxeKgHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 04:58:58 GMT
expires
Fri, 16 Sep 2022 04:58:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 9D20
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_M6-vEY741Er2_4fZYAvIIDsBD7L3XMDzf3urqtvl9kqMqkOQcymrMJzBN1i4fgMaQhxx8PljtL378C7fpjtVpNK1N3DQ8A4bGqjYDnSfsi51OJ4JpTLSlOosldkW1ofo0n1X7w&sai=AMfl-YTHHJvOFI42I_E88wSc8AxbJkpA1Q0MvBdDbw2k61VcBt-WhDZWA3UerdpWoj_aH5D7ajkBMJ-_o_ZdYTMpAE3VC1AvxGQvFGQ&sig=Cg0ArKJSzEgwGxpjlndNEAE&cid=CAASEuRoDYTQBczhhnfgOYAi467z3g&id=lidar2&mcvt=1016&p=0,0,90,728&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3481491427&rs=2&la=0&cr=0&vs=4&r=v&rst=1663304336768&rpt=932&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 36E9
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?OmItTQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A663
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=1815264941557681&rc=
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 7676
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:18:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:18:32 GMT
generate_204
tpc.googlesyndication.com/ Frame 7676
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?bG-ioQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:58:59 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84B6
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=dbg&cor=10072556989674425280&x=1&ct=76&dl=2&ds=1
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 568B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=3083802158083473&bg=!NjWlNXHNAAZqQh0mSkI7ACkAdvg8WuzOr1eicglJqfc3kd7TVExPSlPIfJAzEceMWC6LyS8B7aOUdwIAAAEyUgAAAAJoAQeZAt5pIpnj1VsjXTqolcl-99lk-xcBOX1NnHLg7hGnI37ugyTSZbVq_8BKVQkQmLLIDaYtO3C0mAUYS4AUo5iKbm0UKzq8k2FSMp2RkQZKjJQ1Bfd_GT__slqy3upM42hmkZZSgXLRRRddTwN0zydY995cOd-FVB3_UCGf1yynx73V9o48dOOA-l21aYBGimmIo0_N6ir_9BfYZNeTfG5tNFw799ONfNNgMkdZxOsC-D-9OhwZAw9eMCnJVw-ZjuAmcB5VjPcspIgLXugBXhDn2gLlwXnEWrdGrmylML9qkrdrUy8E54xGi7JZssqPE2nfl78VnroCajJPFLFiPIl1FYVLvIwbY_EqwGTbSLG0UoAR-TjyhyHBresgv5L8f_aZlgpt1LRcx4C1jhWl920VtfPgBt8Mz50OvJW13MqznQ9MYdJDzSzQzA3YKv8myi-K73VkKo0WMuoTKpKPhBBCcUrpuiuyzrGva-xY7yTQg2D5HcE1ybmdpQ7V8VvEv37PIbtf--LvIA9u4Q8ozUzd3e84LQ07JsdcRzih38dd-F1Sj3Z7dt9PJ-B7f5qXCynjXxecZk1F5Kap235T7VP7u3qXWKFqCn9y4eTqfamEw0AEvyeFsrJyo-_Ks6q2ajlS3elhZM7eEnfWo6R0z5zZB3r7tEPXPdFpaJ9dyhQDewZCYMwSFdE6FHwpB7GelisnsvvTmURrimtJ-IpgSr6mupwpvC6MwDGvKg6vNqDNVIx4W7vaU_KyGcvsGjpdoCIrgOl6VzCor-5bJHrbJTcs1EoL9FWrE4FbmPf6oI7TfZhfn1a6oxCbGwXGoPD5xvc53KY_Zh0sY96orm-QXXAbBrJu68eiOR_m2ZttDvKDgkG_jdLITAZqARksYDVsGP2glVxXHVBfX1gEVhIQNrrKYActNFak39R9Rm-hicA3ZblQJPdkGRVqRdGtQKCTk3NXi538WEUuXya1gcrznUW6KQ
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame A8B7
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=1509434242826946&bg=!rq2lrenNAAZqQh0mSkI7ACkAdvg8WliNaoFWl_myHVjRPEz227uYGeE3lHe4NocB_j0qSxKaCLFsGwIAAADYUgAAAANoAQcKAFIHDT18zgGIXhHKD5mmu9Wj6LuN43s9xV8fTirZdCGgT1-ctM01eBwoPcAe39Ych-G4ZlPhXU91oVtTKNztdnOQOMEuYHzfDgosnrYVEBlwRNL0mQLVnEme4WR9SEDXuJR3b5vTxmPU6qxrCk-R_xAOblSkyXWtDy1_vc-2bqNf9a79_y3_SSAiUdF3JT2spwI3fNEpZDGxiIuNOC5jvEXeDzytg8oWrhreOE6_5qJ5Hg_sdcqJ0nFLP02q_ay9a1civ2pDMHVsmD6vxT_UgxTXkoK5NNpoXwzh9dWwzaH2NqevSLXbkN8DNok-_mNpIeyNyaFzYBwAhUtGQjUn_ZIxKIx2MUcWbdEtgEK01rTC90VT9ZXj28iHnxFEJ8zstHUbPo8bPwhkb81WaxlV2Hda0AvZN9d6bM9XG6wkMx7mEUinZ4-w4O1nslq7CkteWW8XQlHVNob23NGB_GGLhkWI1ZgzY_P76wEF83GTGvx6QI3wVPpMjv2k24nWwldIOOmEMTmPlCmHCkJhD4DkbeceDNFkNGDjbFGfVyg0duZsG-HcvkJHmywnk0CCh2skiTqRlMk-AJUfSjVri2IXlqIwDvNkeDZKznpi7OggNoKIJCwB2FEEoyZUwP8Wx96z5ujNzU0HuxVxVjFiCbgc070b3ugixCcxP0aoplsElP5RYPzTi5LMD2DNJR_vWISLSUYeO0rroCounMIs6O7xSiYuWksK04jglNBYecMpncJJKvjZkZ4ytPwy02Naw4xIXiOQTkHon6mp_qs4q5rUscNo6_7iHJ_7I73zThfLalZOpGUKt49-OMnTx-6umMPmVS0VH-ayyP6xfzKB6LvKd0Hm1jj_4LDFpgVmzklCo9I-5_WZY18qgY6xPB0kV0qEQ3snv9wxuavoiibz-BtaE5J-8-z19fJf3d8wp0OXfCe9BC0JOlke2cG13bL7jgrz9319IkIOxc0mtrWi5pQQHTOaZB1f-xRvI0Cwd6begHpZQAD6x_Syl3mI6FaZMD4gd_PfTOtbXKe0FIEyaFlAVXvU3aX2sDTQBjw1hX7GZ6ucVBc2X6BgLM_c70I
Requested by
Host: zdorovia.com.ua
URL: http://zdorovia.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 84B6
0
22 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4352084463851&version=m202207220101&ct=76&x=1&cor=10072556989674424000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F442
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlxncFFdI8z_P882QzUWLB-SyuRwJ3ZS5HBEwfa2U6fdmqlTUiQZ9nWoOI-vEiEMLzSRh1OHE8IwVlBrSNFnCz2Eb0TLjttsN_EGKPAkhtDWAf4S5FiUw-cbyGj_S2XuNlV0H_OQ&sai=AMfl-YRtpZKQTFxjUhZUX5SHtBCevIO20OizXqoB4lXEVTzZQdnioByTIsjvcPrnQP8rg7F2uFyd7xhN62UazqjSr9sYodQbrflKNxk&sig=Cg0ArKJSzMyOEb4PivxjEAE&cid=CAASEuRoDSBBABlSOfLlCltlAVu2fg&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1974494150&rs=2&la=0&cr=0&vs=4&r=v&rst=1663304337080&rpt=715&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C418
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTB5-FrzAz9pguAM3CXM-5lR9UCak1FbD6mtM8N77K2VFaBkGqQYvYA6CsLRtSr_oc6QRSPL2psBFcCC1dKru3rQqfsDBjSrHIz3IPRo9CRFVRR6amQ-NUy-nclnX92BgNPOPpOw&sai=AMfl-YRVfxfxVI_ENO3apg_2MR0mb0yh4dmBnnx8MthzgiMtuxsf-YZlr3-Tx3AdlRnczVWQ7_s9B3uVRxzEmEhbBOsZouNbhqNyaVY&sig=Cg0ArKJSzCaeGjho_oD0EAE&cid=CAASEuRoau1IsrAIdrlowCbTMsoeDg&id=lidar2&mcvt=1006&p=0,0,600,160&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1620915178&rs=2&la=0&cr=0&vs=4&r=v&rst=1663304337071&rpt=681&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 04:58:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 48A3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=1815264941557681&bg=!ISKlImbNAAZqQh0mSkI7ACkAdvg8WrerY-nfkDsR926zmy-X1_9bT9Ff-ZbwUF-oVJmoUUGXV1bduAIAAAC8UgAAAAtoAQcKAGgN0uMZjPdmjnk-7lSt5_k2ORcIQ9pUxsu6bnYLaOq0zaZZIKcc6ywp-qBc2DK8JhPrOxCr1TkH8h9V93IVQaYMYeNf2Z7wLVbau-vfkU1u80Fec6LagzKmepwxhvDHTEIbp_IuaxytEpkCxQtatcDwDzlMQnKosvNyOzSb6pXm1ev-xgQuxm9C3n0nZdjxnpkF3WxUWIfmqzQnv-Ft9oKYgkEz9bY3HimXwW9lSpDLCfxaYk2feJ6UwRvKGFX6OWRSCylX3eFKjibu-4Y2A_cbbnRUsSKhib3Dzg7AALCIOJ76DBJlxlSdMv9HaaqaQawaPyLlzGgxbdoJIqNpgfsom8HNGKMBWG9sc1KUgvX3rFbSaFmzDjb9J668tuXx2JXq2xI-cf-_9Jew6eJ5B4Cq8WYPNQRZNVTlsyT5o8W0Ti2Zu4mJ_Gh-LldIFOUwzu6P4nc62W0XCSty7I_bTpO2zisOlCgcL-bGTbRYVbLBcZtJnAgEhrJkxGXehPhZ7gucI2lOnwAnKcvjOfomDkoTqCmFs_gkjn1XJt2bpeeVZh83oWA18Snk1hiyutTeK0x1TaAPMNcqWjtKnK2lX2S7atQRk3ugMQF0uLaNQKClGSiWo_j0-GX9NXrwMIzW7OQJ09cOSCgCA7L3gD4O1WOI0sjgUgCEpO3MJsOJUzL9-Xiijfj_SH9ORBJw4iaUHLKVv-5pAHMUC8wJ1DjKEed3sZiRDxQiAegNQLEjzhBl_mRdGS6MDPpPLAo31NNLQBfYC4MHfFbRXqY4jNCXdCdiKCw9mX9-pZ-lIqNlnk4kXP2gRZ62aXl6d4LHnaQ7Y6q-xuyKVwWQPmuLuwvER1C-nuGPNi16DZ0HeBTiMe1m1N9KjCcDrMcEG1m64_jzS9HKacyawv20nrmrLrDCKPtmuALYCKaUH9HIUpwiNcmNJ9EDwGs2dpCb1TnEVaQzT6BOrBw01UQsonFhfuQFVd7tX9RWvQgQPfcQjWmDoMNOgeme3kJAFWgmrKS_o6pVfsf4eUqnGd6Hgd_MtEuXefEYP7ekbeTIcZqDHGZ5ULFDT6XYHmBevDwv6j1jbL9BrDA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

um
u-ams03.e-planning.net/ Frame 87CB
42 B
103 B
Document
General
Full URL
https://u-ams03.e-planning.net/um?dc=3ab023ac29ea5990&fi=d492d92fa9f9922a&uid=f480e52263601e65ea80c40c597af449
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3Dd492d92fa9f9922a%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.172.90.251 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
ads.us.e-plannning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 16 Sep 2022 04:59:00 GMT
server
openresty
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11086
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1998
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 01:54:15 GMT
20e27cc06a4e18fde8359ca8899b4f84.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
11 KB
11 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/20e27cc06a4e18fde8359ca8899b4f84.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17d8ad06cf0fe9bbe9aa53afcbddcc74c84b9aa45c4b3b6938c9eb2d7d67e904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:36 GMT
x-content-type-options
nosniff
age
221065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10763
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:36 GMT
undefined3n8md4
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 1131
43 B
69 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/undefined3n8md4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:59:01 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 16 Sep 2022 04:59:01 GMT
fb5105e64e37009d8a7ab6f4d3b49b47.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/fb5105e64e37009d8a7ab6f4d3b49b47.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2f80e9cbbaa17cba0de561cf869d51718bc70654938f16097e88a8ded034c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 12:15:34 GMT
x-content-type-options
nosniff
age
578607
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3040
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 12:15:34 GMT
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:54:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11086
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1998
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Sep 2023 01:54:15 GMT
20e27cc06a4e18fde8359ca8899b4f84.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
11 KB
11 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/20e27cc06a4e18fde8359ca8899b4f84.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17d8ad06cf0fe9bbe9aa53afcbddcc74c84b9aa45c4b3b6938c9eb2d7d67e904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:36 GMT
x-content-type-options
nosniff
age
221065
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10763
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:36 GMT
undefined3n8md4
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 4DB1
43 B
69 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/undefined3n8md4
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 04:59:01 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 16 Sep 2022 04:59:01 GMT
fb5105e64e37009d8a7ab6f4d3b49b47.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/fb5105e64e37009d8a7ab6f4d3b49b47.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2f80e9cbbaa17cba0de561cf869d51718bc70654938f16097e88a8ded034c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 12:15:34 GMT
x-content-type-options
nosniff
age
578607
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3040
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 12:15:34 GMT
flecha.png
s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/images/ Frame 9268
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/images/flecha.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/assets/js/nhdynamic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
316c626585650b118dc2ca02a311b72962a5d160f89a3b686a942548cea022d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15954870253545062400/200x200_rtbretargeting/creative.html?e=69&leftOffset=0&topOffset=0&c=AiRAL4sWGL&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:56:16 GMT
x-content-type-options
nosniff
age
43367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 15:39:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:56:16 GMT
20e27cc06a4e18fde8359ca8899b4f84.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
11 KB
11 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/20e27cc06a4e18fde8359ca8899b4f84.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17d8ad06cf0fe9bbe9aa53afcbddcc74c84b9aa45c4b3b6938c9eb2d7d67e904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:36 GMT
x-content-type-options
nosniff
age
221068
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10763
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:36 GMT
fb5105e64e37009d8a7ab6f4d3b49b47.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1131
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/fb5105e64e37009d8a7ab6f4d3b49b47.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2f80e9cbbaa17cba0de561cf869d51718bc70654938f16097e88a8ded034c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 12:15:34 GMT
x-content-type-options
nosniff
age
578610
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3040
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 12:15:34 GMT
20e27cc06a4e18fde8359ca8899b4f84.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
11 KB
11 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/20e27cc06a4e18fde8359ca8899b4f84.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17d8ad06cf0fe9bbe9aa53afcbddcc74c84b9aa45c4b3b6938c9eb2d7d67e904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 15:34:36 GMT
x-content-type-options
nosniff
age
221068
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10763
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 15:34:36 GMT
fb5105e64e37009d8a7ab6f4d3b49b47.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 4DB1
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/9373486604597640658/media/fb5105e64e37009d8a7ab6f4d3b49b47.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c2f80e9cbbaa17cba0de561cf869d51718bc70654938f16097e88a8ded034c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 12:15:34 GMT
x-content-type-options
nosniff
age
578610
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3040
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 13:49:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Sep 2023 12:15:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIH1ErjPIS1FiwSl_0DEw4E&google_cver=1&google_push=AZmPxg-dt_9oi7ef-86qMyAj1xH6fJmc33LRkF6Lpx4rgk6DHez8Fj3j9WufNBUtyZrrU8O_cHO3RUVCNB09ODvqUeEFUb_rrZY
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIH1ErjPIS1FiwSl_0DEw4E&google_cver=1&google_push=AZmPxg8LndOZt6XfKrgheHfqW5bLJnWDxLV08UwdiYYUdq6Frxfj7Ntq3VrRdGpAW7MWBgP9fawzCpAyBTI40r0UBORYEZtn57Ht

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation undefined| returnExports function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| Youtube function| $ function| jQuery object| ddmenu function| setEqualHeight function| setCookie function| getCookie function| deleteCookie function| contentBorder function| validate function| json_encode function| toggleSpoiler function| addcat function| ShowOrHide function| DoDiv function| check_uncheck_all function| showpreview function| insertext function| insertimage function| quote function| confirmit function| emailCheck function| in_array function| center_div function| sack object| admixerVast object| globalAmlAds object| head object| script object| _gaq string| iS object| iD object| iP string| iR string| iT string| iH number| iI number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| hb_dmx_res object| _gat object| gaGlobal object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding function| adpartnerBranding function| html2canvas function| _open object| banner1550_1214764331083829 object| google_reactive_ads_global_state object| ap_br_img number| k object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

119 Cookies

Domain/Path Name / Value
.admixer.net/bs Name: am-uid
Value: 03337a22247c447183df7f77147c217e
.zdorovia.com.ua/ Name: ngTrackID
Value: a92bba8fca5440bc1d15c6cb8fca439d
.zdorovia.com.ua/ Name: PHPSESSID
Value: ipdli1mavsi2nbv5g6o8m3n9t1
zdorovia.com.ua/ Name: b
Value: b
zdorovia.com.ua/ Name:
Value: store.test
.youtube.com/ Name: YSC
Value: DD1dFeaeop0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: llsZtw8_53Q
.zdorovia.com.ua/ Name: __utma
Value: 148597372.821327299.1663304335.1663304335.1663304335.1
.zdorovia.com.ua/ Name: __utmc
Value: 148597372
.zdorovia.com.ua/ Name: __utmz
Value: 148597372.1663304335.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.zdorovia.com.ua/ Name: __utmt
Value: 1
.zdorovia.com.ua/ Name: __utmb
Value: 148597372.1.10.1663304335
.admixer.net/ Name: am-uid
Value: 03337a22247c447183df7f77147c217e
zdorovia.com.ua/ Name: session_id
Value: 4eb7caa5-be71-4eac-a23b-8df7aef39bad
zdorovia.com.ua/ Name: site_visited
Value: 1663390735.1
.ads.go2net.com.ua/ Name: am-uid
Value: 03337a22247c447183df7f77147c217e
.yadro.ru/ Name: FTID
Value: 1Z90AF06-HuP1Z90AF002QW7
a4p.adpartner.pro/ Name: apuid
Value: fa1cf96d-c1be-40d4-8920-8069ad084f22
.creativecdn.com/ Name: u
Value: cRF0qFsNXYCIvC4zpCnr
.creativecdn.com/ Name: ts
Value: 1663304335
a4p.adpartner.pro/ Name: apudmg
Value: 1
zdorovia.com.ua/ Name: lapuid
Value: fa1cf96d-c1be-40d4-8920-8069ad084f22
.adnxs.com/ Name: uuid2
Value: 2005152939204637518
ads.us.e-planning.net/ Name: CT
Value: 1
.yadro.ru/ Name: VID
Value: 0Iapfh3CueeP1Z90AF002QXc
.e-planning.net/ Name: E
Value: AFybZRbaGnUbfu8Z
.csync.loopme.me/ Name: viewer_token
Value: fd785e3b-bc6f-4be1-93d0-097caab5bc15
.openx.net/ Name: i
Value: 31d7da4f-f376-415d-bbf2-3096fdbf5ac6|1663304335
.zeotap.com/ Name: zc
Value: 3cd7add8-7ce3-4ca5-5db0-814ca885a5de
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: b29245f0-daff-5203-9cb5-4042ff9142cd
.betweendigital.com/ Name: ss
Value: 1
.casalemedia.com/ Name: CMPRO
Value: 1195
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3655a1a1-79f9-470d-9482-f6412bba2c43-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.bidswitch.net/ Name: tuuid
Value: e97c7c53-9d19-4c10-ba59-7467cf1ef8ab
.bidswitch.net/ Name: c
Value: 1663304335
.bidswitch.net/ Name: tuuid_lu
Value: 1663304335
.360yield.com/ Name: tuuid
Value: 20592c7d-2baa-40f9-9551-7be52e5405ac
.360yield.com/ Name: tuuid_lu
Value: 1663304335
.yahoo.com/ Name: A3
Value: d=AQABBI8CJGMCEM6EvGJOE-W0p1aS7gZkW-kFEgEBAQFUJWMtYwAAAAAA_eMAAA&S=AQAAAqmxw7J4FbUYe24jQqoTiL4
.betweendigital.com/ Name: ut
Value: YyQCjwAK9LAh-0l2_ywIAdFbHsgy23J8SVvGHw==
pa.tns-ua.com/ Name: uid
Value: ZB7106CC00F543EB981CBFE02EE4FE7C
rtb.com.ru/ Name: as-user
Value: 6324028fa62fbd543480d237
.casalemedia.com/ Name: CMPS
Value: 5145
.adtelligent.com/ Name: vmuid
Value: a9d49749090e138a
.tapad.com/ Name: TapAd_TS
Value: 1663304335821
.tapad.com/ Name: TapAd_DID
Value: 2cdf6395-8343-40e3-96d9-c143e5528f76
.adtelligent.com/ Name: a319130
Value: fd785e3b-bc6f-4be1-93d0-097caab5bc15
.adtelligent.com/ Name: a307558
Value: fa1cf96d-c1be-40d4-8920-8069ad084f22
.adtelligent.com/ Name: a297253
Value: 2005152939204637518
.adtelligent.com/ Name: a584890
Value: 2005152939204637518
.quantserve.com/ Name: mc
Value: 6324028f-e6dc6-f091d-c1db4
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.tidaltv.com/ Name: tidal_ttid
Value: 21a55135-f08b-4151-a38b-9ac08c56e507
.exchange.buzzoola.com/ Name: uuid
Value: 3d745265-13b9-42f3-746c-a0e2e426c215
.adtelligent.com/ Name: a309255
Value: dba56ad9-e36e-4d43-8aa8-386b18c3abb6
.adtelligent.com/ Name: a289656
Value: 20592c7d-2baa-40f9-9551-7be52e5405ac
.dpm.demdex.net/ Name: dpm
Value: 30466266400957595464191992609182037761
.demdex.net/ Name: demdex
Value: 30466266400957595464191992609182037761
.lemmatechnologies.com/ Name: uid
Value: 447817a9-357c-11ed-9c9a-801844df0ab8
.adx.opera.com/ Name: UID
Value: eae6fa5c29384b9bafab9fff1c230f01
.turn.com/ Name: uid
Value: 7782151775803717278
.weborama.fr/ Name: AFFICHE_W
Value: abi9u2ac9vFp81
.casalemedia.com/ Name: CMID
Value: YyQCj3Zu-EpQ-0yXkwbANAAA
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjIxsjK0MAIAnvSAygkAAAA="
.doubleclick.net/ Name: IDE
Value: AHWqTUkLV59GsOxI64FjC9vUlEPRvcdCKRg_37arGXPXkUOBiZpkbeXWrB8iRvUkmIQ
.theadex.com/ Name: tis_mQL
Value: mQLeAr4z
.theadex.com/ Name: axd
Value: 4305708402797908681
.adtelligent.com/ Name: p440467
Value: 03337a22247c447183df7f77147c217e
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-06858707-d3fb-3288-81ec-fcff1cdd5618
.w55c.net/ Name: wfivefivec
Value: vw5pkCYS1Oz3ri5
.w55c.net/ Name: matchcasale
Value: 5
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.adtelligent.com/ Name: a307971
Value: AFybZRbaGnUbfu8Z
.agkn.com/ Name: ab
Value: 0001%3AmjZgl%2FZD7cfuC1RKqZJ0hOx3zAZvEneL
.krxd.net/ Name: _kuid_
Value: PFPB7yze
.richaudience.com/ Name: avcid-zeo-uid
Value: 3cd7add8-7ce3-4ca5-5db0-814ca885a5de
.console.adtarget.com.tr/ Name: vmuid
Value: c6310791a6bead55
.adfarm1.adition.com/ Name: UserID1
Value: 7143837726424168594
.fwmrm.net/ Name: _uid
Value: "e4711_7143837726415388346"
.adtelligent.com/ Name: a318342
Value: c6310791a6bead55
.zeotap.com/ Name: zsc
Value: %1E%CA%AC%29%E7%91m%8E%A9%E6%9E%F8%24%B0%5B%C2L%A5%ED%FF%CF3%87_%01%93%1D%FB%9A%1A%83%27%5Cn%03I%02%D0%CEhD%AC%A1%AA8%B6PI%8A.%E2%A6%60%97%04%0Ee%D0iS%85%BBTH%1BrLm1%FA8%92%E4%C3B%7D%0E%DE%7D%95%C4%B9+AJ%07%DB%CA%90%2C%0D%00%5C%87%F7%9C%B4%9BWz%EF%80X%D4%FE%08%A7c%DA%97%86%82%F10%2C%D2%93%1E%FB%EDm%8C%FAO%08%07%DC%07H%92F%F2Kw%5D%AF8%21G_%FCf%A9%E3B%29%FD%A9+%8E%CA%AF%AD%25%FC%A6U%144%85I%BC%F2%E5%EE%EB%E1H%FB3
zdorovia.com.ua/ Name: session_pageview
Value: 1663304337.3
.amazon-adsystem.com/ Name: ad-id
Value: A_2PjnFiq0fqkaFVN6Ew1Uc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.analytics.yahoo.com/ Name: IDSYNC
Value: "1985~276s:175w~276s"
pool.admedo.com/ Name: tuuid
Value: b15d8276-1ccc-41d0-b053-b1bc5140311c
pool.admedo.com/ Name: c
Value: 1663304336
pool.admedo.com/ Name: tuuid_lu
Value: 1663304336
.mathtag.com/ Name: uuid
Value: 76c56324-0290-4800-b067-0a9bfa0854f1
.zdorovia.com.ua/ Name: __gads
Value: ID=78c8cd738996058f-22ef35e61ece0073:T=1663304336:RT=1663304336:S=ALNI_MaUtBh9C4KaQOV3twbC_Rt7vG-zbQ
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjGyNDYyNDA1MBXiM9Qt93OP8HcxDUsMC0oHAKTcXAQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjGyNDYyNDA1MBXiM9Qt93OP8HcxDUsMC0oHAKTcXAQlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZsbGBibGxmaWoIAJ05VVAQAAAA
prodmp.ru/ Name: rai
Value: 812d809fc846bf48306c68e7fc87888f
prodmp.ru/ Name: rai_new
Value: f62259a3638e765857db4f2dbd02a879
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7243443043593630516
.audrte.com/ Name: arcki2_ddp
Value: CAESEPykcb4Lrj98PJawEWySFTI!20220908!1663304337317
.casalemedia.com/ Name: CMTS
Value: 1144
.eyeota.net/ Name: SERVERID
Value: 17253~DM
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GUeGZdBA!@wnfH8K6pQK`!5=E<*L5?%K7Zbwv$2RHE-f2PSr5dr3?fT2$vA*$Q)OYL[m%nugO%v4VB%nl?#)[vI=
.audrte.com/ Name: arcki2_TTT
Value: 1663304337413!418s-1YRKShQTKfvIqLP1zFaw!959#1318#372#1498#1142#1194#322#771#1168#1295#724#310#634#1748#1712#880#1554#514#226#1720#1104#1187#1686#918#956#629#1205#781#1817#-1#1573#1336#563#1103#1455#-1#1842#1787#146#271#1701#262#446#1230#934#43#-1#1010#1441#1526#283#1803#15#-1#449#532#368#1558#506#464#757#1342#96#1355#1090#1473#1524#1312#1073#1283#1191#1513#8#259#1005#492#1585#1056#933#777#1293#1264#1244#234
.audrte.com/ Name: arcki2_adform
Value: 7243443043593630516!20220908!1663304337456
.yandex.ru/ Name: yuidss
Value: 1054907741663304337
.yandex.ru/ Name: yandexuid
Value: 1054907741663304337
.quantserve.com/ Name: d
Value: EDQBEAGOJ4EK_fsQ
.admixer.co.kr/ Name: __auid
Value: 7c9077c4a7852e4ab5946bc05adb1c35
.admixer.co.kr/ Name: __puid_103
Value: 03337a22247c447183df7f77147c217e
.admixer.co.kr/ Name: __id_utm
Value: 20220916
.admixer.co.kr/ Name: __id_inf_103
Value: 0_03337a22247c447183df7f77147c217e
.agkn.com/ Name: u
Value: C|0CEAAAAAAKra_EQAAAAAAAQ13AQCAAQpAAAAAAA
.aidata.io/ Name: __upin
Value: 8/ILLxxITMzNTaqphaEqEw
.aidata.io/ Name: __upints
Value: 1663304338
x01.aidata.io/ Name: mts
Value: 1
.audrte.com/ Name: arcki2
Value: 418s-1YRKShQTKfvIqLP1zFaw!20220908!1663304338401
.mts.ru/ Name: dspid
Value: 42a5ce4e-d564-45cf-8191-7b55002be835
.mts.ru/ Name: mts_id
Value: 7cb27123-8556-4aa0-8a7b-84ec636b951e
.mts.ru/ Name: mts_id_last_sync
Value: 1663304338

21 Console Messages

Source Level URL
Text
network error URL: http://zdorovia.com.ua/templates/default3/js/media.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: http://zdorovia.com.ua/(Line 850)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3De8d8fc41-c8ef-4b97-772d-4828258455d1%26reqId%3Ddc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3cd7add8-7ce3-4ca5-5db0-814ca885a5de%26reqId%3De1f19180-bfef-40b4-6f04-b6c828a83a12%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=9d12aa55d264e60e&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://tags.bluekai.com/site/87734?id=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3cd7add8-7ce3-4ca5-5db0-814ca885a5de&reqId=e1f19180-bfef-40b4-6f04-b6c828a83a12&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/87734?id=e8d8fc41-c8ef-4b97-772d-4828258455d1&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=e8d8fc41-c8ef-4b97-772d-4828258455d1&reqId=dc6a83ca-8b7f-4e10-73bc-5ae5582fd8cb&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=d492d92fa9f9922a&uid=ua-06858707-d3fb-3288-81ec-fcff1cdd5618
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js(Line 121)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIH1ErjPIS1FiwSl_0DEw4E&google_cver=1&google_push=AZmPxg-dt_9oi7ef-86qMyAj1xH6fJmc33LRkF6Lpx4rgk6DHez8Fj3j9WufNBUtyZrrU8O_cHO3RUVCNB09ODvqUeEFUb_rrZY
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIH1ErjPIS1FiwSl_0DEw4E&google_cver=1&google_push=AZmPxg8LndOZt6XfKrgheHfqW5bLJnWDxLV08UwdiYYUdq6Frxfj7Ntq3VrRdGpAW7MWBgP9fawzCpAyBTI40r0UBORYEZtn57Ht
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://s0.2mdn.net/sadbundle/9373486604597640658/undefined3n8md4
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/sadbundle/9373486604597640658/undefined3n8md4
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.betweendigital.com
ads.go2net.com.ua
ads.pubmatic.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bidswitch-eu.splicky.com
bn01.er.bemail.it
c.bigmir.net
casale-match.dotomi.com
cdn.admixer.net
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
counter.yadro.ru
creativecdn.com
cs.mobfox.com
csync.loopme.me
d.agkn.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.buzzoola.com
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
i.bigmir.net
i.e-planning.net
i.i.ua
ib.adnxs.com
ic.tynt.com
idsync.admixer.co.kr
idsync.frontend.weborama.fr
image6.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
js.cookieless-data.com
loadeu.exelator.com
m.trafmag.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
nashamama.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel.konnektu.ru
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prodmp.ru
ps.eyeota.net
r.casalemedia.com
r.i.ua
rtb.com.ru
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
scripts.go2net.com.ua
secure-assets.rubiconproject.com
secure.adnxs.com
sm.rtb.mts.ru
spl.zeotap.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.lemmatechnologies.com
sync.mathtag.com
sync.richaudience.com
sync.teads.tv
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
tech.rtb.mts.ru
test.rtb.com.ru
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u-ams03.e-planning.net
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
usermatch.krxd.net
vid.vidoomy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.youtube.com
x.bidswitch.net
x01.aidata.io
zdorovia.com.ua
googlecm.hit.gemius.pl
103.229.206.241
104.18.18.126
104.18.19.126
104.18.2.81
104.18.3.81
104.96.128.226
108.138.17.110
13.248.245.213
130.193.58.13
142.250.185.130
142.250.185.226
142.250.186.34
146.0.227.107
146.0.227.110
151.1.205.165
151.101.2.49
159.69.141.123
162.55.233.28
18.156.0.31
183.110.238.136
185.15.245.83
185.172.90.249
185.172.90.251
185.172.90.252
185.183.112.148
185.184.8.90
185.64.190.78
185.64.190.79
185.83.70.70
188.34.190.28
188.42.191.196
193.0.160.129
193.106.95.134
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.19
199.115.119.227
2.18.233.180
2.18.233.201
2.19.35.65
2001:678:cb4:bbbb::11
205.234.175.175
212.82.100.182
213.19.147.45
213.87.44.187
216.52.2.39
217.66.147.162
23.205.235.133
2600:1f18:6593:f602:3fd7:c8e3:cbda:5fe9
2606:4700:10::ac43:db6
2606:4700::6813:ac6c
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2004
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9b
2a02:6b8::90
2a02:6ea0:cb00::2
2a02:fa8:8806:12::1400
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:e1:2801::254
2a04:4e42:400::300
2a05:d018:24:b001:d77:1ef8:a0be:540c
2a05:d018:d29:3601:ebd:fba0:5325:a4e6
2a0c:5c81:5052:0:ae1f:6bff:fec1:aee2
3.122.190.231
3.123.174.3
3.124.210.90
3.211.112.47
3.231.177.24
34.111.131.239
34.249.7.180
34.252.105.21
34.98.67.61
35.157.16.92
35.172.39.147
35.186.253.211
35.210.53.219
35.227.248.159
35.244.159.8
35.71.131.137
37.157.3.30
37.157.4.41
37.252.172.249
37.252.173.22
51.15.145.115
51.38.120.206
51.83.220.94
52.210.26.59
52.213.154.120
52.215.16.237
52.46.143.56
52.59.153.178
54.229.14.30
54.239.38.253
54.78.254.47
62.149.1.122
64.202.112.191
67.202.105.31
69.173.144.139
69.173.144.165
69.192.160.219
77.123.132.42
8.2.108.175
8.2.110.206
82.145.213.8
83.222.114.189
83.222.114.190
85.114.159.93
88.212.201.204
89.108.120.76
91.210.190.92
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0203f0b50c6adaba52ee378041f53d969a5b86c8e5b22df245979fc0d351c7f5
024ffe99145eb57f19b2018afe139a905a511945c76ad69f55424576d3f758f0
085d237267eb5a0678e9176b3d17e31d3ebd36ebbec8dc0ea8ab3515ea68e4ed
09ad5608bc9cac00f0e3ab4d3a890315bfffbfb4a6e9186dd3ea8eadd14a1985
0acaf89e5c6adedd841ca5d237d1932a3fc5f6bd172997bb2e7ddb7cb83b33ea
0b6e8155e38245f3151d298422f8f0a9e01a4eaab240e76bfb35f94c469306b6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2f80e9cbbaa17cba0de561cf869d51718bc70654938f16097e88a8ded034c4
0dc2a95d49f4854773ee37f6c1168a9e90d639f81b882b0327f490c291a9cfa3
0e1f8ae81889e837e923d788176d1ffb9a5b8b766a45e699326a8d5b6e9a5686
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
1228656137379454ffd580dcc21076f83efc3d34a198902c7d039353596efe22
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
140666625531e941e900caa4637eb21c39c9c812865382ca1ee0ceb764901502
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
15179e81f131befdd6e603ba3ddca00b8cc4e43aa70583d9e7b41fd56698ebbb
15b25322c978807eb0a01f7831091fd4b9add03a28f48236d309b42050a1aeac
1665ea0ad2d2df1a1d3645ddd26661780090b4313190fc547ca8a7a11de508cc
17cbb5ff7abf82890eacd6dd6cdfaf4ea2e7f6dcd3dea4082d8cd3b290e251ee
17d8ad06cf0fe9bbe9aa53afcbddcc74c84b9aa45c4b3b6938c9eb2d7d67e904
17fc86161d9b6ac5cd40ebe0b9a354751ee0a2a83d48f423bcab24cb25adcd52
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1c25aef47c67b97e59beabef6f8710905a2cfa67f9579478ebde8bee5ffb57d3
1cf8ff73963d364db8fc8f0e3384ec970be711ed05b0366ae83ea4f92530f3b6
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
1dd7796d72b2353ca592f216dca81af1aff9eed564a0c1ed5d7555af6f3bb34d
1e178b3f69e5657653742ecb5fb9755753307d57f18f7b266db6b0ccdfe5d2b0
1f1dc20da7f0030eb746dca482da9d752c7afcce6deacb22081d3d6fdb992322
22c0dedec47c7f7f9b0ac3e9ee8629629aeef193a12158208e63e29b3323f118
231de341da0a811d96b736ef4faf3d339d815e11a9cddd5283f1c241ccba1912
234974ef7ff86c2e11dc738796ccf88501649f864fad7d2d30b45f10211cb8c8
2364e3bf74552def676f1c5086eca57ad57ea116854a53d324d59ae503c4c05b
2590c37a8df25d2ec796796a32a393e14a7fa4b5d6edd5529f6c05d4ec0b2692
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
284ad04845b7380ab09d988a65a8136842b4a297bd063889b5062f731389177c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac2d50f6f398d7674b6a5ba99576d0526e743a251e62571ac304e3cb2b9a777
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
306d5342ca0b82a5881ce148bbd99134d736d0fa462a683e56503801e36fdd93
30fe2b4dd3ea9446d92fa0dad1ce04ad1fb0729696ca6e04d6bfaacfb5681ed6
311eb83d5389fc84ab98b996fd9583c0ca158bcde96826dceb72972f90c0a210
316c626585650b118dc2ca02a311b72962a5d160f89a3b686a942548cea022d2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336089b26e94a1c9ed6ccb0933a31b0be3620e88f17df76bd98216ef1ee965c0
34d32d198ac914ad4a9d11d0a2269e8cc2c0c68a769585759078020987c4a6b4
3b9df9d28062db318d46ecc5de1428fc3e0aa94fbe5ac8753385ffb187904ed8
3e25b0478e495776aeb31dbca4c92a9bffbad68161f91e261ef88aaf4ea2dd71
3e2d71b70123d5668b745014d9ab2501c033020e94d773d735280ccb155f6cd8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404085f85e16d1d29624a0a8a84807e2454ac31beb47384788cb13e0583a0c8e
405a2822f13160db99af498e688b4e7d8058f90306e5129d84c978c0677ff370
40ca104161c8e5207fa8cc5d7704008bf16933261aff022590ab0117d760ec15
418ff10ba88805a6ae6386a418ad4c5a5bd6a75159624263c8fbfb117641bd36
42c696e26e85d04757438b0bf420efd5616a06d2ec2b29509c66a59f2d2c6b6d
4317cf568ce364f433b3d3654bd15634c4e32ab44c4691b3ae41bbde15ae2b7d
43857243f02ef37095bb428d754c828940103d5658c5b23aacb83dc57e5a484c
46ccfecc58742c93070c0a1cba02a1668df9a61c6d80f33f6d29c8d694cbd0bf
47051ffe4c3e03cfe03e502825187de88bfb6cd710407cd3de40d2466c922351
478975b1f730276728ed9878a55414604b63c83db010f03d866338697880893c
4803ca05bf5d01dbd812e758881dc7cae6344da06c0fd9d19d42a341409a61e6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4927978f916c67a75b089f975343a53f686c38f1fc69c11252c2d5c6a1eb1913
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ad0a1d9bb20358be18ad374a563021cb030d5d7ef1d1fb52c05a187340bce6d
4b1fbb863d343993c75af940f2054e27dba27ba0293943c3d33ae4a4297a861b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c44374e578eb46c8d184b1923ac7ee9dd63032dbb9769e9ce5c575d33bfaeb3
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef96e355d5077b87f98641922263428bdd86df939938fd3e283f7a37af10e35
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50615a8a76e29fa2da457b38203751587adbce47b909f627464992921d554439
50c8001e5941033a18c8c7663eb1feb3fe8b2715b4ac019d78d766dca08a8b97
518044b9079d6b70b8997035cc0d9b69d8e578f1b2ec43c8cc06e819f58857a1
548e4669812ab53bae5e50eee71c0d6d951b6dd8e5176cb8c08c36ce3dbf37d3
54e5a4e9e60432da330be3b3d17497a10b1659c15c6bc14ff3799aef950baac8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5823febbfb1fc1db57624117ab49aadef78f2a3408c7c673b6d6f8d564b130de
58588f20a0fb92857d94c3943a7f9e961a74e1ac6a94210626fd51778dffd830
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
5c550c8cd718513d0edee89594f2f057f6a5a8e8507572a6ed5c1dcfd9d24d59
5c7e303d5f97a09c14f0dc8aa18b7da57685b0b93d818914259eacc4794386b1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62dd7b0ccfa8bdaf6f9cca4f3138298c44e5bfe4da2af6ca6f400ac4f7ce8b6f
641f868e8046a0df91150d538385b89a10efcd41c7da0a8ae180d68f725ab8b1
64b15ee0e992068d9ef3299cbdd65b1fc3d6e8cf6ef4111e6a08bdb03beb4c80
6507596ed5e5ad92709bfa0996097b9f0acd5876398e39e0f760acd7612c9ceb
6524f525dc3a54cb7df90112bd30a18eb8e1f03fb38fd0e89b5c9573d7476579
66225fc3e54aab2b7c667bf6b3a5021216eae81fcae74a75a63ab29b8256f326
673a3a4942231019794c6a726c7f1d7ebb1cd7d5ef70d9fec072dbc1a82fd020
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73c064e058ee20b885cdccf610f33e48b6086ec93a06bcfc2b57f0ef1687f2bc
74ed8fec11decd966f2e2f06640c97fd859fc349422578e8bdbdc51d7b9d753d
7767d30e6794773d94a40f3214910da8daa8bb3ff3987efd1f05bea25a1e1a80
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
7a6e8ad7c8517a909020ef2054d008a01a9afc32d6951ad963702fa69c577f8f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f882b91884d56eb2ed330cd73ab06f2560a49faeae0d1eaacb52b2a6c538036
8010d6b4630d23a2de268637bd716adb89d21e8070d2744c13d8eec283e72964
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
89bdbc062078c991e5d8778f400f3e3ef7124270dc68fca0d860554f7949ee46
8a08cb864af8c4a6ef3e24802901f7874e0c114c820c1c18bc09abeab75f6fe6
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b2ab6a7fe3ae86fb84fb7cebcf072592cef358bb73db32fdf2acc0758d63539
8be5b5f0fff7b384ece1fe5afcabe7e2f4549f47e20fc33406186a77ec535b9a
8c68bdf21064ef525d1f6e50a15ac91b19241ae234052e1af638f6779ef774fb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e54cf54044e468826bde311710e96cac79ce702ecca83a3eb30b2f630625c95
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
8f4b262ea13458af3f7508f3c93ac3589bbc01793104d9bfc041de85fcef79f2
903e2ce39dd52ff75b8f25843ce23539a8acf0c8fc8e0c1700ba8d076ee3f309
90c1c5ac252719cc605d5b275a872f2f89535011d2155920bdbb33bcedde66dc
92a3f19eeaae0115fbb45eb907d777247702e5cc532d52a8c43f3b8b6fdd9d67
9466e9e7baf16cf5f9f787bec7685504c8c228cab66a7d871983d223c67a1ade
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
9829cc6c3a731f57b8918238d01a78755692597fb5ed361ad2f0bb940ed07c7d
99507b31a0efe2b33d28b8eefe8aab9c7a38fb3a22ac8bd5a6732b515ed72c37
9961ff8ce61a82e625d8237184b98fed1f2717647e567fab38ea32a49cf42f6e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9e47f731aad7664fa881f0f5a392e368de3a1a028544fde914fdc417c75438b3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29306e7be8b3e743bf8a8431491142e215bf9bb31a004b13f591a4e1c9acc06
a298cac182b7f177f87aa8db4bebd5e51eef11fa67195c85a895231fc9dbf7f2
a3a55fde2f4dadd87644c396ace78507d6e697da6c213c720b8521528c3d07a5
a3b6d73415dcb0f058b071d91a2b24652c9d882ad504b750e78643d9cfdd08ba
a46e02aed78b4773f4039ad8807da53fed0c2384a53b5e2afe6ad6ada85d4336
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4df152d8092ca4305ba2a0a3d82e98f84724d71eda19667f9e70768024a4f1d
a5a4d7ec31e1eafeba8c3ab6589cf8b8b2b624b4c1afb7a62428aff04ada249e
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
a68e2a2bb043653c66e8f3dec7f3c30f972639ba2c1abc6e869cb8ba894cace9
a777f159e928681060a1bbf68cec35a088786e5f01c5cb359305e1fa7e540920
a7caa6ba90a8dbe1664a7c76a133cfc98bd16cac31164fb8f42eae0e9c6e6a06
a84714edc59a71269e99b1606db770b5ee4c5839f6a11dd91bdd6bc1e6c02f09
a87a1c72b2e889b01c62c7093236a5996d011ffef5a5db018a7e4ee78f04cf9f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa2e6d7260e270393b7b3f3426f0c8217e6eda69d9fbe7bfaf07de071cfc024f
ab420a1b05301d25dd20fcd88331d007bf6208241e9ea887b5e6fe3ff89f730b
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad4233d382a13f75eca9f55dbce03b0cc519d92dc9f809cd39621f028071fdfc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04b0986785f2ae14f7860ba163708c892a8ef27074ce84dbe0f2fa9af1852b0
b083d6f8e252a0b4517aba24b98ef64c736edf01fbe64bfa3cf5d754d475e512
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b238ff3fb792b2efa823989c3273b89670a87da10632d6be9c81c43206f86fdf
b2446a5c0c3b7d51ba936ccf65b620542bc8b282ccaea304a2ad1efaa4b7ea88
b2dca40a34050d90011424380bc9f6173bc1df4ea0287b99db19f6e12d8a26b1
b3d07383eaafa1a28161e0d58a2cce46a6adb2836603eea46f3676b54cc0cd49
b45c62c7ea907efdd19b2ba950d0a8f261a514e34195a1e3b547ba8876b83862
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b52af864857a3b08cd72e8f4c4cb03433aa01e79fd5d902b998ab4baa810eda0
b70c6c2ed793b5c4a9e9a7d543b489f810cfbcfba4fa326fc5730d2291fc5e38
b74305ffd68cc61db02b96052faeb51d2d6d65add7bfa636c9799c0f40611d49
b784ff8bf29e600d8e33ffe73e8007e9a568e593898f31ffc6428b7891dea555
b7c43fd75a6ed3a267427a714feebb9a1e4ba350dc540ffb2cddb472ac27bc25
b818254dfc983fb2732ecfc54815327606434288e6eb0c0c0b7e8523e14b6c9f
b89c23f6edff4a12c3ff51c184d20050547784de40e4b7be2f3c6200d8fe2668
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5447229d4076d8d91ddc1cc95574532bdb8733a41d06f2689a6dc5d915de23
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
be1488d5f04affaf2faef15fe3b96a8828ee41aa3df4e5928f8dac13f315c6d2
bfdf00749956f6260789dc87aede295ef64a8e14af848adaedb4c1f48212c04e
c10ea2e728234e27b7c02f7ae456bbcbd141b9a8d3e12f9b0c69c7a5d09068dc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b09fa1e6c8b988c3ce941bc127875d077cfb2b38a4549bf9d8f20605a120a1
c592df00f791d997e02e6d5b18e1b2dd8b3bea69e43fb29e8ececa28025f4195
c599f96659ce07649e90b86b90732f1293b042e212423e7366794ada841d688d
c7cbb9e69db713c18a156fec645f54d002f1f5627abb2e5ab63f3d5a88601e2f
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
cb8ebe7e0bd9830e60f63e57b072cee5ca24937f47519da3176809aa0b697bb3
cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffc422f5c01321479a6008888cd84091a509e800b3dd51e26694682bfa2258d
d00a7d747022d19e7c8b897b1bef97aaddccbfeb9e475437566dabf7266e2777
d08cdad175344acba124ab88b2afbeec7779e8ddf5c9cf456c1133b8885192ed
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d24d15fb3db6eb6596da4bef4cea5d6205cf5d80b519c9dab1085055e4f9cbc9
d485c4dc543229efe5d97016e8b0efec6824111dbc9aca88d586ece94fa7ab11
d57b72eab46863e9c71c04589510c2e4b8e68d928f054421bddc11b8a0102a02
d6654488286bdf8dacb9b7e890fe75d6e10c158892baf8494d0cbae218088828
d69f9244c8053f228c6e086a4106e1f696bb8ed21fe6e210e76b612cac784733
d74bee7fd7f696f1d12267064500896b813520e0eba8b058c9895e9f13d12130
d8ed748859a20af156216b18113f0837aa9d0ffeb1652af5925c3815a38e2182
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dbae8351af52c4be1945495f4b3944c14907afbaced43e993c6863e55b6d88e8
dccaeb8aa4f4c779e6d9f2b0d51445b928b8f3d5275f673ea8f9559348dbe612
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
e2cbfcacc9d5d0f8871ee8f217873a4dc579c80403940429af11fbe2ec021b12
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e58dd6001ec35b05f71949fda9688eaf3a6a9e01a60f07b7bc99dd030485735c
e5e774e19cd95c72e83aea77ba01b779a4c64b9aa6832759f6f0ee1aceba605a
e6cf4df949bf6e7f5ef1a61c546be3c50e7eb119e8620b8206ab395a29058351
e760cc70aa82d03ecbb3f7c1a228e2229dbaa94b232c230fcaee2ae2b4aa7e8a
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
eb49762bac0f22b332fc93eb47e3e4799e052b05f07073b8be9f1616baf75162
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
edc10b23a71864ddb341c4d79ad18a8c86fee40514bcfba4377287b028a6f6c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20c487da288a57a0f215a7913dd47d337d56d69c183883c5b5ae5d82edac8bd
f2f26c5ed9c941843c4488f476a90315117ca80a67a57d5c2e9d39de61ef9bf6
f32d63042b35cb231ada6c726b5f9b472efa8e0e639019750151f6b00f2bd77c
f4726e859dd2230293e1d3b48e9432dbb22afd5ee9672b5318258b53803c580f
f5c692a30ba514fd36fdf3aa960d0b027ef22bcc81fa8ae10e531da07dbf5512
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7cd1812d15b5a9fd9803070f2ec92cb1e375e69a7aa318682c7bf4ee90d424d
fc90b97c332ebea117c9304b72afcb165c336c08e9ab6db4a41bb71b54ba4f55
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff20ac3a2bc1b99c0fbfbf4ba1ef93c891607717ea6945eccd68c1e345d6ca3f