vi2.svetzdravlja.org Open in urlscan Pro
2606:4700:3032::ac43:9930 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vi.svetzdravlja.org/
Effective URL:
https://vi2.svetzdravlja.org/
Submission: On August 04 via api (August 4th 2024, 3:14:36 am UTC) from US — Scanned from US

Summary HTTP 90 Redirects Links 99 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 25 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3032::ac43:9930, located in United States and belongs to CLOUDFLARENET, US. The main domain is vi2.svetzdravlja.org.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.

This is the only time vi2.svetzdravlja.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 26	2606:4700:303... 2606:4700:3032::ac43:9930	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	2600:9000:250... 2600:9000:250b:fe00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:200... 2600:9000:2009:3800:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
6	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
8	2607:f8b0:400... 2607:f8b0:4004:c1d::64	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2600:9000:24f... 2600:9000:24f0:f200:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	147.28.129.140 147.28.129.140	54825 (PACKET) (PACKET)
3	2606:4700:10:... 2606:4700:10::ac43:2ac9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:251... 2600:9000:2511:7a00:a:e047:754:6941	16509 (AMAZON-02) (AMAZON-02)
1	100.24.111.98 100.24.111.98	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c1d::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::67	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	125.253.89.176 125.253.89.176	19437 (SS-ASH) (SS-ASH)
90	34

26 2606:4700:3032::ac43:9930 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

vi.svetzdravlja.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vi1.svetzdravlja.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vi2.svetzdravlja.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
svetzdravlja.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.svetzdravlja.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:250b:fe00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2009:3800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1d::64 (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c04::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:f200:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:7a00:a:e047:754:6941 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.111.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-111-98.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

f3c390c5334aa4c9516ae8f755bde62b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c1d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::67 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a00b::12 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.253.89.176 (United States)

ASN19437 (SS-ASH, US)

sync.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	svetzdravlja.org 2 redirects vi.svetzdravlja.org vi1.svetzdravlja.org vi2.svetzdravlja.org svetzdravlja.org a.svetzdravlja.org	777 KB
9	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 www.google.com — Cisco Umbrella Rank: 10	141 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
6	yastatic.net yastatic.net — Cisco Umbrella Rank: 4613	193 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	180 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 553 mug.criteo.com — Cisco Umbrella Rank: 2813	1 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 f3c390c5334aa4c9516ae8f755bde62b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203	19 KB
3	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 14937	195 B
3	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6957 invstatic101.creativecdn.com — Cisco Umbrella Rank: 3616	2 KB
3	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 22538 sync.quantumdex.io — Cisco Umbrella Rank: 9703	519 B
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1162 sync.a-mo.net — Cisco Umbrella Rank: 3188	2 KB
3	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1074 mc.yandex.ru — Cisco Umbrella Rank: 2503	175 KB
3	optad360.io get.optad360.io — Cisco Umbrella Rank: 19827 cmp.optad360.io — Cisco Umbrella Rank: 52014	213 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1233 id5-sync.com — Cisco Umbrella Rank: 645	28 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	13 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 3230	24 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	3 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 505	570 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 4335	4 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 992	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2913	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2483	239 B
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 53010	8 KB
1	zx-adnet.com cdn.zx-adnet.com	7 KB
0	bigmp3db.com Failed www.bigmp3db.com Failed
90	25

	Domain	Requested by
18	a.svetzdravlja.org	vi2.svetzdravlja.org
8	fundingchoicesmessages.google.com	get.optad360.io securepubads.g.doubleclick.net
6	mc.yandex.com	2 redirects mc.yandex.ru
6	yastatic.net	yandex.ru
5	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
4	svetzdravlja.org	vi2.svetzdravlja.org svetzdravlja.org
3	ssp.wp.pl	get.optad360.io
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	prebid-eu.creativecdn.com	get.optad360.io
2	useast.quantumdex.io	get.optad360.io
2	prebid.a-mo.net	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	mc.yandex.ru	1 redirects vi2.svetzdravlja.org
2	get.optad360.io	vi2.svetzdravlja.org get.optad360.io
2	cdn.jsdelivr.net	vi2.svetzdravlja.org get.optad360.io
2	vi2.svetzdravlja.org	vi2.svetzdravlja.org
1	sync.quantumdex.io	get.optad360.io
1	sync.a-mo.net	get.optad360.io
1	match.adsrvr.org	get.optad360.io
1	www.google.com	tpc.googlesyndication.com
1	f3c390c5334aa4c9516ae8f755bde62b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cadmus.script.ac	script.4dex.io
1	cdn.optad360.net
1	cdn.zx-adnet.com	vi2.svetzdravlja.org
1	yandex.ru	vi2.svetzdravlja.org
1	cmp.optad360.io	vi2.svetzdravlja.org
1	vi1.svetzdravlja.org	1 redirects
1	vi.svetzdravlja.org	1 redirects
0	www.bigmp3db.com Failed	vi2.svetzdravlja.org
90	40

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
svetzdravlja.org
ar.svetzdravlja.org
az.svetzdravlja.org
be1.svetzdravlja.org
bg.svetzdravlja.org
bn.svetzdravlja.org
ca1.svetzdravlja.org
cs1.svetzdravlja.org
da1.svetzdravlja.org
de2.svetzdravlja.org
el1.svetzdravlja.org
es1.svetzdravlja.org
et.svetzdravlja.org
ga2.svetzdravlja.org
fa.svetzdravlja.org
fi1.svetzdravlja.org
fr2.svetzdravlja.org
hi1.svetzdravlja.org
hr.svetzdravlja.org
hu.svetzdravlja.org
id1.svetzdravlja.org
is.svetzdravlja.org
it1.svetzdravlja.org
iw1.svetzdravlja.org
ja.svetzdravlja.org
ko1.svetzdravlja.org
kk.svetzdravlja.org
ky.svetzdravlja.org
lb2.svetzdravlja.org
lt.svetzdravlja.org
lv1.svetzdravlja.org
ms.svetzdravlja.org
mr.svetzdravlja.org
nl1.svetzdravlja.org
no1.svetzdravlja.org
pl2.svetzdravlja.org
pt2.svetzdravlja.org
ro.svetzdravlja.org
ru1.svetzdravlja.org
sk1.svetzdravlja.org
sq.svetzdravlja.org
sr.svetzdravlja.org
sv1.svetzdravlja.org
ta.svetzdravlja.org
te1.svetzdravlja.org
tg1.svetzdravlja.org
th1.svetzdravlja.org
tl.svetzdravlja.org
tr.svetzdravlja.org
uk.svetzdravlja.org
ur.svetzdravlja.org
uz.svetzdravlja.org
zh.svetzdravlja.org
af.svetzdravlja.org
am.svetzdravlja.org
bs.svetzdravlja.org
ceb.svetzdravlja.org
co1.svetzdravlja.org
cy.svetzdravlja.org
eo1.svetzdravlja.org
eu1.svetzdravlja.org
fy1.svetzdravlja.org
gd.svetzdravlja.org
gl1.svetzdravlja.org
gu.svetzdravlja.org
ha.svetzdravlja.org
haw.svetzdravlja.org
hmn1.svetzdravlja.org
ht1.svetzdravlja.org
ig1.svetzdravlja.org
jw1.svetzdravlja.org
km.svetzdravlja.org
kn.svetzdravlja.org
ku.svetzdravlja.org
la1.svetzdravlja.org
mg1.svetzdravlja.org
mi1.svetzdravlja.org
mk.svetzdravlja.org
ml.svetzdravlja.org
mn.svetzdravlja.org
mt1.svetzdravlja.org
my.svetzdravlja.org
ne.svetzdravlja.org
ny.svetzdravlja.org
pa.svetzdravlja.org
ps.svetzdravlja.org
sd.svetzdravlja.org
si.svetzdravlja.org
sm.svetzdravlja.org
sn1.svetzdravlja.org
so1.svetzdravlja.org
st1.svetzdravlja.org
su1.svetzdravlja.org
sw.svetzdravlja.org
xh1.svetzdravlja.org
yi.svetzdravlja.org
yo1.svetzdravlja.org
zu1.svetzdravlja.org

Subject Issuer	Validity	Valid
svetzdravlja.org WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2024-07-12` - `2025-01-09`	6 months	crt.sh
bitvalvesite.online WR3	`2024-07-27` - `2024-10-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2024-05-20` - `2024-11-17`	6 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.optad360.net Amazon RSA 2048 M03	`2024-05-26` - `2025-06-25`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.a-mo.net R11	`2024-07-04` - `2024-10-02`	3 months	crt.sh
quantumdex.io WE1	`2024-07-30` - `2024-10-28`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
*.wp.pl RapidSSL TLS RSA CA G1	`2024-03-04` - `2025-03-14`	a year	crt.sh
script.ac E6	`2024-06-23` - `2024-09-21`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-07-18` - `2024-10-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com WR3	`2024-06-18` - `2024-09-16`	3 months	crt.sh
id5-sync.com WE1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
cdn.prod.uidapi.com E6	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.id5-sync.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://vi2.svetzdravlja.org/
Frame ID: D579F56763199B0346C6C0FA3BA1CB4B
Requests: 81 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: A18C2012E072C02686EA94D45B36B522
Requests: 1 HTTP requests in this frame

Frame: https://f3c390c5334aa4c9516ae8f755bde62b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D68BD8B617944E910DDA4D8704850D68
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30BBEB36358012BF65636302A800BE06
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9883DE282DF4FF4D33FEED79BCB8BD64
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 89A6FE7AE02B41B574B00629060FC236
Requests: 1 HTTP requests in this frame

Frame: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CvsBShR2aTIuc3ZldHpkcmF2bGphLm9yZ1ILYWFzLTQ5NTdjZjVaCHBiYTEuMy4zahR2aTIuc3ZldHpkcmF2bGphLm9yZ_oBBjguMjAuMOgCAYgDleS7tQaoAzTqAyRiZTVjM2JjMC04MjYzLTRhNjUtYjA5OS0wMjIzNTI1MDY5YjKiBB1odHRwczovL3ZpMi5zdmV0emRyYXZsamEub3JnL6oEA0RDSLIFA1VTROoFB2Rlc2t0b3D6BQRkYzEzwAYAyAYBqgcDd2ViygcQc3ZldHpkcmF2bGphLm9yZ-AHAYIIEHN2ZXR6ZHJhdmxqYS5vcmeKCAZjaHJvbWU
Frame ID: DF1EFDD02FB42AE056DEB96F18E31E9C
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 87EBD389759A446F2816903BBB73544E
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=14588848521226306000&sn=mc_adapter
Frame ID: A4AB49127011DE7117175334590C349C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thông Tin Y Tế Và MẹO SứC KhỏE BạN Có Thể Tin TưởNg 2024

Page URL History Show full URLs

https://vi.svetzdravlja.org/ HTTP 301
https://vi1.svetzdravlja.org/ HTTP 301
https://vi2.svetzdravlja.org/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

90
Requests

93 %
HTTPS

64 %
IPv6

25
Domains

40
Subdomains

34
IPs

4
Countries

1813 kB
Transfer

4716 kB
Size

117
Cookies

99 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ar.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://az.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://be1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://bg.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://bn.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ca1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://cs1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://da1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://de2.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://el1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://es1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://et.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ga2.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://fa.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://fi1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://fr2.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://hi1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://hr.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://hu.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://id1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://is.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://it1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://iw1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ja.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ko1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://kk.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ky.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://lb2.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://lt.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://lv1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ms.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://mr.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://nl1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://no1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://pl2.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://pt2.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ro.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ru1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://sk1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://sq.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://sr.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://sv1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ta.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://te1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://tg1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://th1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://tl.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://tr.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://uk.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ur.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://uz.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://zh.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://af.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://am.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://bs.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ceb.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://co1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://cy.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://eo1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://eu1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://fy1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://gd.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://gl1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://gu.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ha.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://haw.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://hmn1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ht1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ig1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://jw1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://km.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://kn.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ku.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://la1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://mg1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://mi1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://mk.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ml.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://mn.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://mt1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://my.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ne.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ny.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://pa.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://ps.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://sd.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://si.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://sm.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://sn1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://so1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://st1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://su1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://sw.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://xh1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://yi.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://yo1.svetzdravlja.org/

Search URL Search Domain Scan URL

URL: https://zu1.svetzdravlja.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vi.svetzdravlja.org/ HTTP 301
https://vi1.svetzdravlja.org/ HTTP 301
https://vi2.svetzdravlja.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10450.p1AWLEjPrM8esGA_Ii0JfxQdBd_Wf30GZQtdkm7qTJ1y_PYdt4fxI1Q1_twv4f8Y.-9EffAk2SZbHtsOs28SJZUzeA40%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10450.33Hh73cpMDrd3gkE0fD_VUCbrUwbE13sicUIWPfXNETdE8fxaDCLKT9E7Nhnz2ianJyrS411eTzWPV_s21cwKqMP0UvYG8RlNfaCo2CgiaFiPV2KHzQ5xYMT1YvEHhLtTQD1r3-zdZteNfiXzskn10uRE83lNY2BBx_Wf5N7qUZ-v22wu2soKjb2k-8ic9DsZtiLp0EpROyPQ0LY6uABweAm3uU0brlRzvBv-COCfzU%2C.ZaqwLCL_5ensiKLVnX9cd0QinFE%2C

Request Chain 81

https://mc.yandex.com/watch/66105886?wmode=7&page-url=https%3A%2F%2Fvi2.svetzdravlja.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A115294761069%3Ahid%3A985691729%3Az%3A-600%3Ai%3A20240803171430%3Aet%3A1722741270%3Ac%3A1%3Arn%3A784682912%3Arqn%3A1%3Au%3A1722741270390664671%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1805%3Awv%3A2%3Ads%3A0%2C0%2C220%2C191%2C998%2C0%2C%2C3%2C0%2C2753%2C2753%2C4%2C1745%3Aco%3A0%3Acpf%3A1%3Ans%3A1722741266869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722741271%3At%3ATh%C3%B4ng%20Tin%20Y%20T%E1%BA%BF%20V%C3%A0%20M%E1%BA%B9O%20S%E1%BB%A9C%20Kh%E1%BB%8FE%20B%E1%BA%A1N%20C%C3%B3%20Th%E1%BB%83%20Tin%20T%C6%B0%E1%BB%9FNg%202024&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
https://mc.yandex.com/watch/66105886/1?wmode=7&page-url=https%3A%2F%2Fvi2.svetzdravlja.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A115294761069%3Ahid%3A985691729%3Az%3A-600%3Ai%3A20240803171430%3Aet%3A1722741270%3Ac%3A1%3Arn%3A784682912%3Arqn%3A1%3Au%3A1722741270390664671%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1805%3Awv%3A2%3Ads%3A0%2C0%2C220%2C191%2C998%2C0%2C%2C3%2C0%2C2753%2C2753%2C4%2C1745%3Aco%3A0%3Acpf%3A1%3Ans%3A1722741266869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722741271%3At%3ATh%C3%B4ng%20Tin%20Y%20T%E1%BA%BF%20V%C3%A0%20M%E1%BA%B9O%20S%E1%BB%A9C%20Kh%E1%BB%8FE%20B%E1%BA%A1N%20C%C3%B3%20Th%E1%BB%83%20Tin%20T%C6%B0%E1%BB%9FNg%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Request Chain 84

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvi2.svetzdravlja.org%2F&domain=vi2.svetzdravlja.org&cw=1&pbt=1&lsw=1&gdpr=0 HTTP 302
https://mug.criteo.com/sid?cpp=7mDjlnxCR0Q5bUJrVjhkTHlId1FXQUlmeVNMa0o2V1pKbkgrNk10Smc4SG5JL21NMGthVTFtRkQrcG81dE1GbkNlZm10OXQrTm03azlGNkNXNGRpbnVEbnhGcURpNkNRY29pZVlZZSszUjVPUEZ3bzg2TXVJRmZVU2x3SXdkWCtYYi85ZTJWOVVzeE5iK3BwM2FxVGVnaFJpUWZPQzhYc1I0OG1sYURnUkhaLyt6NDJjR0h0UEU0SkorTVE2dDY2RTdEQXVxb2NhVHVxTW96MEFmZGVURm43VExPUDl4VE9VamJzdHdtZGp6RHMxT0tpTEhCb1NxL1EzMTVvODBtaGdMMWRFeXJTVXpNOUx1eW9vNkJ5ajlERkxndz09fA&cppv=2

90 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
vi2.svetzdravlja.org/
Redirect Chain

https://vi.svetzdravlja.org/
https://vi1.svetzdravlja.org/
https://vi2.svetzdravlja.org/

61 KB
10 KB

400ms
221ms

Document
text/html

2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: c76ce2589da2ab1fc9f65a0bcb7a2e781dc0fd66c9a5d6027512a6a8a66e83c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 8adb609d5a4843b2-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Aug 2024 03:14:28 GMT
expires: Mon, 05 Aug 2024 03:14:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWTGDib1gyFgJJ1viMnqMOBO0Li3VLcHDinhjHrR%2BXK8yMaRiLbYLdRWy6%2BQ%2BGOXF0XktqGiULjcoc%2FA2nyQUxfF2DiO3%2F2tib4wGVjJUJqBt2maKf7mEYZnXgIBe%2FjoVjSOGhI4AQIOkAAxehs73%2BYvEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 8adb609ac88215bb-EWR
content-type: text/html; charset=iso-8859-1
date: Sun, 04 Aug 2024 03:14:27 GMT
expires: Mon, 05 Aug 2024 03:14:27 GMT
location: https://vi2.svetzdravlja.org/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMUOQ0FX%2BFqsL%2Fgx%2FNcG1hsct%2FbBwOnBPg3xYriPsx1tY30dznjDFYdVk%2F1iyygNn91ttj4fIRZ13re%2FpSyFzi8CvewNnBVCvAbaAhGzAXIyxlsWZk3bsG3XiQOQJVlB1SveNqfjWrMy2s8ne0vWV%2BqVPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 style.css
svetzdravlja.org/template/history/css/ 266 KB
70 KB 183ms
32ms Stylesheet
text/css 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://svetzdravlja.org/template/history/css/style.css
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5792e440168ba67335797d740a78bbbeb4be18fc36b622526e5a33ded406178b

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111522
cf-polished: origSize=273083
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 09:08:21 GMT
server: cloudflare
etag: W/"42abb-5efee4fafd91b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyWYPSFCyhp3QImY2YUG8lDuVnMndNNH3bgAqJuitq1Ah2%2BZsNQMBJ5eg55wy2vdT5Gx4y4XcIhpoAHuyYzcx4Rl32u%2FPKiek%2BIbc2vjVUbyBTO3rxM3eJ5kNzva9Zhh2kqb6ZfiLnxUl7hmBIat"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 8adb609fcd7b43b2-EWR
expires: Fri, 16 Aug 2024 20:15:46 GMT

GET
H3 200 yt.css
svetzdravlja.org/template/history/css/ 69 KB
44 KB 175ms
25ms Stylesheet
text/css 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://svetzdravlja.org/template/history/css/yt.css
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb68a2f4769c3b5b9db89c4ff476c71a3167df78dbc0dfbe9c65d850e799b5d6

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111522
cf-polished: origSize=70933
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 09:08:22 GMT
server: cloudflare
etag: W/"11515-5efee4fbcba14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2F2Nzhc3EeKaHqw10zeUG97ApZWHFghWMvpIlMpzch1VMTOmYsPMnyW5QyETSpkcOzOX3KefgqrC3l%2FRJ47cdyGY4txJB4hDkbkwaujBS%2BsPBpD2z7JoGqvW7KKqwKcFxn%2F07rNJ0E0XOdVyz%2FBQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 8adb609fcd7c43b2-EWR
expires: Fri, 16 Aug 2024 20:15:46 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 44ms
19ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 04 Aug 2024 03:14:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 10432
x-jsd-version: 3.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1363
x-served-by: cache-fra-eddf8230078-FRA, cache-lga21941-LGA
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 carbamazepina-tegretol-o-que-para-que-serve-e-como-usar.webp
a.svetzdravlja.org/healths/ 30 KB
31 KB 555ms
324ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/healths/carbamazepina-tegretol-o-que-para-que-serve-e-como-usar.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae6c209c4f6fdb59ca5c15ca7c8abebfcd020989554dfdee95fc995ef175c62

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31038
last-modified: Sun, 11 Sep 2022 11:25:49 GMT
server: cloudflare
etag: "793e-5e8650a856abe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oyf00PmacALfIY5MLLw9gIYpQJyTpI%2F1nRM7rza6c7QeiVOLgSoN3bmAKJ2BBcaaW6O%2BWtQs2jfMhUCO5c38g2NgIhz%2B0VRaA0d9hogenHYARaL4iTJ7klOysRX%2FsCsyqP9ND7nHvdwZ6a9pIdlXsn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0be6e43b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 this-7-ingredient-recipe-is-an-all-natural-fighter-against-inflammation-1.webp
a.svetzdravlja.org/health/ 41 KB
41 KB 558ms
331ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/this-7-ingredient-recipe-is-an-all-natural-fighter-against-inflammation-1.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5da3c5820be563ca66f1b1c1ebc9ba5f089c15c6f0b0dfdfec7ee01f139fbeb

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 41496
last-modified: Sun, 11 Sep 2022 10:48:40 GMT
server: cloudflare
etag: "a218-5e86485ad250e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmldiV%2BcccKOUNFqy%2BWA4Cwnxs8DAwVg09cojeHRR26sgZTWiqMN4o%2B%2BT%2FE56ylXyCNhNIIvluuBuNofxlvIoPuFmmIWvwqtHmvy%2FCVJy5IRHhCVTaApmrD1azf6X2gf%2BmOtkcBMBD0duv7g7IUGzuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0be6943b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 7-exerccios-para-o-ps-parto-e-como-fazer.webp
a.svetzdravlja.org/healths/ 19 KB
19 KB 564ms
336ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/healths/7-exerccios-para-o-ps-parto-e-como-fazer.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a974a873c3f8f3dc58f49db63225e333d67f4513912d7a99a3309782c6790dbe

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 19020
last-modified: Sun, 11 Sep 2022 11:20:52 GMT
server: cloudflare
etag: "4a4c-5e864f8cc3f3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VB2r0ZIv4FtbdVKEsRry17ZoBzb2W1FVuxX7c0uzaauNsvhTICJwRvJzt%2Bx6nbjpeUWqqwRlyabvVcPKdfuesUZgZXQDvwrCc6%2FvE8aBfsPYWoO8eie2JyYqEz05eDbJD3XNTh1JOWUwnrqPSyuNeQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0be6c43b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 identifying-and-treating-a-yeast-diaper-rash-1.webp
a.svetzdravlja.org/health/ 31 KB
31 KB 564ms
338ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/identifying-and-treating-a-yeast-diaper-rash-1.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09be8ac772a1d04c2a83dae0e370e0a2537312ebe895643d0bbc7bac23ca7292

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31402
last-modified: Sun, 11 Sep 2022 10:30:33 GMT
server: cloudflare
etag: "7aaa-5e86444e3b71d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RYKxCqJBfQgm4Z4p81kfAl25MXyoDiRiCUhpBUyaHOjnQMsdXhCc2e0xvPU0s%2Fbyi5fN4z2ffujpen0brDCRIpxB9%2FHUJj3pFxUuVpkgR5tkPKeXvuhkQu0VoOjfDQHLV%2BYVv0BrYDCobGRfHs3oHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0be6843b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 millipede-toxin.webp
a.svetzdravlja.org/medical/ 18 KB
19 KB 248ms
23ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/medical/millipede-toxin.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6841c621f319b62acf9d5760906c469c8772fd608366483274a633ae33bc64bd

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73907
alt-svc: h3=":443"; ma=86400
content-length: 18416
last-modified: Sun, 11 Sep 2022 10:53:33 GMT
server: cloudflare
etag: "47f0-5e8649726977b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IPCWIN8D8qgFD3AKQPTeL30%2FDasAyArdPRC1M3Q8X%2F0lhGpT%2FoENZ%2FYv%2B74TvY7bdXjC%2FJNp9EsG4b9hUFCmw6rMumfFZ%2Fl%2Fa5nsohGbbd0HS%2FGp2aAYB8vwhn%2BtRZkEV3j%2FrRczVGmcofDmH9S0tOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0ae6643b2-EWR
expires: Sat, 10 Aug 2024 06:42:41 GMT

GET
H3 200 please-read-this-if-social-anxiety-is-ruining-your-dating-life-1.webp
a.svetzdravlja.org/health/ 66 KB
66 KB 655ms
433ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/please-read-this-if-social-anxiety-is-ruining-your-dating-life-1.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce4049393341d506c0c7451f86f877745941aa57a1b72762973dc774ad84339

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 67140
last-modified: Sun, 11 Sep 2022 10:46:38 GMT
server: cloudflare
etag: "10644-5e8647e644fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXFYCVkzBAcKckyONrHc5gxuuVn5V%2FSp8wkiX19XAzdajifZsohjp4BH0eF14EFKzj0qt%2BtgxACzOVsveryAKqseqnINTSFPDQOhyFn6d4rg7iOjcPKDPTXXtGpFZ24Ygao0RN9fFyEW%2FuJ8V82KaAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0ae6443b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 keyto-is-a-smart-ketone-breathalyzer-that-will-guide-you-through-the-keto-diet-1.webp
a.svetzdravlja.org/lifestyle/ 48 KB
48 KB 21ms
20ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/lifestyle/keyto-is-a-smart-ketone-breathalyzer-that-will-guide-you-through-the-keto-diet-1.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f3fd311ceddefdf87d9985faab220c23765e740d431f6e3331bb7a8e05186a

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73907
alt-svc: h3=":443"; ma=86400
content-length: 48954
last-modified: Sun, 11 Sep 2022 11:01:15 GMT
server: cloudflare
etag: "bf3a-5e864b2a9dd30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPRcLpSitKNnbtB9Wh77%2Fmb9aT%2Fg1PMy0LU5t1OTIMWgmX13NqW0cZcaurI5KcS5UUyqxpIBAkk3ujQUzaw0lJU9%2BmR%2FgHA7GHgGlxFgw%2Bm2IerZ6WQ%2FoYIAhANoNTE8wxDN%2F4fAOE8xT%2B1ArhXWQV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0de8e43b2-EWR
expires: Sat, 10 Aug 2024 06:42:41 GMT

GET
H3 200 what-is-ovarian-torsion.webp
a.svetzdravlja.org/health/ 38 KB
39 KB 503ms
501ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/what-is-ovarian-torsion.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c2f8e08244f1e7d91ac74f8b74600e5252f6f29a5e90e370baf6e2ffcf39ed

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 39302
last-modified: Sun, 11 Sep 2022 10:19:07 GMT
server: cloudflare
etag: "9986-5e8641bfb2bd2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XjL3xNbViabqPX16Qdo6b6G9oyx9l6AUFTNKicAXEiOhCYEEBrVUGTe0hfgWDCSomiRc33bFvCVIrNRYdLvCSH5%2FS6%2Fsb1mBXpijk9IComreXmI65aUQ0MGHb1vAY417MxwJvSr3YomYBmrwapUTCEU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0de9143b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 como-limpar-menina.webp
a.svetzdravlja.org/healths/ 37 KB
37 KB 318ms
316ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/healths/como-limpar-menina.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3887e502f06eaf523d059c14c600d10c555a8f0f8df4cfd5eae07ff03c03c12

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37620
last-modified: Sun, 11 Sep 2022 11:21:25 GMT
server: cloudflare
etag: "92f4-5e864fac4bf94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fxfFoN90qBDrKrmdb%2BuAAl7zlL%2Fu8F1ZpwxVaheaLbEr6hHHuFh2BIfWOBpgz8sp%2FRAFekreqhfhp0D4pvUkrHly0q9FdSZxuB5PDwB6cgg5ix8oDiBLHYZ%2FtpDWeE%2BqVY%2B1l1zhPAiTzOIlj7%2F7eNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0de9243b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 body-lice-1.webp
a.svetzdravlja.org/medical/ 15 KB
16 KB 327ms
326ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/medical/body-lice-1.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2addd267aaa8138ebfd55a43f9a7e93a074130f169f9fe8d90fc1b031fcc868

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15748
last-modified: Sun, 11 Sep 2022 10:53:03 GMT
server: cloudflare
etag: "3d84-5e8649558e86d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAEyYZLSfoPwpC73rOr9soIszDl2W5%2FSsCDN2ZGkQ0CSqRgL%2B%2BXLGnNC4gVNI%2Bom59PXu9Bq2BO%2FfmtMI6P1NXVKRuNIxyqllI3y8iDMvt4aG0PoGYOwwuDiaOYjLRLLmMFHAb%2F58rgxFAyK9HJKXrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0de9343b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 tennis-elbow.webp
a.svetzdravlja.org/health/ 9 KB
9 KB 218ms
217ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/tennis-elbow.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f87a7f176f339c8129e8d7c500db05cc54da32f93beca1a48589ff4dc13dd9ad

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9204
last-modified: Sun, 11 Sep 2022 10:23:59 GMT
server: cloudflare
etag: "23f4-5e8642d5d93a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePVoKd8w4%2BmIpDhFVgMRTz0wf7jlpj68%2F3F6g6L1jy2osU4uhipeTW2RJUT9stqgxUatx0kDmiDqEm7JnV5toautZNb23vnTKeQVhHza%2FaboQzPc4a9I%2FyWprgU9dBdz3HgFgOmOlZVZQMAGYIX2tQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0de9543b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 crazy-talk-is-my-anxiety-around-covid-19-normal-or-something-else-1.webp
a.svetzdravlja.org/health/ 34 KB
34 KB 340ms
338ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/crazy-talk-is-my-anxiety-around-covid-19-normal-or-something-else-1.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e09edc3dd35222fae5503bdb406f90c10eb20ee81da283135a3a2484c1aa8d9

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34320
last-modified: Sun, 11 Sep 2022 10:41:55 GMT
server: cloudflare
etag: "8610-5e8646d8ab88e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXyQ4n%2FA2ZDU%2BJq4JapeiHWVxFFkPVDEDMyXdXDq1vuUSn7BVEkHq1j%2BYMq3%2FYofxOCTs1TLWfgIr5L62ybmp7AqCsmcQ8WntnTXi1aJao8Dudf3SxnZ8ATBOy9btQ5GsvLy6%2F3tynMJGJn2jtwvCGM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0de9743b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 sore-throat-vs.-strep-throat-how-to-tell-the-difference-1.webp
a.svetzdravlja.org/health/ 24 KB
25 KB 369ms
368ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/sore-throat-vs.-strep-throat-how-to-tell-the-difference-1.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b140f3cb30e8010beb35e16a36fd68c7bae80aadedd58325620d97eccfb3b23

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25082
last-modified: Sun, 11 Sep 2022 10:42:05 GMT
server: cloudflare
etag: "61fa-5e8646e25a5e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPRp4VFpocjOMN54PfNGMGcG3xUvfGyaGiBSV6F2APezJeh%2BtkSvUS4Rg1L9FGzAbmD9mDMOTfjF8E%2BmXG68kw0bRZkk217Tsjta00YEHWBom8BPnPVMJYTC1pRWSSqtlotNNzAoMTu5%2Fig4a4r6vC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0de9843b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 i-tried-extreme-fasting-by-eating-once-a-day-heres-what-happened.webp
a.svetzdravlja.org/health/ 60 KB
61 KB 622ms
619ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/i-tried-extreme-fasting-by-eating-once-a-day-heres-what-happened.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc85be3ba448be36ed4c068c0d36cbaa185ba99099ced504b9292ade40106fc

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 61876
last-modified: Sun, 11 Sep 2022 10:35:10 GMT
server: cloudflare
etag: "f1b4-5e86455669e5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JYTCf7HTXwY6V%2BcsxZY%2BZ%2BV7o7CXYL3V0f4f3iXX1xoGPFyppaKnqozzmaaKotgehv6peGHO63parJ%2F0xEbwhkezFzhIMJNeEGPMNdLfiuRfXeHHJcXwBxrNpjrJ%2Bg40yJaVM4FegrTuGJE83kWSxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0de9943b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 a-guide-to-drugs-for-arrhythmia.webp
a.svetzdravlja.org/health/ 27 KB
28 KB 318ms
314ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/a-guide-to-drugs-for-arrhythmia.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb7b2505881bd95b346946898bac6e7d6a2de49f187a14b7be4dead0ff24cd0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 28038
last-modified: Sun, 11 Sep 2022 10:23:58 GMT
server: cloudflare
etag: "6d86-5e8642d5b93e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFFHKvZS%2BhWq%2F5US5iYZJVOA4JUfd74FtiIsQQwOp3WFbqkeTnkodYfGxh4IypA1BYaa5I6330bTeicKsQ3HFHEtGgMfxUWOvZeeMXvzmRcmwIQ2zQcnqk0vIYlbHO8ApJ4VIfNjj7bGk8v2ETS5nmM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0ee9e43b2-EWR
expires: Sun, 11 Aug 2024 03:14:28 GMT

GET
H3 200 vaginal-bleeding-between-periods.webp
a.svetzdravlja.org/health/ 16 KB
17 KB 715ms
710ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/vaginal-bleeding-between-periods.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2470ae8b108eb33b27393643dd99c21a695e8f60ea4918fbdb88fc4652701350

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16622
last-modified: Sun, 11 Sep 2022 10:36:57 GMT
server: cloudflare
etag: "40ee-5e8645bca2a75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PoiqRDIv3%2BLl9zWtYS5eWt90dvb3yOUO8RJa%2BoWlyv568WkVw%2BRTeqZEiegDSNYk7TpcIOgFkAasV5MK5SHUIJUtplZNdGOyA0YmtfXQ%2FnWJUPu9dZDaHh7p3VW1CelpW9FLCdhyP3Az17BF4Vh%2BYDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0eea043b2-EWR
expires: Sun, 11 Aug 2024 03:14:29 GMT

GET
H3 200 rocket-loader.min.js Show response
vi2.svetzdravlja.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 29ms
28ms Script
application/javascript 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vi2.svetzdravlja.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Jul 2024 21:56:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66a9617e-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UpB2asUv4EBlRXIK1gUCHsvNjA%2F0%2B7cQPyTixMzqc7tKsollpdrsA%2FU9%2FalqB3BdZvkBRI%2BfLylaJQrf4Njb6o89uAxeXzOu25TJX0ssTRlDhthwbEaNx7hpM7erPQ43jBW5wO03OG05OAeaHsKGvoLPZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8adb609fed9543b2-EWR
expires: Tue, 06 Aug 2024 03:14:28 GMT

GET ep_naturalwhite.png
svetzdravlja.org/template/history/img/ 0
0

GET
H3 200 act-fast-to-recognize-the-signs-of-a-stroke.webp
a.svetzdravlja.org/health/ 31 KB
31 KB 1004ms
1000ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/health/act-fast-to-recognize-the-signs-of-a-stroke.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5650e583c20170db94114fbd4dc93a8fa0e5468097cde473829a10b8a56ceac2

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31406
last-modified: Sun, 11 Sep 2022 10:25:35 GMT
server: cloudflare
etag: "7aae-5e86433176d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNjmr1g5rqpoVUpR%2BCPvR4YxwsRr3rg2MJkjFFYG05iWWh%2FaAPgjU07JX2I4kiFTneKWIImDOJmJsS5SCOcn1TNl4ddLbo8mxbQ8hJoMjIMqvsRB4s3nFYC9VoVeRBVsm%2Ffnut3LkQPIlfT8zh1Ok7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0eea243b2-EWR
expires: Sun, 11 Aug 2024 03:14:29 GMT

GET
H3 200 top-12-health-benefits-of-sea-buckthorn-oil-1.webp
a.svetzdravlja.org/nutrition/ 33 KB
33 KB 848ms
844ms Image
image/webp 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.svetzdravlja.org/nutrition/top-12-health-benefits-of-sea-buckthorn-oil-1.webp
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f7f88b21398b529c128679569bdbc34f46f55a244ab545d3e9f155b3b195ab7

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33480
last-modified: Sun, 11 Sep 2022 10:16:22 GMT
server: cloudflare
etag: "82c8-5e864122c2f85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZU0dQHY13RaQxTRnzJfL1WglgwrkrEYYIyp9TuCnwsZjj3G1l4uzT4gSAV3OD2UTGSJetC%2Fdbq%2FWRe142uo1Ty9hPJgTghEKqFw1eL2LMW%2BTXKVd99wAfMmjonzry2JpVnQFyEXcR4cgZpkkHxQB9Gc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 8adb60a0eea643b2-EWR
expires: Sun, 11 Aug 2024 03:14:29 GMT

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 scripts.js Show response
svetzdravlja.org/template/history/js/ 177 KB
61 KB 34ms
31ms Script
application/javascript 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://svetzdravlja.org/template/history/js/scripts.js
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73907
cf-polished: origSize=181106
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Dec 2022 09:08:25 GMT
server: cloudflare
etag: W/"2c372-5efee4fe1e215"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmUeqnWE%2BAHKVYxPwdzkWcwvo%2F%2BFvNLM0XhrGE0waBVFDBKC9zxpG%2Fi6Lrklf3bGL%2FTrMaD%2BddKe7jxSmytUpwzT5%2FfN4fC5sv0%2BIOGWkJnG1U8Yalvk35KV16Syew14HnC6CgvDFWS4ueNpigFl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 8adb60a0eea843b2-EWR
expires: Sat, 17 Aug 2024 06:42:41 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/9f441e8a-040f-4f28-abe5-3d524b146cc2/ 222 KB
48 KB 83ms
18ms Script
application/javascript 2600:9000:250b:fe00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/9f441e8a-040f-4f28-abe5-3d524b146cc2/plugin.min.js
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:250b:fe00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61517efd19dad73a9201ec48a47096882f768882c425637b3e73b1b4c9b27a6a

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 10:29:22 GMT
content-encoding: gzip
via: 1.1 a85e1510327226089dfd77f1b1c39ad8.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2024 07:18:10 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P4
age: 60307
x-amz-server-side-encryption: AES256
etag: W/"fb48679a132bef4bd2866bab007fd9a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: LgEc7BYKJxGRq_5a4t8x40bI_XjuZyodyKIJUprsf1WGityKuf1aLw==

GET
H2 200 38a4ad26-9374-4021-8908-09b23b5e04b5.min.js Show response
cmp.optad360.io/items/ 509 B
904 B 129ms
15ms Script
application/javascript 2600:9000:2009:3800:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/38a4ad26-9374-4021-8908-09b23b5e04b5.min.js
Requested by: Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:3800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d55476038dfe34a53d1e5be0d78fa70b2dde6720d622be9ff8b9c9008b0de52

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 08:14:41 GMT
via: 1.1 603961b1b2dad8873023f00c2744bd6e.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 07:18:57 GMT
server: AmazonS3
x-amz-cf-pop: IAD66-C2
age: 68644
x-amz-server-side-encryption: AES256
etag: "381c4f6280220ef32c8f220972fdfaab"
vary: Accept-Encoding, Origin
x-cache: Error from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 509
x-amz-cf-id: mDP3pTUCdiq5Nzf6W1kTQWnyqgpmBG-6b_F1sRDnZtDrrZu5RAHnEw==

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 366 KB
105 KB 459ms
155ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0c5127802c22453a294aa96710135b20f9b8e2a0eab6ba1baf2cc733804fa6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
etag: "d91e3507ac621b3a7aa25b66afe9adca-1078815"
x-yandex-req-id: 1722741268994849-3118258803143676311-balancer-l7leveler-kubr-yp-sas-113-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 04 Aug 2024 04:14:29 GMT

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 26 KB
7 KB 805ms
51ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.7011522256889386

Requested by

Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fbb34391124417f1861fef126cdcfadc1154022333f18a6758ec39cd0b9f649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits: 0
strict-transport-security: max-age=31556926
content-encoding: br
date: Sun, 04 Aug 2024 03:14:30 GMT
last-modified: Tue, 07 May 2024 17:47:02 GMT
x-timer: S1722741270.382217,VS0,VE38
etag: "5192776ee81d109741ecd353d9f00d8e72a8be2eb4295ad0769ef002fbf30768-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-served-by: cache-lga21952-LGA

GET 1duwt.min.js
www.bigmp3db.com/ 0
0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 563ms
276ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: vi2.svetzdravlja.org
URL: https://vi2.svetzdravlja.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

45ff80f391287f67ec258130a70558da6de6e80d3cacd9eaea331f9546fc2260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 02 Aug 2024 10:23:46 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66acb3b2-11609"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71177
expires: Sun, 04 Aug 2024 04:14:29 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 381ms
184ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://vi2.svetzdravlja.org/
Origin: https://vi2.svetzdravlja.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 33f2d9e02fe55320
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Aug 2025 09:01:15 GMT

GET
H2 200 578125cc81382e63366e.js Show response
yastatic.net/partner-code-bundles/1078815/ 43 KB
13 KB 550ms
357ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1078815/578125cc81382e63366e.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

aa16b486a4ae572277b7125537e3447abe8ad09b5e183a581e9abab8c3fd0303

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://vi2.svetzdravlja.org/
Origin: https://vi2.svetzdravlja.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 12503
last-modified: Thu, 01 Aug 2024 16:05:28 GMT
server: nginx/1.17.9
etag: "bf4220eee0306cb5d1fafc7be0d1a38f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 04 Aug 2054 09:48:03 GMT

GET
H2 200 778e6befeb4edd0bc683.js Show response
yastatic.net/partner-code-bundles/1078815/ 24 KB
8 KB 549ms
356ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1078815/778e6befeb4edd0bc683.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f74455c7053aa2145e2bddbb746c7f7fdb45b4648c08c13d999f017ae938a1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://vi2.svetzdravlja.org/
Origin: https://vi2.svetzdravlja.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7948
last-modified: Thu, 01 Aug 2024 16:05:29 GMT
server: nginx/1.17.9
etag: "7818b159c1cef00bb6cfd387c439bc9e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 04 Aug 2054 09:48:03 GMT

GET
H2 200 f5458ab720ff4e7c06c3.js Show response
yastatic.net/partner-code-bundles/1078815/ 617 KB
112 KB 447ms
255ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1078815/f5458ab720ff4e7c06c3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4575a7c6808149fd31a9ce1713fb636b1005af7d52d7ab7e570b6166b20ed500

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://vi2.svetzdravlja.org/
Origin: https://vi2.svetzdravlja.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 114397
last-modified: Thu, 01 Aug 2024 16:05:29 GMT
server: nginx/1.17.9
etag: "0608bd3a85f96e289ec45042fa7cf8bb"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 04 Aug 2054 09:48:03 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 548ms
357ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://vi2.svetzdravlja.org/
Origin: https://vi2.svetzdravlja.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 04 Aug 2054 09:48:03 GMT

GET
H2 200 128a30fe7f7ddf9a03ad.js Show response
yastatic.net/partner-code-bundles/1078815/ 122 KB
24 KB 548ms
357ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1078815/128a30fe7f7ddf9a03ad.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8ed978e2e8b8e8f943714ac6ac0bd84fc548541ae09cb266c4d1209f1e5df9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://vi2.svetzdravlja.org/
Origin: https://vi2.svetzdravlja.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24311
last-modified: Thu, 01 Aug 2024 16:05:28 GMT
server: nginx/1.17.9
etag: "ab0b94b66de8b95f44d9fb5313d89659"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 04 Aug 2054 09:48:03 GMT

GET
H3 200 favicon.ico
svetzdravlja.org/template/history/img/ 1 KB
842 B 21ms
21ms Other
image/vnd.microsoft.icon 2606:4700:3032::ac43:9930
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://svetzdravlja.org/template/history/img/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9930 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3d12cdeac1ff842d262788e151b8327f108b15f0d261ca0d388d24d9a8a785

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80999
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 16 Dec 2022 09:08:23 GMT
server: cloudflare
etag: W/"503-5efee4fcd15b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNGK6VIKKBiTOAdkJLwxOZU9u3Ewfqq%2Bi1VZkenand0ci5aR6gUXP63C9NfbszbmBCPL8S7zcJ30xLLblu8yUMcZk7YqXHVcZSbjizTn6i9gsyBMMrgcbXsM5k27D3%2Fl0K4hpoab88iuC9SMiiC%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 8adb60a7dd8a43b2-EWR
expires: Sat, 10 Aug 2024 04:44:30 GMT

GET
H2 200 pub-2382012522979108 Show response
fundingchoicesmessages.google.com/i/ 202 KB
67 KB 94ms
58ms Script
application/javascript 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-2382012522979108?ers=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/9f441e8a-040f-4f28-abe5-3d524b146cc2/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c542664cecfff7bb78c7d27f65b9ac5e1bc6ee8c0074dbedb7fd51e7aaa831b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HMADO1YRHHk1mWZtlQAZug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-HMADO1YRHHk1mWZtlQAZug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxMMx9cnurWwCJw4e7GdW0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjGwMDDUMzCJLzAAAMC7QtM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 135ms
88ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/9f441e8a-040f-4f28-abe5-3d524b146cc2/plugin.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2efebb03875dc4bd0e3d3685b726cce52c7b3721e03b61db15cf586a1f379d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32057
x-xss-protection: 0
server: cafe
etag: 47 / 19939 / m202407300101 / config-hash: 7165670400735415214
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Aug 2024 03:14:29 GMT

GET
H2 200 prebid8.20.2.js Show response
get.optad360.io/assets/js/ 510 KB
164 KB 17ms
16ms Script
text/javascript 2600:9000:250b:fe00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/9f441e8a-040f-4f28-abe5-3d524b146cc2/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:250b:fe00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 21:08:12 GMT
content-encoding: gzip
via: 1.1 a85e1510327226089dfd77f1b1c39ad8.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 07:08:59 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P4
age: 16524378
etag: W/"643c66a3d7b92031d1740b1b750e096d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: _w4DRaXGeDqoGSD33bX57pEmEWF8RU8tp9qOyW7QJPxYPGJjPHjTzg==

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
8 KB 121ms
11ms Image
image/svg+xml 2600:9000:24f0:f200:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:f200:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 22:54:23 GMT
via: 1.1 84fd743af5e8639c32332cec06beef46.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
age: 18764407
etag: "b0a3aa2e09d4ddd83150d7bd3347c5c0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
accept-ranges: bytes
content-length: 7419
x-amz-cf-id: IElbz1E__7DD1lYjHLjMEf9kknwColjkY8d3muyv_nuFXE55TGsEUA==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 29ms
11ms Fetch
application/json 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240803

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e382c0c5e84e43c13f1d7d8b731184fba050db1145208e9f061b8a8d737338f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 04 Aug 2024 03:14:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 40421
x-jsd-version: 1.0.2137
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 728
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21958-LGA
x-jsd-version-type: version
etag: W/"63b-GAdh6LazzZdA05rsRD+49RAiTCY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 1 KB
1 KB 96ms
20ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 03:14:30 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 24 Jul 2024 09:04:09 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 929332
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waLXaO7CFunbU2ssp1j7alucZK473k7H%2FXKS2edNyzpwvkH7a7aULZps3Is7tLMoo2HAuyABhaiGz3zUD6f2ewewNM1IsFHFp4KPtI%2BPxEDGVzaks1ZF2l7LFgajNGP8lWNw%2BNVfKz4Ri0cV"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8adb60a98e11c337-EWR

POST
H2 200 c Show response
prebid.a-mo.net/a/ 1 KB
1 KB 54ms
18ms Fetch
application/json 147.28.129.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 6b08d117ecfd2a0331c1ece0455cf16d2d713ccff3f8f0252b88a10937e94f80

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 498

POST
H3 204 pbjs Show response
useast.quantumdex.io/auction/ 0
278 B 103ms
40ms Fetch
application/json 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://vi2.svetzdravlja.org
access-control-allow-credentials: true
cf-ray: 8adb60a94d104346-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
182 B 281ms
87ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://vi2.svetzdravlja.org
date: Sun, 04 Aug 2024 03:14:30 GMT
access-control-max-age: 3600
access-control-allow-credentials: true
vary: Origin
access-control-allow-methods: POST

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
178 B 514ms
129ms Fetch 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.91&pbver=8.20.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://vi2.svetzdravlja.org
date: Sun, 04 Aug 2024 03:14:30 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 506ms
129ms Fetch 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.91&pbver=8.20.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://vi2.svetzdravlja.org
date: Sun, 04 Aug 2024 03:14:30 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H3 204 pbjs Show response
useast.quantumdex.io/auction/ 0
241 B 87ms
46ms Fetch
application/json 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://vi2.svetzdravlja.org
access-control-allow-credentials: true
cf-ray: 8adb60a94d0d4346-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 200 c Show response
prebid.a-mo.net/a/ 1 KB
1 KB 29ms
16ms Fetch
application/json 147.28.129.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 3d436d8f048cb56304cce449b255d935121e60e4e0cfa0fac211b256ecef5245

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Aug 2024 03:14:29 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 499

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
183 B 260ms
86ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://vi2.svetzdravlja.org
date: Sun, 04 Aug 2024 03:14:30 GMT
access-control-max-age: 3600
access-control-allow-credentials: true
vary: Origin
access-control-allow-methods: POST

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/ 473 KB
148 KB 26ms
25ms Script
text/javascript 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

612b2f37cd260cc286f109fed7a48e61d145a494834e3a34216006cea4e84794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 01:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6718
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151010
x-xss-protection: 0
server: cafe
etag: 12537848118680316156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 04 Aug 2025 01:22:31 GMT

GET
H2 200 AGSKWxUNM4eqy2AggQoIBl5mfc0duG8qgGIB0bX-_5PoJ4ytRRryYmz6m_pAtFMPm6WFG-Q1UkeGmyr9BZZlu-sV5V2EdBA4Z-MqiFnVIj07EH0NFiIqUK2pJFzRGzBNySRiPFXqQBk= Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 71ms
69ms Script
application/javascript 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUNM4eqy2AggQoIBl5mfc0duG8qgGIB0bX-_5PoJ4ytRRryYmz6m_pAtFMPm6WFG-Q1UkeGmyr9BZZlu-sV5V2EdBA4Z-MqiFnVIj07EH0NFiIqUK2pJFzRGzBNySRiPFXqQBk=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNzQxMjcwLDE0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3ZpMi5zdmV0emRyYXZsamEub3JnLyIsbnVsbCxbWzgsImpEcTNoSlRzNlZzIl0sWzksImVuLVVTIl0sWzIyLCJ0cnVlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sbnVsbCw5XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jDq3hJTs6Vs.es5.O/am=Phg/d=1/rs=AJlcJMyixEYn4WAEJYnm7WVKWKEYTuw63w/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48a8d37a2a480859746972713d4af29b9340e697f9903b35665088f186b546a1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2ZnTTgZoKHUKWDIgz5-mKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2ZnTTgZoKHUKWDIgz5-mKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxM0x7cnurWwCB55vVlLSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwMNQzMIkvMAAAe6ZCcg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
239 B 44ms
17ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
server: cloudflare
age: 0
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray: 8adb60a9f9aa72b3-EWR
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 71 KB
22 KB 167ms
148ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4021ac3b8dc8bfabb47c753df4e2d8850b084512a751375711da648e65ee2a5c

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 04 Aug 2024 03:14:30 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 24 Jul 2024 09:04:04 GMT
Server: cloudflare
ETag: W/"5d2d2036b561962f40bb380b9e37a03c"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6f7BT70ER098FwbhWzivJbZXDJKpx20JHB4AWtaqtQb5O5JE%2F7hWggtJoX9rleohJOmDDuhA935N2ObEkAshPcIGhVdHyHn9inLUoIjDMKNUuzyZdevn9K8iCr6A8gYiYPIsv4bhfIRgfu%2BH"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8adb60a9e9140ca5-EWR

GET
H3 200 121764058 Show response
fundingchoicesmessages.google.com/i/ 202 KB
65 KB 56ms
56ms Script
application/javascript 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/121764058?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f0afcb31f1cdd116a67ce09330292c8a282c107b712ff91d8743074a0ef12f8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Fqh3eyhERnjmAq8_nsECjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Fqh3eyhERnjmAq8_nsECjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBiOHnrNtNFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYg_Pz7H-huIk_6dZy0AYneti6z-QLwk4iLrgcSLrAcfX2Q9CcSGCpdY7YF4ev0l1vlALMTNMe3J7q1sAhfurPdU0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjGwMDDUMzCJLzAAAKflR7I"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXAOi5EFkEn5ISf9fmxitLcxSgY3kqN1pKZ-q6I1jeUkFYKcj7GKlmKCXrKxlPccp1G6Ec3FiTdtsGDWFKU4RC_hBOlwPch_DJd2kRgM8gCDgaxNjtiBMLyMztiwmfIg0QbBWQ= Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 58ms
58ms Script
application/javascript 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXAOi5EFkEn5ISf9fmxitLcxSgY3kqN1pKZ-q6I1jeUkFYKcj7GKlmKCXrKxlPccp1G6Ec3FiTdtsGDWFKU4RC_hBOlwPch_DJd2kRgM8gCDgaxNjtiBMLyMztiwmfIg0QbBWQ=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNzQxMjcwLDEzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdmkyLnN2ZXR6ZHJhdmxqYS5vcmcvIixudWxsLFtbOCwiakRxM2hKVHM2VnMiXSxbOSwiZW4tVVMiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY4XSxudWxsLDldIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ee638688e5719cd80dfa94c6860c98dd765a8d435ece4d7c26931fe07af6418

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UAwv1m2JwwySkvb1PSPbtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-UAwv1m2JwwySkvb1PSPbtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxM0x7cnurWwCD7Z1hyhpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGFgYGOoZmMQXGAAAd-NCZw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame A18C 0
0 66ms
23ms Document
text/html 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28869
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 02:55:19 GMT
expires: Sun, 04 Aug 2024 03:45:19 GMT
last-modified: Mon, 29 Jul 2024 19:44:55 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 69ms
11ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:41:37 GMT
content-encoding: gzip
age: 862373
x-guploader-uploadid: AHxI1nM_huqvod6ldVjan8ePVHl-P4wTKeWDSYaWwoDM7PsrEOxhCRXxzY6t0jrS-xNuVs0u8A4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 25 Jul 2025 03:41:37 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 56ms
22ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Jul 2024 14:14:53 GMT
server: nginx
etag: W/"668fe8dd-a6cc"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Aug 2024 03:14:30 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 41 KB
12 KB 92ms
13ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ab6a80f08f72f0a47856fdbfe7e52033241a90ca535d580fb0804f699cbab79

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 03 Aug 2024 20:00:10 GMT
content-encoding: gzip
via: 1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 19:29:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 26061
x-amz-server-side-encryption: AES256
etag: W/"3abe05c75d17416205a8d140e793bf74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: U4Pd4hSuD_chlUOusYiOgwunsUYReZSD7LCAR6zkOWtBmpEUJjKYHw==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 147ms
98ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
via: 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: ad018dec45a04aa87ce5030b02d3c9b9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 95 KB
28 KB 52ms
22ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7025cecb41913f88ba75bff87fae88028e1ee78cf4a375091c217f3e3950ea8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jun 2024 08:15:00 GMT
server: cloudflare
x-amz-request-id: VDRBZHH0W5JDTN2D
age: 1099
etag: W/"3d8396f35fd4c6387c69fe6503afbacd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8adb60ab6c014213-EWR
x-amz-id-2: njqJ2sBWmhvei4uM+cq6cUy3a8W1TGEYSlm+Is9yMRVkyC1KU05V7ktWTaKfDmOK3brJqx5oOY5MerXIjErv6g==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
4 KB 107ms
12ms Script
text/javascript 2600:9000:2511:7a00:a:e047:754:6941
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:7a00:a:e047:754:6941 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 0u1R0tyw.MUCZY63NwBE.7D35dRY5mh8
Date: Sat, 03 Aug 2024 16:30:10 GMT
Via: 1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
Last-Modified: Wed, 31 Jul 2024 16:30:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P6
Age: 38661
x-amz-server-side-encryption: AES256
ETag: "0537d8d06dd9dfbe911ad6bf6504f4bf"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3181
X-Amz-Cf-Id: DFyerr_9OhUDyhuPVkUG9QR3zcnx-aw0PgtGKn2yjyUQpmvgWRWdyA==

POST
H3 204 AGSKWxVW17w5hwtSOt9nqfpxVZuwleQH-R2s3U5rSLXR7S6h1s80tDVmxXui9VAc6pciv7sJo2RKxc1O4N7vV_0SlGJckTypJLQ3p1TDwLmRwaxH47L-2Y3wzGtF-7fi_-ZT91djoDQ= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 71ms
37ms XHR
text/html 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVW17w5hwtSOt9nqfpxVZuwleQH-R2s3U5rSLXR7S6h1s80tDVmxXui9VAc6pciv7sJo2RKxc1O4N7vV_0SlGJckTypJLQ3p1TDwLmRwaxH47L-2Y3wzGtF-7fi_-ZT91djoDQ=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dHpYanN_JlK27cLhYo_s-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dHpYanN_JlK27cLhYo_s-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmII0JBicEqfwRoExJ8fn2P9DcTuWhdZ_YF4ScRF1kOJF1mn119inQ_EQjwc057s3somsKC5bzOjkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxsDAw1DMwjy8wAABaCTH9"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVW17w5hwtSOt9nqfpxVZuwleQH-R2s3U5rSLXR7S6h1s80tDVmxXui9VAc6pciv7sJo2RKxc1O4N7vV_0SlGJckTypJLQ3p1TDwLmRwaxH47L-2Y3wzGtF-7fi_-ZT91djoDQ= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 65ms
32ms XHR
text/html 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVW17w5hwtSOt9nqfpxVZuwleQH-R2s3U5rSLXR7S6h1s80tDVmxXui9VAc6pciv7sJo2RKxc1O4N7vV_0SlGJckTypJLQ3p1TDwLmRwaxH47L-2Y3wzGtF-7fi_-ZT91djoDQ=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bqu3BRJa7iwEDxCxyZy5QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-bqu3BRJa7iwEDxCxyZy5QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw1JBicEqfwRoExJ8fn2P9DcTuWhdZ_YF4ScRF1kOJF1mn119inQ_EQjwc057s3somcODVz42MSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwMLAUM_APL7AAACbojLm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVS_nNtyJ7XB1t9xSrJgnS9XiRyFYedivYS03aHnzWOaJwFJ1xEEifAbcrlbp5HfoTy5xmATKQ8k602pZGF3o6Ck-G5FOux53Qg4APivyKQeSnHbRxblGs6-kBYnssHLiI1VyI= Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 67ms
65ms Script
application/javascript 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVS_nNtyJ7XB1t9xSrJgnS9XiRyFYedivYS03aHnzWOaJwFJ1xEEifAbcrlbp5HfoTy5xmATKQ8k602pZGF3o6Ck-G5FOux53Qg4APivyKQeSnHbRxblGs6-kBYnssHLiI1VyI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIyNzQxMjcwLDMyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwyXSwiaHR0cHM6Ly92aTIuc3ZldHpkcmF2bGphLm9yZy8iLG51bGwsW1s4LCJqRHEzaEpUczZWcyJdLFs5LCJlbi1VUyJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjhdLG51bGwsOV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b179e7220eb7bce4ddae6838bf948fdbe2aa2773a9d1a193bc5fb999da974e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D5eNrh0OllP00nvdgaTCUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-D5eNrh0OllP00nvdgaTCUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxMMx7cnurWwCF5Yu2cKopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgYWCoZ2ASX2AAAL-FQsg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
620 B 80ms
30ms XHR
application/json 100.24.111.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.111.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-111-98.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3049c898d62c4630d3114c56488e9286a069ff580c7ac8ce85fad5bf312f8426

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 03:14:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: no-cache
x-server: 10.40.57.241
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
236 B 283ms
90ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://vi2.svetzdravlja.org
date: Sun, 04 Aug 2024 03:14:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H3 204 AGSKWxXt32e1R5YCyop1RPL-uPzUD1FegMvmZUGVsG9d-0K0DWnNUOV-jBhb62_cChc2XvOJmYrgX3fLWhQHCL8DKe7N1P9L6x-oBvC0hxQCfQIHTa0eTfkRZOb2aspAza9RY-kC6Xk= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 38ms
36ms XHR
text/html 2607:f8b0:4004:c1d::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXt32e1R5YCyop1RPL-uPzUD1FegMvmZUGVsG9d-0K0DWnNUOV-jBhb62_cChc2XvOJmYrgX3fLWhQHCL8DKe7N1P9L6x-oBvC0hxQCfQIHTa0eTfkRZOb2aspAza9RY-kC6Xk=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3_GXI0LwwNG8M1NDjjf7OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3_GXI0LwwNG8M1NDjjf7OQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmJw0gDi9BmsQUD8-fE51t9A7K51kdUfiJdEXGQ9lHiRdXr9Jdb5QCzEwzHtye6tbAIHPq87yajkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAwsDAz1DMzjCwwAjBkytQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10450.p1AWLEjPrM8esGA_Ii0JfxQdBd_Wf30GZQtdkm7qTJ1y_PYdt4fxI1Q1_twv4f8Y.-9EffAk2SZbHtsOs28SJZUzeA40%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10450.33Hh73cpMDrd3gkE0fD_VUCbrUwbE13sicUIWPfXNETdE8fxaDCLKT9E7Nhnz2ianJyrS411eTzWPV_s21cwKqMP0UvYG8RlNfaCo2CgiaFiPV2KHzQ5xYMT1YvEHhLtTQD1r3-zdZ...

43 B
706 B

144ms
143ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10450.33Hh73cpMDrd3gkE0fD_VUCbrUwbE13sicUIWPfXNETdE8fxaDCLKT9E7Nhnz2ianJyrS411eTzWPV_s21cwKqMP0UvYG8RlNfaCo2CgiaFiPV2KHzQ5xYMT1YvEHhLtTQD1r3-zdZteNfiXzskn10uRE83lNY2BBx_Wf5N7qUZ-v22wu2soKjb2k-8ic9DsZtiLp0EpROyPQ0LY6uABweAm3uU0brlRzvBv-COCfzU%2C.ZaqwLCL_5ensiKLVnX9cd0QinFE%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 03:14:30 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10450.33Hh73cpMDrd3gkE0fD_VUCbrUwbE13sicUIWPfXNETdE8fxaDCLKT9E7Nhnz2ianJyrS411eTzWPV_s21cwKqMP0UvYG8RlNfaCo2CgiaFiPV2KHzQ5xYMT1YvEHhLtTQD1r3-zdZteNfiXzskn10uRE83lNY2BBx_Wf5N7qUZ-v22wu2soKjb2k-8ic9DsZtiLp0EpROyPQ0LY6uABweAm3uU0brlRzvBv-COCfzU%2C.ZaqwLCL_5ensiKLVnX9cd0QinFE%2C
date: Sun, 04 Aug 2024 03:14:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
595 B 150ms
150ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 03:14:30 GMT
last-modified: Fri, 02 Aug 2024 10:23:46 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66acb3b2-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 04 Aug 2024 04:14:30 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 143ms
86ms XHR
application/json 2607:f8b0:400d:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3600fd7b6232190c7449938836c4ace1f8221a9f61c25f348b90f811a5c5660a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12935
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 889 B
444 B 111ms
110ms Fetch
text/plain 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2530319872982434&correlator=2166360824759043&eid=31079956%2C31085719%2C31084270%2C31085721%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407300101&ptt=17&impl=fif&gdpr=0&iu_parts=121764058%3A22612148122%2Csvetzdravlja.org%2Csvetzdravlja.org_o3b_display_sf_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1722741270496&lmt=1722741270&adxs=450&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvi2.svetzdravlja.org%2F&vis=1&psz=0x-1&msz=700x-1&fws=640&ohw=0&topics=1&tps=1&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDA5YTZhZDljLTk4ZTQtNDdkMC1iYWZiLTNiNTIxMWNkNjAyZlgBEhoKDWNyd2RjbnRybC5uZXQSABi_z4bbkTJIABIdCg5lc3AuY3JpdGVvLmNvbRjEzYbbkTJIAFICCGQSFwoIcnRiaG91c2UY_86G25EySABSAghqEhQKBW9wZW54GLnOhtuRMkgAUgIIbxIZCgp1aWRhcGkuY29tGMXNhtuRMkgAUgIIZBIbCgxpZDUtc3luYy5jb20Yxc2G25EySABSAghk&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722741268274&idt=1795&adks=3827493818&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2978b8f673a170443e5459259a5b1f1d79275849cb8cbc73b16faec666fe51c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f3c390c5334aa4c9516ae8f755bde62b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D68B 0
0 101ms
24ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f3c390c5334aa4c9516ae8f755bde62b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 03:14:30 GMT
expires: Sun, 04 Aug 2024 03:14:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 808 B
371 B 123ms
123ms Fetch
text/plain 2607:f8b0:400d:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2530319872982434&correlator=2166360824759043&eid=31079956%2C31085719%2C31084270%2C31085721%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407300101&ptt=17&impl=fif&gdpr=0&iu_parts=121764058%3A22612148122%2Csvetzdravlja.org%2Csvetzdravlja.org_o3b_display_adi_o3b_atf&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C728x200%7C970x90%7C970x100%7C970x250%7C970x300&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1722741270530&lmt=1722741270&adxs=436&adys=210&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fvi2.svetzdravlja.org%2F&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&topics=1&tps=1&htps=10&a3p=EjQKCnB1YmNpZC5vcmcSJDA5YTZhZDljLTk4ZTQtNDdkMC1iYWZiLTNiNTIxMWNkNjAyZlgBEhoKDWNyd2RjbnRybC5uZXQSABi_z4bbkTJIABIdCg5lc3AuY3JpdGVvLmNvbRjEzYbbkTJIAFICCGQSFwoIcnRiaG91c2UY_86G25EySABSAghqEhQKBW9wZW54GLnOhtuRMkgAUgIIbxIZCgp1aWRhcGkuY29tGMXNhtuRMkgAUgIIZBIbCgxpZDUtc3luYy5jb20Yxc2G25EySABSAghk&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722741268274&idt=1795&adks=3909636910&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c04::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a21acfd6c341098d704d6fd9377222c57033523cc7c4ea1c4443c6dc69dd9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 340
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 79ms
24ms Script
text/javascript 2607:f8b0:400d:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Aug 2024 03:14:30 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 30BB 0
0 64ms
22ms Document
text/html 2607:f8b0:400d:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vi2.svetzdravlja.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 317985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jul 2024 10:54:45 GMT
expires: Thu, 31 Jul 2025 10:54:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 9883 0
0 86ms
37ms Document
text/html 2607:f8b0:400d:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c1d::67 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K4HiN01mXuqpRgYXtDjDdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vi2.svetzdravlja.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-K4HiN01mXuqpRgYXtDjDdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 03:14:30 GMT
expires: Sun, 04 Aug 2024 03:14:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 89A6 0
0 534ms
164ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vi2.svetzdravlja.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1045
content-type: text/html
date: Sun, 04 Aug 2024 03:14:31 GMT
etag: "66acb3b2-415"
expires: Sun, 04 Aug 2024 04:14:31 GMT
last-modified: Fri, 02 Aug 2024 10:23:46 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/66105886/
Redirect Chain

https://mc.yandex.com/watch/66105886?wmode=7&page-url=https%3A%2F%2Fvi2.svetzdravlja.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.com/watch/66105886/1?wmode=7&page-url=https%3A%2F%2Fvi2.svetzdravlja.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-...

457 B
707 B

144ms
143ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66105886/1?wmode=7&page-url=https%3A%2F%2Fvi2.svetzdravlja.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A115294761069%3Ahid%3A985691729%3Az%3A-600%3Ai%3A20240803171430%3Aet%3A1722741270%3Ac%3A1%3Arn%3A784682912%3Arqn%3A1%3Au%3A1722741270390664671%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1805%3Awv%3A2%3Ads%3A0%2C0%2C220%2C191%2C998%2C0%2C%2C3%2C0%2C2753%2C2753%2C4%2C1745%3Aco%3A0%3Acpf%3A1%3Ans%3A1722741266869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722741271%3At%3ATh%C3%B4ng%20Tin%20Y%20T%E1%BA%BF%20V%C3%A0%20M%E1%BA%B9O%20S%E1%BB%A9C%20Kh%E1%BB%8FE%20B%E1%BA%A1N%20C%C3%B3%20Th%E1%BB%83%20Tin%20T%C6%B0%E1%BB%9FNg%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

08e197932645fe0c9537946d06fd4e9c09b88440a2b8211e646e1253d356b8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 03:14:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 04-Aug-2024 03:14:31 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 457
x-xss-protection: 1; mode=block
expires: Sun, 04-Aug-2024 03:14:31 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 04 Aug 2024 03:14:30 GMT
last-modified: Sun, 04-Aug-2024 03:14:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://vi2.svetzdravlja.org
location: /watch/66105886/1?wmode=7&page-url=https%3A%2F%2Fvi2.svetzdravlja.org%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6eeti2leh43xf0jxk8f3gy2jmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A115294761069%3Ahid%3A985691729%3Az%3A-600%3Ai%3A20240803171430%3Aet%3A1722741270%3Ac%3A1%3Arn%3A784682912%3Arqn%3A1%3Au%3A1722741270390664671%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1805%3Awv%3A2%3Ads%3A0%2C0%2C220%2C191%2C998%2C0%2C%2C3%2C0%2C2753%2C2753%2C4%2C1745%3Aco%3A0%3Acpf%3A1%3Ans%3A1722741266869%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722741271%3At%3ATh%C3%B4ng%20Tin%20Y%20T%E1%BA%BF%20V%C3%A0%20M%E1%BA%B9O%20S%E1%BB%A9C%20Kh%E1%BB%8FE%20B%E1%BA%A1N%20C%C3%B3%20Th%E1%BB%83%20Tin%20T%C6%B0%E1%BB%9FNg%202024&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 04-Aug-2024 03:14:30 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 54ms
14ms Preflight
application/json 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvi2.svetzdravlja.org%2F&domain=vi2.svetzdravlja.org&cw=1&pbt=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vi2.svetzdravlja.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 04 Aug 2024 03:14:33 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 239960
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fvi2.svetzdravlja.org%2F&domain=vi2.svetzdravlja.org&cw=1&pbt=1&lsw=1&gdpr=0
https://mug.criteo.com/sid?cpp=7mDjlnxCR0Q5bUJrVjhkTHlId1FXQUlmeVNMa0o2V1pKbkgrNk10Smc4SG5JL21NMGthVTFtRkQrcG81dE1GbkNlZm10OXQrTm03azlGNkNXNGRpbnVEbnhGcURpNkNRY29pZVlZZSszUjVPUEZ3bzg2TXVJRmZVU2x3SX...

354 B
642 B

59ms
21ms

Fetch
application/json

74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7mDjlnxCR0Q5bUJrVjhkTHlId1FXQUlmeVNMa0o2V1pKbkgrNk10Smc4SG5JL21NMGthVTFtRkQrcG81dE1GbkNlZm10OXQrTm03azlGNkNXNGRpbnVEbnhGcURpNkNRY29pZVlZZSszUjVPUEZ3bzg2TXVJRmZVU2x3SXdkWCtYYi85ZTJWOVVzeE5iK3BwM2FxVGVnaFJpUWZPQzhYc1I0OG1sYURnUkhaLyt6NDJjR0h0UEU0SkorTVE2dDY2RTdEQXVxb2NhVHVxTW96MEFmZGVURm43VExPUDl4VE9VamJzdHdtZGp6RHMxT0tpTEhCb1NxL1EzMTVvODBtaGdMMWRFeXJTVXpNOUx1eW9vNkJ5ajlERkxndz09fA&cppv=2

Protocol

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

0d7daafea91b489748249b1e545f46e4295f9ceb01183c1c40eeae0048425c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Aug 2024 03:14:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 532351
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Aug 2024 03:14:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://vi2.svetzdravlja.org
location: https://mug.criteo.com/sid?cpp=7mDjlnxCR0Q5bUJrVjhkTHlId1FXQUlmeVNMa0o2V1pKbkgrNk10Smc4SG5JL21NMGthVTFtRkQrcG81dE1GbkNlZm10OXQrTm03azlGNkNXNGRpbnVEbnhGcURpNkNRY29pZVlZZSszUjVPUEZ3bzg2TXVJRmZVU2x3SXdkWCtYYi85ZTJWOVVzeE5iK3BwM2FxVGVnaFJpUWZPQzhYc1I0OG1sYURnUkhaLyt6NDJjR0h0UEU0SkorTVE2dDY2RTdEQXVxb2NhVHVxTW96MEFmZGVURm43VExPUDl4VE9VamJzdHdtZGp6RHMxT0tpTEhCb1NxL1EzMTVvODBtaGdMMWRFeXJTVXpNOUx1eW9vNkJ5ajlERkxndz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 239026
content-length: 0
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
570 B 49ms
16ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: efb80b767a206fe96307befdcac72ad68a959c729a3b2d820dde1d9fbfcab81b

Request headers

Referer: https://vi2.svetzdravlja.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sun, 04 Aug 2024 03:14:33 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://vi2.svetzdravlja.org
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Tue, 03 Sep 2024 03:14:33 GMT

GET
H2 200 isyn
sync.a-mo.net/ Frame DF1E 0
0 161ms
21ms Document
text/html 125.253.89.176
SS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=CvsBShR2aTIuc3ZldHpkcmF2bGphLm9yZ1ILYWFzLTQ5NTdjZjVaCHBiYTEuMy4zahR2aTIuc3ZldHpkcmF2bGphLm9yZ_oBBjguMjAuMOgCAYgDleS7tQaoAzTqAyRiZTVjM2JjMC04MjYzLTRhNjUtYjA5OS0wMjIzNTI1MDY5YjKiBB1odHRwczovL3ZpMi5zdmV0emRyYXZsamEub3JnL6oEA0RDSLIFA1VTROoFB2Rlc2t0b3D6BQRkYzEzwAYAyAYBqgcDd2ViygcQc3ZldHpkcmF2bGphLm9yZ-AHAYIIEHN2ZXR6ZHJhdmxqYS5vcmeKCAZjaHJvbWU
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 125.253.89.176 , United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://vi2.svetzdravlja.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 655
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 03:14:32 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 4

GET
H2 200 pbjs
sync.quantumdex.io/usersync/ Frame 87EB 0
0 51ms
20ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vi2.svetzdravlja.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8adb60bf9a608c1b-EWR
content-encoding: br
content-type: text/html
date: Sun, 04 Aug 2024 03:14:33 GMT
server: cloudflare

GET
H2 200 usersync
ssp.wp.pl/bidder/ Frame A4AB 0
0 380ms
127ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=14588848521226306000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash

Request headers

Referer: https://vi2.svetzdravlja.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Sun, 04 Aug 2024 03:14:33 GMT
last-modified: Sat, 06 Jul 2024 10:13:42 GMT
server: nginx
vary: Origin,Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 93ms
19ms Preflight
application/json 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 04 Aug 2024 03:14:33 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 203871
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: svetzdravlja.org
URL: https://svetzdravlja.org/template/history/img/ep_naturalwhite.png

Domain: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?45611ef

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407300101&jk=2530319872982434&bg=!lZalltnNAAZjy5caQ8s7ADQBe5WfOG1pP3DfcBWbctEKeNHRphpaEilz6Io4cQqS5nr7G1w5X6jAqakvDfNWPDLVTJQtAgAAAF9SAAAAGGgBB34ANgFRfqbVG8HYHx2b1EONgArzJXLqZBwgt8gHP63JC2313kKduBVC10Q3u-If3nGmPZk2qPSvDgoAfRI9gViglKhcmIA79WWCE8QnRfh6uN5NNW5ZANitB7ta3SWmVj6NKJWkfgUc5gIboY0WMCriuSw3gDPX697DFRSL0PMvyrnshuWjaxw0q9Lk9Vgdmd8yx53WQnxQaQDfAtd_dva0wya4Dd466BILrUiZ4775ql7ZF9zvcRxWmQKt9XnCbMkODiReGAKomiZIbTtpesZ8hVw3IZqPkKAykRX2BajZHbLgOc8V43dBS5WbQxtczFCUoQ_iCOh0gSp4GZdi72wbfSt-VBxAKR3NI9Ak9gsl93bsvASe0enc4zYR9Fo4lJwkooE7yPNGAqrZj6EjLbjDfi4ftC6FiJ30j1S752iixBz3jddzeWJPWEPiQM0c2khKe6iTrDV419pPJzY8O00BzqyiY7KjYqTS9Alr-hTh1h50Xi_qQqYfy7ATMNoUka1wgAeBUxOuVMYWdyJWtJ_9YDxrHi_5OpFnQMbSw7mFaHYXcM3Li6ZGu4MD4dthSKLT-zbz2ADC_rE1FhXIzieg4QPkT3jCtk0tCxCLYD1_pyKhd_HnS6JsykYD7jpPGExr8GLYg6Qx_fo0tUpcsobVxWK6soK-ia_7I_OPDfeYpAYun8UEsuv1MvawizShiQxt6v3Iiw5-ZwXcgLmQRNx22t6INb45edwWhXmGDZA_FuBukZHVl0Q6-D0vhAK-feYnSN8dUJZcGZYEoR9O5S0aOAHLh_T2VYTQkN9JHwQIXDaHlDMAZF2Y-mNXhpKzP3gGpVCl4duBLsAWdzfKeVWz5Hdn_DrpSRjJKxgn28gXn8yvA6xFCo8y2SzlVLYbZ0M8y4n9ptkt-5nYk_vShfrXdG7LIoinGDGR-RFCTOrNNoZvTXLdv3GUe3ysh5cpD5Coo6LfEo9ejvSXPwavIoyi5kPaxYz5DY4r_MeBTP59QNCF8Q-VqFX2TpdCPLP-24y4IXZT--sP0z0vVXhpqVhDpn6wMXpV5eqwPIkopHwpOLh9H3GIrdETkpbfYwkCBLrswDK7-E7-oAc20iK3Gikm7Wip3yX6dKwqEvMu9wv3FPtyaB3qit1ttZxLTNnbKYRvEk5GqpF1xQ

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

117 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-21 00:41:57	Name: sync Value: CgoIoQEQ2OiG25EyCgoI4gEQ2OiG25EyCgoI5gEQ2OiG25EyCgoIhwIQ2OiG25EyCgkIOhDY6IbbkTIKCQgbENjohtuRMgoKCIwCENjohtuRMgoKCKwCENjohtuRMgoKCK0CENjohtuRMgoJCF8Q2OiG25Ey
.yandex.ru/	1970-01-21 08:08:21	Name: i Value: kPERSBNkPPgjHcDIqAu7p0MOWpHYWsmn5YGQWeB9JWtxUOb1ZkIOISU7OG6STOyxyEZOPq9mZTUphXXZ4bAcdBuCmbM=
.yandex.ru/	1970-01-21 08:08:21	Name: yandexuid Value: 5436763111722741268
.yandex.ru/	1970-01-21 07:17:57	Name: yashr Value: 84913781722741268
.yandex.ru/	1970-01-21 07:17:57	Name: receive-cookie-deprecation Value: 1
vi2.svetzdravlja.org/	1970-01-20 22:42:26	Name: __oagr Value: true
.svetzdravlja.org/	1970-01-21 07:17:57	Name: _sharedID Value: 09a6ad9c-98e4-47d0-bafb-3b5211cd602f
.svetzdravlja.org/	1970-01-21 07:17:57	Name: _sharedID_cst Value: kSylLAssaw%3D%3D
.prebid.a-mo.net/	1970-01-21 07:17:57	Name: __amc Value: 1_1722741269_1722741269
.a-mo.net/	1970-01-21 07:17:57	Name: amuid2 Value: f7e12eb5-3dfd-440f-8be6-08704e1ae7eb
.a-mo.net/	1970-01-21 07:17:57	Name: pamuid2 Value: f7e12eb5-3dfd-440f-8be6-08704e1ae7eb
.prebid.a-mo.net/	1970-01-21 07:17:57	Name: psd_amuid2 Value: f7e12eb5-3dfd-440f-8be6-08704e1ae7eb
.prebid.a-mo.net/	1970-01-21 07:17:57	Name: sd_amuid2 Value: f7e12eb5-3dfd-440f-8be6-08704e1ae7eb
.quantumdex.io/	1970-01-20 22:46:45	Name: uid Value: 71184cb1-8281-4926-8100-e7f792c12770
.svetzdravlja.org/	1970-01-21 07:17:57	Name: FCNEC Value: %5B%5B%22AKsRol9IKWwwIzlnZSesy5dAu6fJUD2nKXvMmlmV8MpESVQosHzbovVGvStEkNDP8YWgHOtq1QXQBScFbp6CtCFbB2Dwad4GmYCB9xkYWLtcXXaH2bZnnmLZElzr2wMcyTonJ5OAzG-kd6irMD_mh-8WklU-juh1_Q%3D%3D%22%5D%5D
.crwdcntrl.net/	1970-01-21 05:01:08	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 05:01:08	Name: _cc_id Value: d9ef995f6b31efd76659fdc3f7fff7a7
.svetzdravlja.org/	1970-01-21 07:17:57	Name: _ym_uid Value: 1722741270390664671
.svetzdravlja.org/	1970-01-21 07:17:57	Name: _ym_d Value: 1722741270
.svetzdravlja.org/	1970-01-20 22:32:21	Name: lotame_domain_check Value: svetzdravlja.org
.svetzdravlja.org/	1970-01-21 05:01:09	Name: _cc_id Value: d9ef995f6b31efd76659fdc3f7fff7a7
.svetzdravlja.org/	1970-01-20 22:33:47	Name: panoramaId_expiry Value: 1722827670400
.mc.yandex.com/	1970-01-20 22:32:21	Name: sync_cookie_csrf Value: 3084324622fake
.yandex.com/	1970-01-21 07:17:57	Name: yashr Value: 9994587281722741270
.svetzdravlja.org/	1970-01-20 22:33:33	Name: _ym_isad Value: 2
.svetzdravlja.org/	1970-01-21 07:53:57	Name: __gads Value: ID=8543be34221fb9f8:T=1722741270:RT=1722741270:S=ALNI_Mb9BHk6Ivzz-AFpYGh8rP5k_wzBKw
.svetzdravlja.org/	1970-01-21 07:53:57	Name: __gpi Value: UID=00000ec6b9a51b73:T=1722741270:RT=1722741270:S=ALNI_MbA2wm8LgjT50k7EY82LdfzSM05qw
.svetzdravlja.org/	1970-01-21 02:51:33	Name: __eoi Value: ID=4d6eeff9feff9cb3:T=1722741270:RT=1722741270:S=AA-AfjYeStzavf85QMRGKdSq7so8
.mc.yandex.ru/	1970-01-20 22:32:21	Name: sync_cookie_csrf Value: 1979296650fake
.yandex.com/	1970-01-21 07:17:57	Name: yandexuid Value: 5436763111722741268
.yandex.com/	1970-01-21 07:17:57	Name: yuidss Value: 5436763111722741268
.yandex.com/	1970-01-21 08:08:21	Name: i Value: kPERSBNkPPgjHcDIqAu7p0MOWpHYWsmn5YGQWeB9JWtxUOb1ZkIOISU7OG6STOyxyEZOPq9mZTUphXXZ4bAcdBuCmbM=
.yandex.com/	1970-01-21 08:08:21	Name: yp Value: 1722827670.yu.4758678541722741270
.mc.yandex.com/	1970-01-20 22:33:47	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 432514461722741270
.yandex.com/	1970-01-21 07:17:57	Name: ymex Value: 1725333270.oyu.4758678541722741270#1754277270.yrts.1722741270
.yandex.com/	1970-01-21 07:17:57	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 08:08:21	Name: bh Value: KgI/MGCX5Lu1Bg==
.adsrvr.org/	1970-01-21 07:17:57	Name: TDID Value: b876457c-f524-4291-a4d4-ca2e685b36fc
vi2.svetzdravlja.org/	1970-01-21 07:17:57	Name: unifiedid Value: %7B%22TDID%22%3A%22b876457c-f524-4291-a4d4-ca2e685b36fc%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-08-04T03%3A14%3A33%22%7D
vi2.svetzdravlja.org/	1970-01-21 07:17:57	Name: unifiedid_cst Value: kSylLAssaw%3D%3D
.smaato.net/	1970-01-20 23:02:35	Name: SCM Value: 751697ad3d
.smaato.net/	1970-01-20 23:02:35	Name: SCMp Value: 751697ad3d
.adnxs.com/	1970-01-21 08:08:21	Name: receive-cookie-deprecation Value: 1
.lijit.com/	1970-01-21 07:17:57	Name: ljt_reader Value: JGliALZHTqOU75U2R1SEDAJz
.disqus.com/	1970-01-21 07:17:57	Name: zeta-ssp-user-id Value: ua-98434ed6-56e6-373a-beae-425fb1e6c681
.3lift.com/	1970-01-21 00:41:57	Name: tluidp Value: 1868603351943365573226
.3lift.com/	1970-01-21 00:41:57	Name: tluid Value: 1868603351943365573226
.sharethrough.com/	1970-01-20 23:15:33	Name: stx_user_id Value: 2eb7aacd-9613-47d0-8770-34f5bd85c2e0
.yellowblue.io/	1970-01-20 23:15:33	Name: wrvUserID Value: WTdg3bQ-kp_s
.casalemedia.com/	1970-01-21 07:17:57	Name: CMID Value: Zq7yGdHM6boAAF-RAJA8-wAA
.casalemedia.com/	1970-01-21 00:41:57	Name: CMPS Value: 3614
.casalemedia.com/	1970-01-21 00:41:57	Name: CMPRO Value: 3614
.svetzdravlja.org/	1970-01-21 07:53:21	Name: cto_bundle Value: LepKN19WZGRrcVplMnBNYmJMdTUwM3hFb1F2eG9CQzhiSk5NOFlFdzV1ZmpqcWFra1JFSEdhTlFNWWpiWWVOaVRZOXpBYWpuSTVYWE5SNXQ5V04lMkZuUGRYY1A4bzVGcTZidXRRdktXWkJYNEROZjE4NExtU0F3SzFRajVYRHdrVk5aQWps
.svetzdravlja.org/	1970-01-21 07:53:21	Name: cto_bidid Value: 2MdogF9YeG5EViUyRkVMZHk4a2dTdTElMkJZZEoxeUlSMTAxZXRvMSUyQmRscTBoaXRwdksxdUVEenRYcXA2dEhZWkUyU1FYeGVMNkxFZDNYV3FIN0N0MEYwMUY5Y3NQZyUzRCUzRA
.contextweb.com/	1970-01-21 07:10:45	Name: V Value: 2ISB02Eh20tw
.contextweb.com/	1970-01-21 07:10:45	Name: VP Value: part_2ISB02Eh20tw
.contextweb.com/	1970-01-21 07:17:57	Name: pb_rtb_ev Value: 3-1sva\|8i8.0.1
.contextweb.com/	1970-01-21 07:17:57	Name: pb_rtb_ev_part Value: 3-1sva\|8i8.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 38051c383af55746
.go.sonobi.com/	1970-01-21 07:17:57	Name: __uis Value: c6120ebe-1fae-4859-869d-d10d0391c3d2
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85127\|Zq7yH
.yahoo.com/	1970-01-21 07:18:18	Name: A3 Value: d=AQABBBnyrmYCEJMFpiHzCnElSF2_GmB7VikFEgEBAQFDsGa4ZgAAAAAA_eMAAA&S=AQAAAs-CYPysJS89bvSA3aoY_DY
.bing.com/	1970-01-21 07:53:57	Name: MUID Value: 2C0BA477FC0567B61965B0A6FD7766DA
.c.bing.com/	1970-01-20 22:42:26	Name: MR Value: 0
sync.srv.stackadapt.com/	1970-01-21 07:17:57	Name: sa-user-id Value: s%3A0-4f93fe8f-0f27-528d-6504-3a8cbfdff35b.Z9GEt75eSJrBNKcnjbeElbNuACAytCUwubioe%2B6Kp0A
.srv.stackadapt.com/	1970-01-21 07:17:57	Name: sa-user-id Value: s%3A0-4f93fe8f-0f27-528d-6504-3a8cbfdff35b.Z9GEt75eSJrBNKcnjbeElbNuACAytCUwubioe%2B6Kp0A
sync.srv.stackadapt.com/	1970-01-21 07:17:57	Name: sa-user-id-v2 Value: s%3AT5P-jw8nUo1lBDqMv9_zWwW16oQ.8c4axZk%2B%2Fgo7qxMj2jkIZrOTbpSIKbWhG2SVSMXoxSs
.srv.stackadapt.com/	1970-01-21 07:17:57	Name: sa-user-id-v2 Value: s%3AT5P-jw8nUo1lBDqMv9_zWwW16oQ.8c4axZk%2B%2Fgo7qxMj2jkIZrOTbpSIKbWhG2SVSMXoxSs
sync.srv.stackadapt.com/	1970-01-21 07:17:57	Name: sa-user-id-v3 Value: s%3AAQAKILSiotaG3ZUsNbieaTSkS6VQ7x-Z9q5FOkocBcJ1Y3L1EGcYBCCZ5Lu1BjABOgTwU00QQgSS_5eF.ECV6WM2sgOaOB8q%2BNbHTu28YMrlipkDjR7kHEzI4HwA
.srv.stackadapt.com/	1970-01-21 07:17:57	Name: sa-user-id-v3 Value: s%3AAQAKILSiotaG3ZUsNbieaTSkS6VQ7x-Z9q5FOkocBcJ1Y3L1EGcYBCCZ5Lu1BjABOgTwU00QQgSS_5eF.ECV6WM2sgOaOB8q%2BNbHTu28YMrlipkDjR7kHEzI4HwA
.bidswitch.net/	1970-01-21 07:17:57	Name: tuuid Value: b53e3bcb-3b88-4f96-a281-e525121d9eed
.bidswitch.net/	1970-01-21 07:17:57	Name: c Value: 1722741273
.bidswitch.net/	1970-01-21 07:17:57	Name: tuuid_lu Value: 1722741273
.33across.com/	1970-01-21 07:17:57	Name: 33x_ps Value: u%3D212748471124730%3As1%3D1722741273777%3Ats%3D1722741273777
.doubleclick.net/	1970-01-21 08:08:21	Name: IDE Value: AHWqTUn_NTPsiZPrqPc1buICmFiV11THNWl791hjaCT6FPXKGWdvv1Bssm7-3usgKOk
.adkernel.com/	1969-12-31 23:59:59	Name: DSP2F_76 Value: 739470
.linkedin.com/	1970-01-21 00:41:57	Name: li_sugr Value: 9fee9bad-6d06-4f53-ae03-abe1d8a5cd5e
.linkedin.com/	1970-01-21 07:17:57	Name: bcookie Value: "v=2&82df7ed2-12e8-44b0-83b1-3500729dbeb4"
.linkedin.com/	1970-01-20 22:33:47	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3303:u=1:x=1:i=1722741273:t=1722827673:v=2:sig=AQGvpH5Ftpdut_bhDlxaBWsW7EgB0BnW"
.adkernel.com/	1969-12-31 23:59:59	Name: SSPZ Value: 184388
.adkernel.com/	1970-01-20 23:15:33	Name: ADKUID Value: A6584025902211128138
.yieldmo.com/	1970-01-21 07:17:57	Name: yieldmo_id Value: Vmc7sqqna7qX8itw0ERu%7C1722729600000%7C0
.a-mx.com/	1970-01-21 07:17:57	Name: amdt_t Value: p::1722741273898
.a-mx.com/	1970-01-21 07:17:57	Name: amdt_t Value: p::1722741273898
.a-mx.com/	1970-01-21 07:17:57	Name: amuid2 Value: f7e12eb5-3dfd-440f-8be6-08704e1ae7eb
.a-mx.com/	1970-01-21 07:17:57	Name: amuid2 Value: f7e12eb5-3dfd-440f-8be6-08704e1ae7eb
.media.net/	1970-01-21 07:17:57	Name: visitor-id Value: 3657428730813285000V10
.media.net/	1970-01-21 07:17:57	Name: data-ris Value: {{APID}}~~25
.pubmatic.com/	1970-01-20 22:33:47	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-21 00:41:57	Name: DPSync3 Value: 1723939200%3A201_263%7C1723334400%3A252_265
.rtb.mx/	1970-01-21 07:17:57	Name: amdt_t Value: p::1722741274001
.rtb.mx/	1970-01-21 07:17:57	Name: amdt_t Value: p::1722741274001
.rtb.mx/	1970-01-21 07:17:57	Name: amuid2 Value: f7e12eb5-3dfd-440f-8be6-08704e1ae7eb
.rtb.mx/	1970-01-21 07:17:57	Name: amuid2 Value: f7e12eb5-3dfd-440f-8be6-08704e1ae7eb
.csync.loopme.me/	1970-01-21 00:44:50	Name: viewer_token Value: f9194a22-5772-4683-8977-61b8f7b03dff
.omnitagjs.com/	1970-01-20 23:15:33	Name: ayl_visitor Value: 5a6d85f5e40dd57f2e374b245f27cfba
.adsrvr.org/	1970-01-21 07:17:57	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCKae_omzj5o9EAUSFwoIcHVibWF0aWMSCwjy18eMs4-aPRAFGAEgASgCMgsIhM7KucmPmj0QBTgBWghwdWJtYXRpY2AC
.pubmatic.com/	1970-01-21 00:41:57	Name: SyncRTB3 Value: 1723939200%3A220
.pubmatic.com/	1970-01-21 07:17:57	Name: KADUSERCOOKIE Value: 6BE73184-D948-4087-831A-7D378650DC25
.turn.com/	1970-01-21 02:51:33	Name: uid Value: 2361727774690646611
.simpli.fi/	1970-01-21 07:19:23	Name: suid Value: 4FDBFC9B78FF4F1AB5562CB861945E24
.analytics.yahoo.com/	1970-01-21 07:17:57	Name: IDSYNC Value: 18z8~2jxf
.amazon-adsystem.com/	1970-01-21 04:17:57	Name: ad-id Value: A9PjZcgiYkv2qxwKnEb_dh0
.amazon-adsystem.com/	1970-01-21 08:08:21	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 23:15:33	Name: KRTBCOOKIE_22 Value: 14911-2361727774690646611&KRTB&23150-2361727774690646611&KRTB&23527-2361727774690646611
.pubmatic.com/	1970-01-21 00:41:57	Name: KRTBCOOKIE_377 Value: 6810-b876457c-f524-4291-a4d4-ca2e685b36fc&KRTB&22918-b876457c-f524-4291-a4d4-ca2e685b36fc&KRTB&22926-b876457c-f524-4291-a4d4-ca2e685b36fc&KRTB&23031-b876457c-f524-4291-a4d4-ca2e685b36fc
.pubmatic.com/	1970-01-21 00:41:57	Name: KRTBCOOKIE_80 Value: 22987-CAESEJiq8Ydjsg3k1vq0c24PB9Y&KRTB&23025-CAESEJiq8Ydjsg3k1vq0c24PB9Y&KRTB&23386-CAESEJiq8Ydjsg3k1vq0c24PB9Y
.pubmatic.com/	1970-01-20 23:15:33	Name: KRTBCOOKIE_148 Value: 19421-uid:4FDBFC9B78FF4F1AB5562CB861945E24&KRTB&23486-uid:4FDBFC9B78FF4F1AB5562CB861945E24&KRTB&23489-uid:4FDBFC9B78FF4F1AB5562CB861945E24&KRTB&23539-uid:4FDBFC9B78FF4F1AB5562CB861945E24
.pubmatic.com/	1970-01-20 23:15:33	Name: PugT Value: 1722741273
.pubmatic.com/	1970-01-20 23:15:33	Name: SPugT Value: 1722741272
.rubiconproject.com/	1970-01-21 07:17:57	Name: audit_p Value: 1\|XrFguosR6M4IJKDq64cx5MaGOjcV4xvBNxMYzdoWdVpGXlzst0zOc6qAYuIuMjwAPlKbb3Lw3GSWvb2LdLTR6cfb44cvqHi7
.rubiconproject.com/	1970-01-21 07:17:57	Name: khaos Value: LZEZOAPS-W-8PS0
.rubiconproject.com/	1970-01-21 07:17:57	Name: khaos_p Value: LZEZOAPS-W-8PS0
.rubiconproject.com/	1970-01-21 07:17:57	Name: audit Value: 1\|XrFguosR6M4IJKDq64cx5MaGOjcV4xvBNxMYzdoWdVpGXlzst0zOc6qAYuIuMjwAPlKbb3Lw3GSWvb2LdLTR6cfb44cvqHi7
.pubmatic.com/	1970-01-20 22:33:47	Name: pi Value: 160295:3
.pubmatic.com/	1970-01-21 00:41:57	Name: chkChromeAb67Sec Value: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.svetzdravlja.org
bcp.crwdcntrl.net
cadmus.script.ac
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.optad360.net
cdn.prod.uidapi.com
cdn.zx-adnet.com
cmp.optad360.io
f3c390c5334aa4c9516ae8f755bde62b.safeframe.googlesyndication.com
fundingchoicesmessages.google.com
get.optad360.io
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mug.criteo.com
oa.openxcdn.net
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
script.4dex.io
securepubads.g.doubleclick.net
ssp.wp.pl
static.criteo.net
svetzdravlja.org
sync.a-mo.net
sync.quantumdex.io
tags.crwdcntrl.net
tpc.googlesyndication.com
useast.quantumdex.io
vi.svetzdravlja.org
vi1.svetzdravlja.org
vi2.svetzdravlja.org
www.bigmp3db.com
www.google.com
yandex.ru
yastatic.net
pagead2.googlesyndication.com
svetzdravlja.org
www.bigmp3db.com
100.24.111.98
108.138.128.46
125.253.89.176
147.28.129.140
15.197.193.217
151.101.1.195
162.19.138.120
185.184.8.90
212.77.99.29
2600:9000:2009:3800:6:b871:4f00:93a1
2600:9000:24f0:f200:f:a31d:75c0:93a1
2600:9000:250b:fe00:11:a4de:2580:93a1
2600:9000:2511:7a00:a:e047:754:6941
2606:4700:10::ac43:266a
2606:4700:10::ac43:2ac9
2606:4700:20::681a:9a9
2606:4700:3032::ac43:9930
2606:4700::6812:1691
2607:f8b0:4004:c1d::64
2607:f8b0:400d:c04::9b
2607:f8b0:400d:c0b::9d
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c1d::67
2607:f8b0:400d:c1d::84
2620:100:a00b::12
2620:100:a00b::4
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
2a04:4e42::485
34.102.146.192
34.96.70.87
74.119.117.17
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
08e197932645fe0c9537946d06fd4e9c09b88440a2b8211e646e1253d356b8bc
09be8ac772a1d04c2a83dae0e370e0a2537312ebe895643d0bbc7bac23ca7292
0c5127802c22453a294aa96710135b20f9b8e2a0eab6ba1baf2cc733804fa6ee
0d7daafea91b489748249b1e545f46e4295f9ceb01183c1c40eeae0048425c86
0e382c0c5e84e43c13f1d7d8b731184fba050db1145208e9f061b8a8d737338f
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1764e898369c24be8d7d1cbcb82079c27f3898fbc1883f388a5c1008dd30c9e8
1ee638688e5719cd80dfa94c6860c98dd765a8d435ece4d7c26931fe07af6418
2470ae8b108eb33b27393643dd99c21a695e8f60ea4918fbdb88fc4652701350
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
2978b8f673a170443e5459259a5b1f1d79275849cb8cbc73b16faec666fe51c5
2ab6a80f08f72f0a47856fdbfe7e52033241a90ca535d580fb0804f699cbab79
2efebb03875dc4bd0e3d3685b726cce52c7b3721e03b61db15cf586a1f379d79
3049c898d62c4630d3114c56488e9286a069ff580c7ac8ce85fad5bf312f8426
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3600fd7b6232190c7449938836c4ace1f8221a9f61c25f348b90f811a5c5660a
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3d436d8f048cb56304cce449b255d935121e60e4e0cfa0fac211b256ecef5245
3d55476038dfe34a53d1e5be0d78fa70b2dde6720d622be9ff8b9c9008b0de52
3f0afcb31f1cdd116a67ce09330292c8a282c107b712ff91d8743074a0ef12f8
4021ac3b8dc8bfabb47c753df4e2d8850b084512a751375711da648e65ee2a5c
4575a7c6808149fd31a9ce1713fb636b1005af7d52d7ab7e570b6166b20ed500
45ff80f391287f67ec258130a70558da6de6e80d3cacd9eaea331f9546fc2260
48a8d37a2a480859746972713d4af29b9340e697f9903b35665088f186b546a1
4fbb34391124417f1861fef126cdcfadc1154022333f18a6758ec39cd0b9f649
510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5650e583c20170db94114fbd4dc93a8fa0e5468097cde473829a10b8a56ceac2
5792e440168ba67335797d740a78bbbeb4be18fc36b622526e5a33ded406178b
5b140f3cb30e8010beb35e16a36fd68c7bae80aadedd58325620d97eccfb3b23
5f7f88b21398b529c128679569bdbc34f46f55a244ab545d3e9f155b3b195ab7
612b2f37cd260cc286f109fed7a48e61d145a494834e3a34216006cea4e84794
61517efd19dad73a9201ec48a47096882f768882c425637b3e73b1b4c9b27a6a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6841c621f319b62acf9d5760906c469c8772fd608366483274a633ae33bc64bd
68dbc402b8d95b31ec11900b3b5aee781e46330beeec75070f60a40c03b402d9
6a21acfd6c341098d704d6fd9377222c57033523cc7c4ea1c4443c6dc69dd9e2
6ae6c209c4f6fdb59ca5c15ca7c8abebfcd020989554dfdee95fc995ef175c62
6b08d117ecfd2a0331c1ece0455cf16d2d713ccff3f8f0252b88a10937e94f80
6e09edc3dd35222fae5503bdb406f90c10eb20ee81da283135a3a2484c1aa8d9
7025cecb41913f88ba75bff87fae88028e1ee78cf4a375091c217f3e3950ea8d
8b179e7220eb7bce4ddae6838bf948fdbe2aa2773a9d1a193bc5fb999da974e0
8ce4049393341d506c0c7451f86f877745941aa57a1b72762973dc774ad84339
8ed978e2e8b8e8f943714ac6ac0bd84fc548541ae09cb266c4d1209f1e5df9bc
a974a873c3f8f3dc58f49db63225e333d67f4513912d7a99a3309782c6790dbe
aa16b486a4ae572277b7125537e3447abe8ad09b5e183a581e9abab8c3fd0303
afc85be3ba448be36ed4c068c0d36cbaa185ba99099ced504b9292ade40106fc
b0c2f8e08244f1e7d91ac74f8b74600e5252f6f29a5e90e370baf6e2ffcf39ed
b5da3c5820be563ca66f1b1c1ebc9ba5f089c15c6f0b0dfdfec7ee01f139fbeb
bb68a2f4769c3b5b9db89c4ff476c71a3167df78dbc0dfbe9c65d850e799b5d6
c2addd267aaa8138ebfd55a43f9a7e93a074130f169f9fe8d90fc1b031fcc868
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c542664cecfff7bb78c7d27f65b9ac5e1bc6ee8c0074dbedb7fd51e7aaa831b0
c76ce2589da2ab1fc9f65a0bcb7a2e781dc0fd66c9a5d6027512a6a8a66e83c1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d3887e502f06eaf523d059c14c600d10c555a8f0f8df4cfd5eae07ff03c03c12
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb7b2505881bd95b346946898bac6e7d6a2de49f187a14b7be4dead0ff24cd0
efb80b767a206fe96307befdcac72ad68a959c729a3b2d820dde1d9fbfcab81b
f6f3fd311ceddefdf87d9985faab220c23765e740d431f6e3331bb7a8e05186a
f74455c7053aa2145e2bddbb746c7f7fdb45b4648c08c13d999f017ae938a1e4
f87a7f176f339c8129e8d7c500db05cc54da32f93beca1a48589ff4dc13dd9ad
ff3d12cdeac1ff842d262788e151b8327f108b15f0d261ca0d388d24d9a8a785

vi2.svetzdravlja.org Open in urlscan Pro 2606:4700:3032::ac43:9930 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

93 %HTTPS

64 %IPv6

25 Domains

40 Subdomains

34 IPs

4 Countries

1813 kBTransfer

4716 kBSize

117 Cookies

99 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vi2.svetzdravlja.org Open in urlscan Pro
2606:4700:3032::ac43:9930 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

93 %
HTTPS

64 %
IPv6

25
Domains

40
Subdomains

34
IPs

4
Countries

1813 kB
Transfer

4716 kB
Size

117
Cookies

90 HTTP transactions
1 data transactions