megaznaika.com.ua Open in urlscan Pro
185.13.5.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://megaznaika.com.ua/
Effective URL:
https://megaznaika.com.ua/
Submission: On July 04 via api (July 4th 2022, 6:39:58 am UTC) from GB — Scanned from GB

Summary HTTP 127 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 8 countries across 18 domains to perform 127 HTTP transactions. The main IP is 185.13.5.57, located in Ukraine and belongs to FREEHOST, UA. The main domain is megaznaika.com.ua.
TLS certificate: Issued by R3 on April 29th 2022. Valid for: 3 months.

This is the only time megaznaika.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	185.13.5.57 185.13.5.57	42331 (FREEHOST) (FREEHOST)
19	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
4 4	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.199.73.68 52.199.73.68	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401f:4::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:4f::8	15169 (GOOGLE) (GOOGLE)
127	24

12 185.13.5.57 (Ukraine) 1 redirects

ASN42331 (FREEHOST, UA)
PTR: s57.freehost.com.ua

megaznaika.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:812::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.191 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.199.73.68 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-73-68.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401f:4::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-aigzrn7z.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:4f::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r3---sn-aigl6nek.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	657 KB
30	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 static.doubleclick.net — Cisco Umbrella Rank: 436 bid.g.doubleclick.net — Cisco Umbrella Rank: 465 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	405 KB
12	megaznaika.com.ua 1 redirects megaznaika.com.ua	174 KB
10	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	52 KB
8	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	1 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 imasdk.googleapis.com — Cisco Umbrella Rank: 425	254 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 883 r2---sn-aigzrn7z.c.2mdn.net — Cisco Umbrella Rank: 560377 r3---sn-aigl6nek.c.2mdn.net — Cisco Umbrella Rank: 280825	2 MB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	4 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1872	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	127 KB
2	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 3185	87 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	920 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 629	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1589	486 B
2	google.ae adservice.google.ae — Cisco Umbrella Rank: 119687	914 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1107	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	702 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
127	18

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
19	pagead2.googlesyndication.com	megaznaika.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net megaznaika.com.ua
12	megaznaika.com.ua	1 redirects megaznaika.com.ua
8	cm.g.doubleclick.net	megaznaika.com.ua googleads.g.doubleclick.net
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	ssum-sec.casalemedia.com	4 redirects
4	e.dlx.addthis.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	csi.gstatic.com	imasdk.googleapis.com
4	imasdk.googleapis.com	googleads.g.doubleclick.net
3	static.doubleclick.net	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	r3---sn-aigl6nek.c.2mdn.net
2	r2---sn-aigzrn7z.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	cc.adingo.jp	googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ae	pagead2.googlesyndication.com
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
127	28

This site contains links to these domains. Also see Links.

Domain
www.megaznaika.com.ua
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
megaznaika.com.ua R3	`2022-04-29` - `2022-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.ae GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-06-21` - `2022-08-30`	2 months	crt.sh

This page contains 21 frames:

Primary Page: https://megaznaika.com.ua/
Frame ID: 2F3908191D10495C8184371765ED925C
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: F6A66BAA669454F6F5E47FBE3FF55444
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&adk=1812271804&adf=3025194257&lmt=1656916792&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fmegaznaika.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916792658&bpp=2&bdt=267&idt=246&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6084868307703&frm=20&pv=2&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=259
Frame ID: 755E158D877E2614628B9502E06968C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&slotname=4266011121&adk=3554244520&adf=1373320325&pi=t.ma~as.4266011121&w=352&fwrn=4&fwrnh=100&lmt=1656916792&rafmt=1&psa=0&format=352x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916792660&bpp=1&bdt=270&idt=263&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=2374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=DGlep7bNhr&p=https%3A//megaznaika.com.ua&dtd=270
Frame ID: E40B133E633A68EAD35A0D05E34702CC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=914594037&pi=t.aa~a.572225079~i.13~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280&nras=2&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9OzKzx1LdE&p=https%3A//megaznaika.com.ua&dtd=19
Frame ID: 529ACB4177D5204D2891859CFAC78584
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27
Frame ID: 9B12AE9DF0EB7CBB5889069376ED5E8E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2674E450252423CF6650418583F7CAB2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2E361F8D38C966BB61515B4C11332EB9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0E62704C61624CA405A25744042E0618
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DACAF33C933E0B3BD5EC2F65688BA381
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js
Frame ID: F4F92DE451D413CD53890193DC4FD170
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 25401B293E978AF06E48B1A0A9C2D72A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: C850B2FFE2BCB2ADCCF2B8DEAA9B9C33
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: 068BFA67824C56E086994F1EA977F008
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js
Frame ID: 58EB358E18C077E09FCFEF7C1075009D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9DFEC19A479327616A4B56FAB8A274CE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D9DC3433B74EC3C7C12245A0BC193D14
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 63CC36929528E7B631A2BBA0ACB87C8F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1CD033BE7F3FC055BE2BC0CDCB71F011
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73D45801D89F10EF3F45384BF8675225
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D32F59CD14576FC679902FAED9C67EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

МегаЗнайка - кращий сайт для допитливих дітей - МегаЗнайка

Page URL History Show full URLs

http://megaznaika.com.ua/ HTTP 301
https://megaznaika.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

127
Requests

93 %
HTTPS

63 %
IPv6

18
Domains

28
Subdomains

24
IPs

8
Countries

3310 kB
Transfer

5626 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.megaznaika.com.ua/napyshit-nam-vidhuky-komentari-propozytsiji-staty-avtorom/
Title: відгуки, коментарі, пропозиції, як стати автором

Search URL Search Domain Scan URL

URL: https://www.facebook.com/megaznaika/
Title: МегаЗнайка на Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/%D0%9C%D0%B5%D0%B3%D0%B0%D0%97%D0%BD%D0%B0%D0%B9%D0%BA%D0%B0
Title: МегаЗнайка на YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://megaznaika.com.ua/ HTTP 301
https://megaznaika.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 58

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 92

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAVE0An23bl9SRVifsySEZJ5fEUIffIheNRxffMusIW5dpZMlonwuarPuWkSb8Y6jVYoTTov_TDNt1TzbcZ0EpHBTPwi9ap9g&google_gid=CAESECsTgsrTSs6TbdYjj4oFbyg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAVE0An23bl9SRVifsySEZJ5fEUIffIheNRxffMusIW5dpZMlonwuarPuWkSb8Y6jVYoTTov_TDNt1TzbcZ0EpHBTPwi9ap9g&google_gid=CAESECsTgsrTSs6TbdYjj4oFbyg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQwNjM5NTQwMDAzNzQ2Mzg5MzExNQ%3D%3D&google_push=ARnp8GAVE0An23bl9SRVifsySEZJ5fEUIffIheNRxffMusIW5dpZMlonwuarPuWkSb8Y6jVYoTTov_TDNt1TzbcZ0EpHBTPwi9ap9g

Request Chain 95

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEYbbucFwLsvJkkvuwsN0nM&google_cver=1&google_push=ARnp8GCBlNk-veRiBAQLnMWPxOcq0zLBRuaCsUp3jQGv99LJOKghBuEVaaZMO928vA-zGMbbd48z3Cfp0XTpVoeJoXiZLM3N1cY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2REg5MFQtMjUtSzNEWQ==&google_push=ARnp8GCBlNk-veRiBAQLnMWPxOcq0zLBRuaCsUp3jQGv99LJOKghBuEVaaZMO928vA-zGMbbd48z3Cfp0XTpVoeJoXiZLM3N1cY

Request Chain 96

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_cver=1&google_push=ARnp8GAehqXFBynSdvkdYgKYY8_K3N3VlpgwJJxtDxcAwtN3ffx4Vdwkt6R3_g9J1t0jeLZkgfls0Gu-FSoBICpSOn4XiPa99MXBjA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_push=ARnp8GAehqXFBynSdvkdYgKYY8_K3N3VlpgwJJxtDxcAwtN3ffx4Vdwkt6R3_g9J1t0jeLZkgfls0Gu-FSoBICpSOn4XiPa99MXBjA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_hm=YsKLOrEn-H7DB_H9UfUEwQAACacAAAIB&google_nid=index&google_push=ARnp8GAehqXFBynSdvkdYgKYY8_K3N3VlpgwJJxtDxcAwtN3ffx4Vdwkt6R3_g9J1t0jeLZkgfls0Gu-FSoBICpSOn4XiPa99MXBjA

Request Chain 99

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GA4OXzaFGwo4uPNyVWiixem_xy3ozuNE45M9vUP3iE0Q8Ja2oyQbz4eb9trGlKHoEsmN40vhJsYYku-m8OFHCOu1f7UVu0&google_gid=CAESECsTgsrTSs6TbdYjj4oFbyg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GA4OXzaFGwo4uPNyVWiixem_xy3ozuNE45M9vUP3iE0Q8Ja2oyQbz4eb9trGlKHoEsmN40vhJsYYku-m8OFHCOu1f7UVu0&google_gid=CAESECsTgsrTSs6TbdYjj4oFbyg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQwNjM5NTQwMDAxODQxMDU2MjkwOA%3D%3D&google_push=ARnp8GA4OXzaFGwo4uPNyVWiixem_xy3ozuNE45M9vUP3iE0Q8Ja2oyQbz4eb9trGlKHoEsmN40vhJsYYku-m8OFHCOu1f7UVu0

Request Chain 102

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEYbbucFwLsvJkkvuwsN0nM&google_cver=1&google_push=ARnp8GAGrvqkqGFdkaF6UbUyYqC6xx-3Jeqde1avN_7wyjYp_AA-x_zD-3pJ_STiOD9TprpQn9GXpzbUOj5-CuuA-HHJ49ysGDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2REg5MFctMVgtNUFaTA==&google_push=ARnp8GAGrvqkqGFdkaF6UbUyYqC6xx-3Jeqde1avN_7wyjYp_AA-x_zD-3pJ_STiOD9TprpQn9GXpzbUOj5-CuuA-HHJ49ysGDA

Request Chain 103

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_cver=1&google_push=ARnp8GBL9IOfb7g0u-paWkY3wFAUAVbN2DCKxBgHVMUK6NJRX_aFZdO9R948v5uYc3AXi181MM2iGmuCd_h1MhZjSrufwdkPTjQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_push=ARnp8GBL9IOfb7g0u-paWkY3wFAUAVbN2DCKxBgHVMUK6NJRX_aFZdO9R948v5uYc3AXi181MM2iGmuCd_h1MhZjSrufwdkPTjQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_hm=YsKLOrEn-H7DB_H9UfUEwQAACacAAAIB&google_nid=index&google_push=ARnp8GBL9IOfb7g0u-paWkY3wFAUAVbN2DCKxBgHVMUK6NJRX_aFZdO9R948v5uYc3AXi181MM2iGmuCd_h1MhZjSrufwdkPTjQ

Request Chain 108

https://gcdn.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8283F1766D24806A3DD0EB3827B0F1275D1CFC0D.6D9F94DE3FA94E4697B5355FC614A506A8709BC3/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06584164143F18932F995794EE1538AE3EA11CF6.49CF82F525741FCE408E2F164504FB29B0E5DEED/key/cms1/cms_redirect/yes/mh/5q/mip/2a02:8c8:c10:30::13/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1656915709/mv/u/mvi/2/pl/48/file/file.mp4

Request Chain 110

https://gcdn.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/71A22DA15EB9E68DE0BA74D36C05B3BC68BEBF68.BB0915088BB9954C108DD2AEFE42FBE02646DB48/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-aigl6nek.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0552A6108327F0D655F6FE435B9DF17B86FE9065.2AD33F5D0DF68B27C0ECFD775D1D675D8BD6EE73/key/cms1/cms_redirect/yes/mh/5q/mip/2a02:8c8:c10:30::13/mm/42/mn/sn-aigl6nek/ms/onc/mt/1656915983/mv/u/mvi/3/pl/48/file/file.mp4

127 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
megaznaika.com.ua/
Redirect Chain

http://megaznaika.com.ua/
https://megaznaika.com.ua/

116 KB
27 KB

3095ms
2962ms

Document
text/html

185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx / PHP/7.3.17
Resource Hash: 0f286a6fd0f943a2fb6b677f6cb943f5b7252ddb7866f60fe619a46cf2d2eef5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 06:39:52 GMT
link: <https://megaznaika.com.ua/wp-json/>; rel="https://api.w.org/", <https://megaznaika.com.ua/wp-json/wp/v2/pages/4372>; rel="alternate"; type="application/json", <https://megaznaika.com.ua/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.3.17

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 04 Jul 2022 06:39:49 GMT
Location: https://megaznaika.com.ua/
Server: nginx

GET
H2 200 main.min.css
megaznaika.com.ua/wp-content/themes/astra/assets/css/minified/ 39 KB
10 KB 67ms
67ms Stylesheet
text/css 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.8.0
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: 2661bf7b0200e2fb896e87f63eb9b3ad0deb75e9e6b41d6daee5f05c1288a427

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 14:33:58 GMT
server: nginx
etag: W/"62b479d6-9c5f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 style.min.css
megaznaika.com.ua/wp-includes/css/dist/block-library/ 87 KB
15 KB 68ms
68ms Stylesheet
text/css 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:13 GMT
server: nginx
etag: W/"628df239-15b26"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 157ms
63ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8900067022887938

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c6fe39debcab225aa3ccd70f943708784e9f4f126cacc48e356d6dbdb47e659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56594
x-xss-protection: 0
server: cafe
etag: 1381287957879400144
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 06:39:52 GMT

GET
H2 200 cropped-megaznaika-logo.jpeg
megaznaika.com.ua/wp-content/uploads/2021/09/ 17 KB
17 KB 102ms
101ms Image
image/jpeg 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megaznaika.com.ua/wp-content/uploads/2021/09/cropped-megaznaika-logo.jpeg
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: d263ac528b26dea0fea4a42f9143a6383b1ce2823b4d9ec26126aabfde9cd714

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
last-modified: Fri, 08 Apr 2022 09:36:33 GMT
server: nginx
etag: "62500221-4206"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16902
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 Meha-Znayka.jpg
megaznaika.com.ua/wp-content/uploads/2021/09/ 49 KB
50 KB 103ms
102ms Image
image/jpeg 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megaznaika.com.ua/wp-content/uploads/2021/09/Meha-Znayka.jpg
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: fff2ee7912e1e6c4287d1edeb49f9347a93d1893e708fc2df47915e29c4035e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
last-modified: Wed, 01 Dec 2021 21:28:57 GMT
server: nginx
etag: "61a7e919-c5d8"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 50648
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 frontend.min.js Show response
megaznaika.com.ua/wp-content/themes/astra/assets/js/minified/ 16 KB
5 KB 68ms
66ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.0
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: 07b22178596c5c5ac3c9d568c7c86ab07960f1fb5ac0be88761eb3802df8905b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 14:33:58 GMT
server: nginx
etag: W/"62b479d6-415c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 view.min.js Show response
megaznaika.com.ua/wp-includes/blocks/navigation/ 8 KB
3 KB 101ms
99ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-includes/blocks/navigation/view.min.js?ver=009e29110e016c14bac4ba0ecc809fcd
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: 43605db4453aed3c966dda36f501cd25d35d7790e34f4c395c5259e69d89bc19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:13 GMT
server: nginx
etag: W/"628df239-208e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 wp-emoji-release.min.js Show response
megaznaika.com.ua/wp-includes/js/ 18 KB
6 KB 132ms
131ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:13 GMT
server: nginx
etag: W/"628df239-48b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 knopka7.3-150x150.jpg
megaznaika.com.ua/wp-content/uploads/2015/03/ 10 KB
10 KB 105ms
104ms Image
image/jpeg 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megaznaika.com.ua/wp-content/uploads/2015/03/knopka7.3-150x150.jpg
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: d1b6261cd9258c5a946ea5d8ba24dd48441bcacf06cc0c35654300ae5b5a43ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
last-modified: Wed, 01 Dec 2021 21:26:45 GMT
server: nginx
etag: "61a7e895-28e3"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10467
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 knopka9.3-150x150.jpg
megaznaika.com.ua/wp-content/uploads/2015/03/ 8 KB
8 KB 106ms
105ms Image
image/jpeg 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megaznaika.com.ua/wp-content/uploads/2015/03/knopka9.3-150x150.jpg
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: a35ffea85a4dcce6df2f1a9228714bfe9697bb952a0a37e1de6a6564e830c36e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
last-modified: Wed, 01 Dec 2021 21:26:45 GMT
server: nginx
etag: "61a7e895-1f94"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8084
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H2 200 letter-e1518349855751.png
megaznaika.com.ua/wp-content/uploads/2015/03/ 23 KB
23 KB 106ms
106ms Image
image/png 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megaznaika.com.ua/wp-content/uploads/2015/03/letter-e1518349855751.png
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: eaff7467e230f655c14f614297e945bea946fb6b45ca61b87748a37e27bf1193

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
last-modified: Wed, 01 Dec 2021 21:27:51 GMT
server: nginx
etag: "61a7e8d7-5bd2"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23506
expires: Wed, 03 Aug 2022 06:39:52 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/ 340 KB
120 KB 149ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8900067022887938

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d85c7fbcb1fa28636f23fd84199ea1e72ccee1f454743cd14454da24a1e260f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122454
x-xss-protection: 0
server: cafe
etag: 17634392427263407839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 06:39:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame F6A6 10 KB
5 KB 124ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8900067022887938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 16:02:30 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 16:02:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
702 B 146ms
47ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=megaznaika.com.ua&callback=_gfp_s_&client=ca-pub-8900067022887938&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

ea0e95d72bac3aa61e73bb12def05b04259bacbb34f2a38b59f18db6b9b75388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
792 B 153ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=megaznaika.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 148ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=megaznaika.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 755E 297 KB
66 KB 514ms
435ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&adk=1812271804&adf=3025194257&lmt=1656916792&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fmegaznaika.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916792658&bpp=2&bdt=267&idt=246&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6084868307703&frm=20&pv=2&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=259

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eaff01fe5dbaeb65b6e754073f041cbd3f65186517a7aed1846ca92811bbd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67293
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 06:39:53 GMT
expires: Mon, 04 Jul 2022 06:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E40B 97 KB
31 KB 481ms
414ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&slotname=4266011121&adk=3554244520&adf=1373320325&pi=t.ma~as.4266011121&w=352&fwrn=4&fwrnh=100&lmt=1656916792&rafmt=1&psa=0&format=352x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916792660&bpp=1&bdt=270&idt=263&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=2374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=DGlep7bNhr&p=https%3A//megaznaika.com.ua&dtd=270

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c923c2d4e425a32a800559d587a7c5b161404fd1617f1a86dee85c6add0579bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31704
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 06:39:53 GMT
expires: Mon, 04 Jul 2022 06:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11302234302361770853
tpc.googlesyndication.com/simgad/ Frame E40B 105 KB
106 KB 204ms
97ms Image
image/gif 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11302234302361770853

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&slotname=4266011121&adk=3554244520&adf=1373320325&pi=t.ma~as.4266011121&w=352&fwrn=4&fwrnh=100&lmt=1656916792&rafmt=1&psa=0&format=352x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916792660&bpp=1&bdt=270&idt=263&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=2374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=DGlep7bNhr&p=https%3A//megaznaika.com.ua&dtd=270

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbf67eb8656be94a16ae125b272c5a68e4d41ae3a27045435bb5fde90ce4dd31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107971
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 10:22:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 06:39:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame E40B 21 KB
9 KB 145ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 717
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:27:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E40B 3 KB
1 KB 153ms
51ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:16:58 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame E40B 67 B
197 B 154ms
52ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 42005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Mon, 04 Jul 2022 18:59:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E40B 138 KB
43 KB 154ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 06:39:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E40B 17 KB
7 KB 147ms
45ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:33:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E40B 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrnnlOYvCYvDxApqG6gScloCQC8vairxp-N-vi7kQh6ibzIgKEAEg6drNImCRBqAB9Z-W7QLIAQOpAk2WDSFbfrE-qAMByAPJBKoE5gFP0Lfa7O5CsnzscZ6_Kojx0S4QpEMqBgFOkOmL0Znb0P1dVduOQBZZ9en6OGWFSXED6Wc-JH6NdIXz7aD9MSgV100me1T_bpd1uorzeltmUYFbwmhMOJ460Xn7NvvVIFZNG5pgSEDtxaYUtWqQOvK484XRS-2hq1UfbdOSDbTEGL1nul4HN3hc5rBczy5y7Oqby63o2urYsHk3IdlOGhqB36xEgiLWSxEpQRw1nZ1FbdLbxz61uAOvMGWkE4ltIFCtgbi9E8vrRK48r1H3TSAxFuK0Y4iI0cJ8vRpbrUWlJIWd8SFgK8AE1dCt9P8DkgUECAQYAZIFBAgFGASgBgOAB_Pf6ZIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQi9AD0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMC0BUBmBYBgBcBshccChoIABIUcHViLTg5MDAwNjcwMjI4ODc5MzgYAA&sigh=g9mGfjSyCLg&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&slotname=4266011121&adk=3554244520&adf=1373320325&pi=t.ma~as.4266011121&w=352&fwrn=4&fwrnh=100&lmt=1656916792&rafmt=1&psa=0&format=352x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916792660&bpp=1&bdt=270&idt=263&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=2374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=DGlep7bNhr&p=https%3A//megaznaika.com.ua&dtd=270
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 06:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Jul 2022 06:39:53 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E40B 31 KB
13 KB 152ms
53ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 09:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Jul 2022 09:36:39 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/ 149 KB
53 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/reactive_library_fy2021.js?bust=31068308

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

754d094dd65f0cdd09b01419446aa3b3542a63b1a598b81d26d0b2de51c7f20c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54077
x-xss-protection: 0
server: cafe
etag: 3406227193708419686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 06:39:53 GMT

GET
H3 200 integrator.js Show response
adservice.google.ae/adsid/ 107 B
122 B 126ms
47ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ae/adsid/integrator.js?domain=megaznaika.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 127ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=megaznaika.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 529A 76 KB
25 KB 454ms
452ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=914594037&pi=t.aa~a.572225079~i.13~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280&nras=2&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9OzKzx1LdE&p=https%3A//megaznaika.com.ua&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e751ff6d4a77450e63be195ef880e63b68eafaa1369b1d725ba692179f578a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 25487
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 06:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B12 76 KB
25 KB 470ms
469ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7902144c6e1f4fc9bbbe18420a276042825b991e49f7ece7cc47ec28966d9d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 25609
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 06:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame 2674 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 48291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 17:15:02 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 17:15:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/ Frame 2E36 10 KB
4 KB 38ms
37ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 48291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 17:15:02 GMT
etag: 10429905676100781186
expires: Sun, 17 Jul 2022 17:15:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E62 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&slotname=4266011121&adk=3554244520&adf=1373320325&pi=t.ma~as.4266011121&w=352&fwrn=4&fwrnh=100&lmt=1656916792&rafmt=1&psa=0&format=352x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916792660&bpp=1&bdt=270&idt=263&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1073&ady=2374&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=DGlep7bNhr&p=https%3A//megaznaika.com.ua&dtd=270
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 05:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2674 4 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 06:22:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 06:39:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 06:39:53 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2674 205 B
743 B 129ms
39ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 22:09:31 GMT
x-content-type-options: nosniff
age: 30622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 03 Jul 2023 22:09:31 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2674 604 B
695 B 130ms
40ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 00:59:16 GMT
x-content-type-options: nosniff
age: 20437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Jul 2023 00:59:16 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame 2674 19 KB
8 KB 128ms
46ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:13:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2E36 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3IrkOYvCYq-RAsvl-gbQ7rKIBd2b9vVqzfKBuoAQwbTvxLQJEAEg6drNImCRBqAB4pyj5QLIAQOoAwHIA8kEqgTUAU_Qinwf8slFHd29DI_-uyG7wjNBK_Pp1kj1EjlkBeI7i6KMbB8g5FwhUBfdnE6WnbR4YpionUfOyq3e952iW3ecP94-QlTZuuKX-Mz1iLGKtJ8x6lwuYBDydJnqRsq58LHYp33xBiTehjt4Gx8nrOrkzoGgNAVZMNr-yfM76m37HLTNs43q5pr1j18Ymxch1GQoLkdRRG4Gjj-7lC3rCsAmfYOgPd6ZxIgtu-atDJuuIhALDUqW6uCm8BlrESGP1gZ_yV-8muqXbk5WNSGr5C0w6mZQwASL46bQgQSSBQQIBBgBkgUECAUYBKAGA4AHhuPcmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCntQLSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItODkwMDA2NzAyMjg4NzkzOBgA&sigh=N0mQldhcKl0&uach_m=[UACH]

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 06:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 2E36 21 KB
8 KB 109ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:36:29 GMT

GET
H3 200 16060773021698601639
tpc.googlesyndication.com/simgad/ Frame 2E36 25 KB
25 KB 418ms
348ms Image
image/gif 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16060773021698601639

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7dc4ebe2135b6c6753aa8ab4663ecc848f5c4042d50490d5c6ceeb1194f5bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:54 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25439
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 13:25:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 06:39:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 2E36 3 KB
1 KB 129ms
59ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E36 138 KB
42 KB 130ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 06:39:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 2E36 17 KB
7 KB 123ms
53ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:24:43 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 2E36 31 KB
13 KB 129ms
60ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 09:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Jul 2022 09:36:39 GMT

GET
DATA 200
OK truncated
/ Frame E40B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 051e047c2669c55ef50ddcc116c2182ef7bcc4cee85d2387ae779e2e295f8028

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E62
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

117ms
117ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 06:39:53 GMT
expires: Mon, 04 Jul 2022 06:39:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 06:39:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DACA 143 B
163 B 43ms
43ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 05:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F4F9 84 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 16:37:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 04 Jul 2022 16:37:59 GMT

GET
H2 200 9577826414661617477_11262097692074653783.jpeg
static.doubleclick.net/dynamic/5/332349344/ Frame F4F9 49 KB
50 KB 130ms
40ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/332349344/9577826414661617477_11262097692074653783.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5faca302ad89600980495ffecda3c32dc6d9635adbe273672d33e7043633ceb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 14:30:11 GMT
x-content-type-options: nosniff
age: 230982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50041
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 06:09:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 14:30:11 GMT

GET
H2 200 2228299004628151713_4288798044864035770.jpeg
static.doubleclick.net/dynamic/5/332349344/ Frame F4F9 92 KB
92 KB 188ms
99ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/332349344/2228299004628151713_4288798044864035770.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

084f82a48a30e0321b7f80708ad93429917c89b2fa105efd5197a5397ba73937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 16:55:33 GMT
x-content-type-options: nosniff
age: 222260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94462
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 06:09:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 16:55:33 GMT

GET
H2 200 12652541144028209914_1629085622078441039.jpeg
static.doubleclick.net/dynamic/5/332349344/ Frame F4F9 70 KB
70 KB 212ms
123ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/332349344/12652541144028209914_1629085622078441039.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea282348ba7721a46dda4b470f183b0a7cb1134c090d979da736565a0736f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 19:06:56 GMT
x-content-type-options: nosniff
age: 214377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71373
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 06:09:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 19:06:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame F4F9 21 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:36:29 GMT

GET
DATA 200
OK truncated
/ Frame 2E36 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e0e523821b2daebe06e46364174b6bb24387892cfdc2aaaaf6b9cb5b9ecbc73

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DACA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

79ms
79ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 06:39:54 GMT
expires: Mon, 04 Jul 2022 06:39:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 06:39:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2540 143 B
163 B 38ms
37ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 05:50:48 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame F4F9 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4F9 138 KB
42 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 06:39:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2540
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

82ms
81ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 06:39:54 GMT
expires: Mon, 04 Jul 2022 06:39:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 06:39:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame F4F9 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:24:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 529A 21 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=914594037&pi=t.aa~a.572225079~i.13~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280&nras=2&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9OzKzx1LdE&p=https%3A//megaznaika.com.ua&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:36:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 529A 8 KB
716 B 138ms
55ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 05:01:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 06:39:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 06:39:54 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame 529A 14 KB
3 KB 282ms
179ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 14:10:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame 529A 354 KB
123 KB 187ms
85ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e91b740e0aebfa7aeeff33dd62379b9920fd9419282ba124be588f8670fec89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125445
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 14:10:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 529A 17 KB
7 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:24:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 529A 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYV7-woxCcYlhFpl99An7uHhwvHeef3GLguXRuk6VligP1o5khSw-8Wx7yoTvhapkQxljcVDT3VaV9QSwUCf7CX82QOA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=914594037&pi=t.aa~a.572225079~i.13~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280&nras=2&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9OzKzx1LdE&p=https%3A//megaznaika.com.ua&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 9B12 21 KB
8 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:36:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9B12 8 KB
716 B 119ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 05:16:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 06:39:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 06:39:54 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame 9B12 14 KB
3 KB 270ms
180ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 14:10:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame 9B12 354 KB
123 KB 131ms
42ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e91b740e0aebfa7aeeff33dd62379b9920fd9419282ba124be588f8670fec89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125445
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 14:10:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 9B12 17 KB
7 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Jul 2022 06:24:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9B12 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwrEhwGAZItal0FNYXEU8FtdZ4Zg3lQ_jSV_nmwRuHWNTPp9RlYfDy_JVvSj8qCiT6MWHbExEvsDqDnHL62Hen6mG3mQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame C850 36 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 04:35:06 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 068B 36 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 04:35:06 GMT

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 58EB 36 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 04:35:06 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 529A 0
54 B 861ms
287ms Ping
image/gif 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l56dh8t1&c=3090388295278&slotId=1545194147639&qqid=CPPgnIfQ3vgCFUy43godpVgARA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 529A 9 KB
10 KB 171ms
84ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 555011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 529A 15 KB
15 KB 134ms
52ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 588727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 529A 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CY_R6OYvCYrPgIszw-galsYGgBPTz9_lqsNmi14EQ25uy0esBEAEg6drNImCRBsgBBagDAcgDmwSqBPsBT9BeJt1icQwf06DlqfkSv4-EdGoBqvT2pOPpj8HHMXDh1Gczuaqsf_qlS_byPiXVMDvdJqyWvt3jsGYC85wruJNYoKFrP9j46MYytOX9cLiiuVfGlJM6ZuvN23mYuWNbUOmUjWo5xyX86SfBxcFvJ8stTzHhGki0jK91H5qOdZfzy0lWxMuHftP_cHA_-KDto8cqvb95zyWhSsWeQt4-Unc0vu7-DqY1iGNzzr-n2Q0s-qKUVmxLZIp6_d4CkGJwzLHl5tGyLgbkVbKG0omWNg7VX3Y_skrCLd0WHCrMR7rZnxuVDz1nfQmZjkVRBx33Nw-HgwnkfkbRVDPABJKEnMSOBOAEA5AGAaAGdoAH2KTUrAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoByAsB4AsBgAwBsBOS1MYPyBOQvb_gA9gTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1656916794331&ai=CY_R6OYvCYrPgIszw-galsYGgBPTz9_lqsNmi14EQ25uy0esBEAEg6drNImCRBsgBBagDAcgDmwSqBPsBT9BeJt1icQwf06DlqfkSv4-EdGoBqvT2pOPpj8HHMXDh1Gczuaqsf_qlS_byPiXVMDvdJqyWvt3jsGYC85wruJNYoKFrP9j46MYytOX9cLiiuVfGlJM6ZuvN23mYuWNbUOmUjWo5xyX86SfBxcFvJ8stTzHhGki0jK91H5qOdZfzy0lWxMuHftP_cHA_-KDto8cqvb95zyWhSsWeQt4-Unc0vu7-DqY1iGNzzr-n2Q0s-qKUVmxLZIp6_d4CkGJwzLHl5tGyLgbkVbKG0omWNg7VX3Y_skrCLd0WHCrMR7rZnxuVDz1nfQmZjkVRBx33Nw-HgwnkfkbRVDPABJKEnMSOBOAEA5AGAaAGdoAH2KTUrAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoByAsB4AsBgAwBsBOS1MYPyBOQvb_gA9gTCogUAtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 529A 29 KB
16 KB 155ms
62ms XHR
text/xml 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CUFRydjdQJPCmj_d2IeRGchodSwMdAyf7Nda2vuMy5G5tdvA8vkUckLBfmvoRYkRasL1vy_93HA9XsUW3FR4A8wgznJA&cry=1&dbm_d=AKAmf-D5iikMrSi-Vq5PNpOd2EinJ8I3yP6_pmNuvrYdGOrqzd8I00rCBQKWgDmLsN8kwt24_5l2tHKd2QDC9qGaN5LKaJY6ZpR7mE64uJh7ZBaj40r9zq1O3gpiEHQv4FVl_NNoBngpv1QkhiF0H-2l9oz2WAfHVlmpQg3uq3kiDJYfoq-F8ByVQ6Tx7Bx7rHAzXV1QzRcZ-W_QcjesrioGaUZrDgvGyQsU_e9geRt9QGd4s1Pa0rgITz5KMRWgu7lpBvQzaQ8rSJXnXbIaAFhpooSMKrKTIwHk70CWh9N41O6AnwvZBxuHS89-byXerAMv2ZKtimMRnTabXzItAqX8hWc3JqioJPwN1wO8LcgmxuyMoBjBn6IGUgJn6KDwDOk9AoHUjLxKwuawI4nbxHYZfpDKCQskbHVkMI2HqibOezCoCMJd-_msRob5my1zK7eKJQyzEmDX-8VFFFiJZmfkyHGRly_PzomjgW0HYaU0msZK5BDj12Pa0pvSfV5pUtkp_CDgI78LmQWoNU74BgWgS0LIQyxt9REvs7bjje92gxEUp9IagVSZoxt-XLyzZMcdAPp7yvUxZgCZBlSW5pduzohPs7e39cKSpjH-dl-uC50njQTD3va2YOvHJ1JfFt79jPflDExbfpVOjfTRFnTmjfcv-AGEwyuWNfgZUYxL_1tvodSXkL2pkAVFhe-hDIENQ2htgFBNecSjUTjng9XMz8iEIwhJ5kSLnRSWEqAMyX6-rn8foY6ZxaKB3mIdSojZfHuRXQ3ZKpiTulFKVilO_pSFRrhAbNhPQ_Tvq43I3tQ1u7UEpknZAmELlsyZLhMUtqc1M2fFtwZdjooVS19GmLTY4Qf0bl8kfIYZl3z80NZ1nVGeBeMSa5-SYNlumdJnjC591joAkzxZgviA0Ldzj48MQi3LyXnO3p9hEjM_FY8UinU_q0LQcpI8mkOQtVBaoPYM_lGsuagnU9oXugx3kZ4t2HGZkqFmm9glgJCxsVVMdS1Kf44UrX_3My2skqoVmNLS0HuhxZwUej2faomna-B2qEEY6NQGxE92RbSVeQW5u1AS28n-8L2cZcRnLdt12V_o87s2n4rMiur7-9HfMqjnSzMFfUI1PIPSgRYn2BOByhqWapGDOxrQZzpNAavRjwf1t69j9mk2HzNEhx6a5hZjMaiZj8_jpflmF9GRkWxZe-0tmBQm4WnFLJVNg6RsmSh-NJkG1Dmk8Fcw5iEMtT143FN6z-UEBCLk5YoHMrXvmWdTcQWStqARK0VcO4Tg3QGFBuTqGzQjtHV9i-1mI7WONJV6f6jeGNkP5fD5yg5Yj0nrzV-sOzBhP1lMhkvHP1pQSC2YprWes1wqWlRTQSIKsrC6xm47jP1EWwcjmS8Qr9L9wplVd7AtjSDBqQ1NA22ysD8TpfWRblvPPiqTB9VHaheOiCb3zf90zLEwMfS0mI1_pz_RhVWY7yRXiio-JOg3XHVasinF-blbLvqviI4C0E8vjZIx3nY5JFXxIDZSWYU_QSalUjUdDXFBJwVHV6UQcFGBxjADdiEgm1FdEOTXzE2IJ0wI4uJOxUQZxDaNQDSfwlr7KyVnFljT6b2LmVZHw1IRX2WEvYKQvCEz04UcP390E-b9NrToNpzidW4E-QPefeTnlnoi_kS5W48fZtXpxTF-spEatO47aoWLFPV09xUIxlo0-4SOLbex_nMGBw8D8Z0qbtWGvfdINHlioGy0SfF9UKYO0xNvCo5rKAq0PWWoFsng7Px4yw7YAaxpmzCoS9FPZh7uo0c1Y7QcfcIRpI7gV0qhWPqkON9vNvPP2I7DtsAZssI4UlUc_Qu3jPjOR_kZp4HOGzNXq3Fqu6yqaxqRJxz6L7IXnrVzJgn72aR_uouY4R7oe6u3UTa0lmwrOcqOO74Hs-wFput2IAGTFfsO1c8qOBxUmQ4UM2ELeuBUVdiOoVRcvgX45AHSdwx-zrNMBGvAmzPZLP7Ruvq3g3dO844GUbkfeNM3skz22081W3HS-VKZTWnDqxZk5MBQF4Cd5tPfg9FFLzc0R-BANo1_7ERwZ_q_yttC52jUSCd8pPY7HxL9kyEU72icYYGiht1_YqhFMaePraplrNBWvCiaV1kPDqvSKra2lc8mBTv_6wmu356Ii5wOa4O1Qokjdl4avYvSLw1BnSYV1Km3xGSOr6LUuHprJA9Fap8pvh6JJOJPkcqyFxitTyaZ6Altj2EEF1RtMNUxXbEaokRIieCRToqrTrS_pXniYKNVm1yzsQUQ5z4i0uVogpatGUUHkRFQIyMollx_qBGI_CDwz3TdLRWf9TB1yC1vW1dYkgKzfAfX9HtXrXOMSgk0cEI5gu0_F_iyV1qM6gR4A6Qhyn0t1YJu4yt9U-YTFrBWHoIQg3o1QTst8B4KFw2Nwd-iAl879y4o48yLjMQre0H7QdImCaTvXHgnmECmEr_h-OYMpg1Sbg4peh4_HzpDxp2L-_oPRLn4FV9_wVXLgVh55FuKvMs8M_3fjXWSd3LflkCTHFw6xg0x9-KJX6XC9vWbGpILTVW1QdrU1J0vAgeaSQ7cekFAqwJycn3FcsWDiPonY8I8dBsCpIziwYFnKpZRT4o7p-GwCnJCFOBNj60Kmu3MbiXv_OWjqyJtG2XZWMJKuualZ0XaOi6KeYdkccG1ybyAgTkmcZU2gRWgVfDMUKDpQLW7k9F-uQjzOg3z3tU4Acb1piV5MKU7i1eKetT6mD2BzEHTr89ep8XsmD2sFPNn2UhModNZmN82v6vJvpVg8vpkfEO-ZlQxEWJoZRZ0saTKdONCmARuB2RgtHZXuJvUYRQL1z1OhJsURs7BcdbPrCFAaf0N-EqJhhUSbDwdCsNfa5YoFMKmdh8xWcDtMscb65I08hw2EbagwT9xbgrp9LzBIhVvGLdjVMg1HgxFdGOqb3I6ehxxaTr0tI7O3v7JV9kcAI5rDfxmez9KJRXi6Ji4GNyIS8241gPclexweDrEVfn80xOxMCoBDYXJgvmUiKJUEUQ7vXu_wlmXFKPyKFOfWGx6oAOn7OKX9R2UGRxt0iWvoxnCJyTj0eCnHzJqwrMk1zxv4GIIE9M2P2TJi9NVKNWXIXzL2cz-o7Vi3kXMifFipWsq087h4PGK2h0joTrCd9MTjYydutMi7lOjCyc9nFM32tHe7KVATE4GMStYYmndqQaTkyWkq8fG3cUHStDU5g9NUQESKFo-J9n8sP-ZRDkrz4rcftWfu4TsxwWfzNijJ0AofMA-6qMzZNHR9ABn6xV9LKH4y4H7TKv39sX-I5iNcJwrlBOwCqy2M7GQ7aVhHo7Fr3UcfMj3DP4_43mvNjIuwm6_f9vJs3S2BeAu44XbF2rOZW8zYHcc9hkIPTdWYuEiC9xo6XFf-Ewdiu3RM3T2tKRwBxT_Xm1FToocbYJD5VYMhkjYk9DlT1DTiZzfm6iUO0qaoGliCY_QiIeDmngdEQBzAAWpAq3NHB2skzgsRis61gmupggcfrR9GE5DJc5rJtI8R5qYCNDbXg-xR9yJ2CwhTl4L5N2sfFkWecrzZL32CLu9KcLDyPa3CTySdh1fBzQi9ujHeNG3RtNyk6sjMBhyql6lTex_qPN3xQOEOTGwSi7iIqpKXO40zQxk25YxQD1r4Ju14qnHEk3n03U_YA9LrUCV6k-4weLD-EsoyvUoY77yn01DczVj-ARytTT5IXxjF3HAxN17yV401TeUfujRiEy4WzchFNqCdiraB54Xrw-7CNvVzlQvZaPE6VqyZ1sQzWhTnbrsNjOeC2v89Lft6VsP639e1dtlFlHQxhqZPrJAMyjwju0Up4l_j_rcRwtJlKAKNysZhg07MCW11jseXiOMWr5GFg&cid=CAASJORoMhoLLVOGUNyXycFdj_49nx1kOOhTAUy-5_sq3fBe1StpJA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

cafe /

Resource Hash

d70fd41fc4185a97b37aba861add07ecbe292c81ccfa9872d3aec03fd116eaf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15532
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 529A 0
0 79ms
79ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2_kHOYvCYrPgIszw-galsYGgBPTz9_lqsNmi14EQ25uy0esBEAEg6drNImCRBsgBBagDAaoE-AFP0F4m3WJxDB_ToOWp-RK_j4R0agGq9Pak4-mPwccxcOHUZzO5qqx_-qVL9vI-JdUwO90mrJa-3eOwZgLznCu4k1igoWs_2PjoxjK05f1wuKK5V8aUkzpm683beZi5Y1tQ6ZSNajnHJfzpJ8HFwW8nyy1PMeEaSLSMr3Ufmo51l_PLSVbEy4d-0_9wcD_4oO2jxyq9v3nPJaFKxZ5C3j5SdzS-7v4OpjWIY3POv6fZDSz6opRWbEtkinr93gKQOnE-H3YczCCopXJINhCadH9z-DwhyK3k9HhNwxzAI-VfazNuXmPEqXBTEXMrzwe5rUsgI58Hn2pjwsAEkoScxI4E4AQDiAWJhMPVQZIFBggDEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH2KTUrAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCvkhAYno7KzQHSCA8IgGEQARgfMgKKAjoCgECACgHICwGwE5LUxg_IE5C9v-AD2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTg5MDAwNjcwMjI4ODc5MzgYAA&sigh=K13lO-sDWU8&uach_m=[UACH]&cid=CAQSOwCNIrLMX6Tjy0snoZtuVbmsDJ8nzCQLC2z0xZCCACsEDbvmVYoNZ65QjrUVWVF_50WfB-DtD2kVR7e1&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=914594037&pi=t.aa~a.572225079~i.13~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280&nras=2&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9OzKzx1LdE&p=https%3A//megaznaika.com.ua&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 06:39:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9DFE 1 KB
749 B 46ms
46ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 62022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 04 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 9B12 0
327 B 829ms
286ms Ping
image/gif 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l56dh8ty&c=730497841799&slotId=365248920899.5&qqid=CJrznIfQ3vgCFY-L3gody6wCKQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9B12 9 KB
9 KB 150ms
91ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 555011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9B12 15 KB
16 KB 99ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 588727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B12 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CvYmJOYvCYtryIo-X-gbL2YrIAvTz9_lqsNmi14EQ25uy0esBEAEg6drNImCRBsgBBagDAcgDmwSqBPsBT9DZGcdyxrlSdWm6sBvfj-037Zex4MBTzh67yE_TW4qWljTM-pMbIl0fk6GItPLDAKXawUhxUjyydtk_n8UZjy-WoHNao-hmkwSRDbE4_cKk-sklXC4RcjanG0Ftz58beo04OmAwscexGMJowz-2bA3BK8OqM4hvqg5CNWfvjx89ZMFYVIgC7rwxtuhuFsX7jZbFA8xLML3vltoegLgNa7y7mqrXo_rJKeckyGt2U-79q4WEDIagmcZ8mKITY3GOu7vOJVDnrkG-x8yV04HioOJJecWCZuR0mK2l_QIEaPolR-phNXfgPu6eYtFZ5-W9OFtgxig9AAcRzM_ABJKEnMSOBOAEA5AGAaAGdoAH2KTUrAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoByAsB4AsBgAwBsBOS1MYPyBOQvb_gA9gTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1656916794363&ai=CvYmJOYvCYtryIo-X-gbL2YrIAvTz9_lqsNmi14EQ25uy0esBEAEg6drNImCRBsgBBagDAcgDmwSqBPsBT9DZGcdyxrlSdWm6sBvfj-037Zex4MBTzh67yE_TW4qWljTM-pMbIl0fk6GItPLDAKXawUhxUjyydtk_n8UZjy-WoHNao-hmkwSRDbE4_cKk-sklXC4RcjanG0Ftz58beo04OmAwscexGMJowz-2bA3BK8OqM4hvqg5CNWfvjx89ZMFYVIgC7rwxtuhuFsX7jZbFA8xLML3vltoegLgNa7y7mqrXo_rJKeckyGt2U-79q4WEDIagmcZ8mKITY3GOu7vOJVDnrkG-x8yV04HioOJJecWCZuR0mK2l_QIEaPolR-phNXfgPu6eYtFZ5-W9OFtgxig9AAcRzM_ABJKEnMSOBOAEA5AGAaAGdoAH2KTUrAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIBhEAEYHzICigI6AoBAgAoByAsB4AsBgAwBsBOS1MYPyBOQvb_gA9gTCogUAtgUAdAVAfgWAYAXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9B12 29 KB
15 KB 146ms
72ms XHR
text/xml 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C012ZbRzGINiE26HNmulc0Ut9ssdXtnG6XczvE93Ds0PR_udz9MhaSwsWzbyvsBt_d6reiX0F4bXEWkPUg65EWo51y1w&cry=1&dbm_d=AKAmf-Atug4hrq43vPHOTM-E85BEmpLuFUHAbZDHVMJHHEbWo92w8Z7XM5w9HGz2U_dW79EzkG7FrBoCwIA9IUx1uvArMsymhJ4EcOHK9IY9R8CrMNgkgnk2jYzgYvmiCzrdcBezInTVkHy5TGr5DhrJ-TsHimGJKWTegr85gX3rPyvmZupwocWOjpU4Ku9X6VD9vGOF9_kcWCvFDAMq2-at3A1qcvNSG09gPaT8u_3fLIOQbhypMKMMZd4adyoxPPp8DvcLLCrDpcIkBMjZh3DBs4aC5iYnNkzI8uMxO2KoPOQfvbs2wVzR2WohUudspBlG39vnpMxT-OsLBb5kSyn0bJGOkj_iWeqVLMoy3peeZfpMEXGCRq5M5xX8x-8oK0xJMFhnUH8A_hWjWIvwcubPV_i8-0_jpyMdmBTHV-t1Ziy8fFWo8Uan8WBX3cE9R6tgZdQvMR482sirXe-BeNXzbP0IPfGEL3nLIqxhjfuNCzoLlKvcZ6LF8tjaidu2QcjEfiecuePWNtcWpr_mUSRwYwuIfpqG_8kfuWCyicstxk9Va8T4UHZJfQyBAWj7OyTtvFA0V93Yrksl84LeIB02rGvcypPPp68eBY_WYu6kU25JiCaFvq3OXuaZUkVSYq2uuNK6MtfS5Fm394LlFhpSZTWgOMSyBvHmHlrxO8jRKZ5lBQgWW_bF2c1Kj7muNlyQi3ErJVrDSIKs4lSD2Cp7BsRCAyJUGL9QdwYI5W0w9YoVL0bpM2z2Ez6CBmF0XIng2u9wv6POGT9EzsWTN1_9lsKDUYGQ6luYoNu9wrWlm4GU0mKUwJO5cXrxiXIEzr86S9Th38sPMezt6-iTdpecQz-w30p5KaTBQdFGQ6E4jZkmFHDvAIa-uwUXtzMruG6fOVJt-Mh_seGSbi2JkgMe8dU46wkTSdnt1WyKGimza0XGdriaB8vnZjiJRaK3VkGjrX8xCxnnIc9pmcwoDmAIIEKJ4U7zOxsZSxptRFixFhWeRnAod9kyTYO5ycmB7_On9D1ZWXZmoof2HdYjBduUwk9vxXhqXUnTgB6B6Se3YA-7E7pjwilpn-UhaWzU2FWTYUdBFIScf-tbgzCDctCH5ttSqsGNeH5wMrk4zmKLyX6EuCrgejraGlxG_eB4R_RvyVv8FbSQKk_aKhSh0wsSkFrlPQy3KKQ5fepwg2QVAq1KMfC1j_QOb7GVmXXP70KbkHuq0bq5BF4mRgkOu1gApDKpTPsJb3wQ4yaGfDpyILhK2RKvMLdo59We87WCaCIznCi5C4S3w1zUFl35JC1sSOllM-Vf86hBfQsJUsjFpdtdq8JJE6nSzxYudtAvxA6Z2K2HRjVJHF8jHv6oONGhM8DwMXKUIEpSTw8kJYrvvDzIOYR-nCIizKgs0VzMANemgV56yEF8KFnhowgf6EN7O-6pDvqTOBGW7k9ZKwQ9epmMYTrEAu9fygcgWH3bhHYhH34FUYicblGUxoz96CiUdRECY0maDBgr4nZwaaJ8Q_WAMycMB8WuNG1ELsDrjrui6KqCkH1G3EyWkPoWHyOoHIkR97lBErvPl5SdR5FCigKo5tGfiWx-8Xw8LiCTgwfV61kNq0b_eROzqJORjGHysmPlAE21AEejlp3ELw6_CZ-PqNrqG9KDFUiXH9ptmLaE6NhSwWCgOfq8vdyoQeU6nAiw919AM4qK4K7AMeLchlF4dL9019SVnr93o6BUK3LQFA_kmMxvj-VLhCF8_2b8WBJrhcOfYQBNKYejW9afuJG4jc3gjALFB1lG_ucVlbtt0PywHUITJ1YS_sh7zgDE8mKykJjVvklJijVYdufpFg08ur_UIAn0edjyroYtbJQqGhw99spiVxiqCntAPkUBFqubIdEjnhkPv59jXoiU4QtQYIw9uc1asmI-s6-PP7E2ca-EPjfCmKunKDlYOoWX84f8qH3Ny4F7FhsUlp-A3b8ftCoRz07tt5j5vHZj_F-E3h8Rfpgu9rNt5gaD2pnZj_vs3kz2s_Ih3Sm-f0bTC4G9iXl7UZmdpEBPpkDK2pcoTlqrZlWC4NdSPDkJU4H_KqEfHPXhPXdXt-6Vfv_k0qgWR8n6-Mj1KcIgXI8dHTcj8zLOYL0FaKQJlG1ALtZ5G2_l79UZI5iQapUtsgYxUhLBAou_QBInw-yLMnT7sNpz6uORKA2R2tYdhr-Fs5takPAB1l3_grDKEaIdxPJMIQdd02HlWNBEHBV95NAunmKLIkbUy3suYz7gtH7TYTw-V4iCHIHLpGbequ_a48scz6Gigk1DreieiGX8aMHIY5l_JIHDViZsLov0ZNxFK4fckR7VBNcxEHxm-y19Fm9y4Kow3svjJ0BIC-huedw0k90I9M5MivA6Krfwc-E75YFsqsZ5R-FP94pkW33nD5_FWBbDRzpVL8MPd22JgRqz1v1Z0krgd25OuyS7wZLdSl73r6FgPGyyvbZl9ir7Af-VWClRTPwkIqeVpQNftLgox0RVx8G6pNQNpjWFSx7N8WslT66iYLFSRGvffJafN7Lb3VGV9rTkX0e3qIERLFjR7F6-juW5kFliHM4g7JE2SssNnckruS5IllwKT4kLxtuY8E30Tu0bDHdHhzsTvmcMF7V2RiHDrKJqRVt7BBkW7rpHYxlMSnsVV0mrITR61iul1Fu1aur0u4QE9kH1xR3FE6BMI_oR5Wts3oRJeCdgH-moV_7opeo-ffaFZFL0U99ZhRooppesyFUIhetu4lQ9LAshcdKb20T7QsbNkHXId2NfIx3idLmhydbqUX0rBclrJ89pkYfbBf22gBHNzZ3tfA7npnD0vIa7PzOl5nhPurR-Njxqfdm8AUVJDKlTy8V02PYKlLxYhsEN7xnn1J2TZZoL78mSEjmoTrDjl948qmAOUBDtZGfIdRhXVItfdqlDMArNOIWLf7NnHzwdqoWca582qGRsT5d5Zxyurmtpt0JHqN_qwrYQfXKkvHpxp5oEWi-A99k7BAAhdALk5viYEMH58uByp7irWj-54wG8IR8f5FH48JqvMpjDGyC-HFRGjYRdYQjKXMY4G6hgC-3H37c_--G-1UxgFMpmzsDVeQS0mKfsEqguaglJhw1IWSa3LG_iQzg40A-aze7XLYiG4D5uAbFr4jfdnevoN_rSRv3UDr-xGhuEupAdBzm8EX0Q9JcAf3r6Kkv7NWN4CtSSkrP980EsBoN-JKmeUbIlZVjxiIpMS-GaVSi6oA00v3S37t8qLxfr9UM_TZmacMTOYVnfb3ijWCbxKirikuwokF81CHxFrwUvpnmscHhaI4qFDRD5uaxDI-iIspt1FRW3IF5rYuEnSYIN15UOT4dByEFGrW2MYqqpFtMVf4lOezOFYkgr-PXXUauJx1l3Ov10K8jyRKUlLB5O1aPO-h3CEsUb_Xr4dHMcXqOS_edTe-15jEaGzcloTEUA8aXuGBsu57HXE-SofmZ06Li0dtXX_rfUEYpxQ6N3GiFz_imq-x1eQCN5lvwm4BKqH3ENOplDWbLEWZQ-xi0D4zvjbWDPSHTuJfGRsiYqBzW_htYQFq8jXVEEvQ_gLfbQ0RZ_yDOVoNSdp_GMb7g_VFFe_il9AZnvsGVVL8VDc_F7QAiPOE9WW7ZwoOb_qpQ9o3MIz2c1dU5Nq6pcc2xmqTXfU4xt1VpRRekXR6v82iK4i_5f3XBehK0ue2Gw9GtvW-kKYA5MLm4OMkJr3BfAPHxDh3vMFETTdnA9HlUpVWN4b0ix5enC9o7gUDaiu09wlPXpKAkbpDtmHyrXiS5iff67y3N01tzNM1TsPM77YE1_Qa3yCui9nksjpGbQETGdWbyQjNZy0A7GZBb8FjsZfbULbu4Pxz6n1f5Gfh5zew&cid=CAASJORo9Dkyf8iQAEHtr16vMDN4tif6faNgflZ2BWOb1KHz3PM0pg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

cafe /

Resource Hash

b94152da0493816a29e9a87e79f555938bc7b11840f15e14caa7a4878cbe2804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15316
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B12 0
0 75ms
75ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvgsXOYvCYtryIo-X-gbL2YrIAvTz9_lqsNmi14EQ25uy0esBEAEg6drNImCRBsgBBagDAaoE-AFP0NkZx3LGuVJ1abqwG9-P7Tftl7HgwFPOHrvIT9NbipaWNMz6kxsiXR-ToYi08sMApdrBSHFSPLJ22T-fxRmPL5agc1qj6GaTBJENsTj9wqT6ySVcLhFyNqcbQW3Pnxt6jTg6YDCxx7EYwmjDP7ZsDcErw6oziG-qDkI1Z--PHz1kwVhUiALuvDG26G4WxfuNlsUDzEswve-W2h6AuA1rvLuaqtej-skp5yTIa3ZT7v2rhYQMhqCZxnyYohNjKY9JFV3fTXUo4ijaSAObfAvlFKAHexAwWs74s68hCy1wK8-2r5f-4_cQ9nTHWw9ZVQEvd3hCvrMdg8AEkoScxI4E4AQDiAWJhMPVQZIFBggDEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH2KTUrAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDXkhAYno7KzQHSCA8IgGEQARgfMgKKAjoCgECACgHICwGwE5LUxg_IE5C9v-AD2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTg5MDAwNjcwMjI4ODc5MzgYAA&sigh=W_JNeLMGdBI&uach_m=[UACH]&cid=CAQSOwCNIrLMZ9zvgSSzjQhRRKt1ZGTeFyOuidv7IvoBvc90amunI1VNyn0D0LVvjPpzA-pG90BCUILa6Aql&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Jul 2022 06:39:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D9DC 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 62022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 04 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 529A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f377a72bea56583af908ba10e14df6683815bc2329741bf5da21a6f3fb2623d6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9B12 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 835edf469f45b32528e1d999068479d0b1733c1fef59ec056275643c1aeb9296

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9DFE 35 B
464 B 140ms
42ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEErQi9nCaMF6Nct9xiMI_N8&google_cver=1&google_push=ARnp8GAYmyFuQxYQeHsZB2dhwQt4YmqqGeMRf75yWeXqaLXA1TEK_uKmQxQR4ofXu8-qdakv0sDPG75vve2OLOdUu2gX3Xrg2LVp

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DFE
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAVE0An...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GAVE0An...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQwNjM5NTQwMDAzNzQ2Mzg5MzExNQ%3D%3D&google_push=ARnp8GAVE0An23bl9SRVifsySEZJ5fEUIffIheNRxffMusIW5dpZMlonwuarPuWkSb8Y6j...

170 B
188 B

50ms
49ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQwNjM5NTQwMDAzNzQ2Mzg5MzExNQ%3D%3D&google_push=ARnp8GAVE0An23bl9SRVifsySEZJ5fEUIffIheNRxffMusIW5dpZMlonwuarPuWkSb8Y6jVYoTTov_TDNt1TzbcZ0EpHBTPwi9ap9g

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQwNjM5NTQwMDAzNzQ2Mzg5MzExNQ%3D%3D&google_push=ARnp8GAVE0An23bl9SRVifsySEZJ5fEUIffIheNRxffMusIW5dpZMlonwuarPuWkSb8Y6jVYoTTov_TDNt1TzbcZ0EpHBTPwi9ap9g
pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 04 Jul 2022 06:39:54 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9DFE 43 B
135 B 101ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJCKfW7mTvpFY88x1X8NgF8&google_cver=1&google_push=ARnp8GDXwFcKq5F4qb4o0tlQPZAyOdp4wXepb5e02mIRYPbjWfn5Qd_Txd6cAbL7yAJxGT0arn8e6yL-iKBKB84L4T6oBvW7JYl2RQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=914594037&pi=t.aa~a.572225079~i.13~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280&nras=2&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9OzKzx1LdE&p=https%3A//megaznaika.com.ua&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 2uctjp00jlqvuqrcnjs2io2nmdlb0mva

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9DFE 0
166 B 95ms
26ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHtaYIF2SmmkamEmaIlwuzk&google_cver=1&google_push=ARnp8GDIY_WtdQ6q-wcVpqrJdV8BXn0OmOyuHPnbbgbj9cvf5d_ltHbB-W4V5lTNAqmoyTZfmXobqbX6Rnv5ymmizICmpCy1jIoR
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=914594037&pi=t.aa~a.572225079~i.13~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280&nras=2&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9OzKzx1LdE&p=https%3A//megaznaika.com.ua&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DFE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEYbbucFwLsvJkkvuwsN0nM&google_cver=1&google_push=ARnp8GCBlNk-veRiBAQLnMWPxOcq0zLBRuaCsUp3jQGv99LJOKghBuEVaaZMO928vA-zGMbbd48...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2REg5MFQtMjUtSzNEWQ==&google_push=ARnp8GCBlNk-veRiBAQLnMWPxOcq0zLBRuaCsUp3jQGv99LJOKghBuEVaaZMO928vA-zGMbbd48z3Cfp0XTpVoeJoXiZLM3N1cY

170 B
188 B

171ms
51ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2REg5MFQtMjUtSzNEWQ==&google_push=ARnp8GCBlNk-veRiBAQLnMWPxOcq0zLBRuaCsUp3jQGv99LJOKghBuEVaaZMO928vA-zGMbbd48z3Cfp0XTpVoeJoXiZLM3N1cY

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2REg5MFQtMjUtSzNEWQ==&google_push=ARnp8GCBlNk-veRiBAQLnMWPxOcq0zLBRuaCsUp3jQGv99LJOKghBuEVaaZMO928vA-zGMbbd48z3Cfp0XTpVoeJoXiZLM3N1cY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DFE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_hm=YsKLOrEn-H7DB_H9UfUEwQAACacAAAIB&google_nid=index&google_push=ARnp8GAehqXFBynSdvkdYgKYY8_K3N3VlpgwJ...

170 B
188 B

49ms
49ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_hm=YsKLOrEn-H7DB_H9UfUEwQAACacAAAIB&google_nid=index&google_push=ARnp8GAehqXFBynSdvkdYgKYY8_K3N3VlpgwJJxtDxcAwtN3ffx4Vdwkt6R3_g9J1t0jeLZkgfls0Gu-FSoBICpSOn4XiPa99MXBjA

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZqiAma24ZOcwyN1QRB2EvX5wKQ9hjSnTSZzmLhCSwWI8rApJVnYmkyXrbfJ86BnqNl%2Bnnlubzmf1Ke2JzbUCa9LLz%2BTu0mRlHTG0zZzz%2FA0hjhj4azdnBiIrdyBEZdz68cWVNDiNBXj5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_hm=YsKLOrEn-H7DB_H9UfUEwQAACacAAAIB&google_nid=index&google_push=ARnp8GAehqXFBynSdvkdYgKYY8_K3N3VlpgwJJxtDxcAwtN3ffx4Vdwkt6R3_g9J1t0jeLZkgfls0Gu-FSoBICpSOn4XiPa99MXBjA
cache-control: no-cache
cf-ray: 7255ddcf59db76e4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 9DFE 0
44 B 820ms
265ms Image
text/plain 52.199.73.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEFeWrnQHxST-aj9JDGwZmeM&google_cver=1&google_push=ARnp8GBtrg61TVHQEe4LunX7uF8PaoVk5Oy5sOhsJelsk498DfjNb9tty5-VyQG09bYtnvcFHOOTBXLy8SuDe15f9pKx3YF-AY__OQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=914594037&pi=t.aa~a.572225079~i.13~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=-M&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280&nras=2&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=9OzKzx1LdE&p=https%3A//megaznaika.com.ua&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.73.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-73-68.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:55 GMT
server: awselb/2.0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9DFE 0
223 B 154ms
46ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkpWXYBKRTZFfhI8qlzBGFyV4XeiAlhCjv1A-j2nWBXm-vRFOP74csYf3YgBzEngpEAKiM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9DC
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GA4OXza...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GA4OXza...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQwNjM5NTQwMDAxODQxMDU2MjkwOA%3D%3D&google_push=ARnp8GA4OXzaFGwo4uPNyVWiixem_xy3ozuNE45M9vUP3iE0Q8Ja2oyQbz4eb9trGlKHoE...

170 B
188 B

52ms
52ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQwNjM5NTQwMDAxODQxMDU2MjkwOA%3D%3D&google_push=ARnp8GA4OXzaFGwo4uPNyVWiixem_xy3ozuNE45M9vUP3iE0Q8Ja2oyQbz4eb9trGlKHoEsmN40vhJsYYku-m8OFHCOu1f7UVu0

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA3MDQwNjM5NTQwMDAxODQxMDU2MjkwOA%3D%3D&google_push=ARnp8GA4OXzaFGwo4uPNyVWiixem_xy3ozuNE45M9vUP3iE0Q8Ja2oyQbz4eb9trGlKHoEsmN40vhJsYYku-m8OFHCOu1f7UVu0
pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 04 Jul 2022 06:39:54 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D9DC 43 B
351 B 91ms
31ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJCKfW7mTvpFY88x1X8NgF8&google_cver=1&google_push=ARnp8GB7QbyrH_5vE8FcMbyspbjVwF9y1XVFz6qCPDUH5DsuSxv4_kw4S7l-HWe_4R2m7Hh9am2RNLoXwpr9c5-btFWxVawv_Yc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 245m8mf8hj8q5sr4lu6ic48fphg5v5o4

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D9DC 0
41 B 86ms
27ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHtaYIF2SmmkamEmaIlwuzk&google_cver=1&google_push=ARnp8GD0L8_ndXfkrN6gBKbwP2P9rovM6wwV3OnMomQ4zeJmgdmFlfx1m6QIEhtQcjsGJJzUoNxdep_Q4PzktWLUGECjq4BM7KE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9DC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEYbbucFwLsvJkkvuwsN0nM&google_cver=1&google_push=ARnp8GAGrvqkqGFdkaF6UbUyYqC6xx-3Jeqde1avN_7wyjYp_AA-x_zD-3pJ_STiOD9TprpQn9G...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2REg5MFctMVgtNUFaTA==&google_push=ARnp8GAGrvqkqGFdkaF6UbUyYqC6xx-3Jeqde1avN_7wyjYp_AA-x_zD-3pJ_STiOD9TprpQn9GXpzbUOj5-CuuA-HHJ49ysGDA

170 B
188 B

169ms
50ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2REg5MFctMVgtNUFaTA==&google_push=ARnp8GAGrvqkqGFdkaF6UbUyYqC6xx-3Jeqde1avN_7wyjYp_AA-x_zD-3pJ_STiOD9TprpQn9GXpzbUOj5-CuuA-HHJ49ysGDA

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2REg5MFctMVgtNUFaTA==&google_push=ARnp8GAGrvqkqGFdkaF6UbUyYqC6xx-3Jeqde1avN_7wyjYp_AA-x_zD-3pJ_STiOD9TprpQn9GXpzbUOj5-CuuA-HHJ49ysGDA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D9DC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_hm=YsKLOrEn-H7DB_H9UfUEwQAACacAAAIB&google_nid=index&google_push=ARnp8GBL9IOfb7g0u-paWkY3wFAUAVbN2DCKx...

170 B
188 B

68ms
68ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_hm=YsKLOrEn-H7DB_H9UfUEwQAACacAAAIB&google_nid=index&google_push=ARnp8GBL9IOfb7g0u-paWkY3wFAUAVbN2DCKxBgHVMUK6NJRX_aFZdO9R948v5uYc3AXi181MM2iGmuCd_h1MhZjSrufwdkPTjQ

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyxzLrpAnNdhUARKwt733ytxBTgTIMkd8KeuHTAfjN4%2F4wi5VMN2TMdthyt%2FOjjwdo3bp8%2B1l3ZsHmHmwh3waDpONgDc7zc%2B4%2F3%2FZpO1kqVEX%2FCVlGasIDemUT4vEQ9cOIs45rXqbX8TUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELdelHxtD_e8wgKXVWesUP0&google_hm=YsKLOrEn-H7DB_H9UfUEwQAACacAAAIB&google_nid=index&google_push=ARnp8GBL9IOfb7g0u-paWkY3wFAUAVbN2DCKxBgHVMUK6NJRX_aFZdO9R948v5uYc3AXi181MM2iGmuCd_h1MhZjSrufwdkPTjQ
cache-control: no-cache
cf-ray: 7255ddcf59dc76e4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame D9DC 0
43 B 811ms
267ms Image
text/plain 52.199.73.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEFeWrnQHxST-aj9JDGwZmeM&google_cver=1&google_push=ARnp8GC41WAjYvpugKnlfi-sRoCHe1LSCcv85StQh-FT7BvlssncF_5BrBRm3NFhgPkvo6VWLvyEfU8DfazsrC8QOpNpVlOarws
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.73.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-73-68.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:55 GMT
server: awselb/2.0

GET googleredir
googlecm.hit.gemius.pl/ Frame D9DC 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D9DC 0
40 B 145ms
47ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IyaZoTdFtM1VDGptc3fPXURj-bpnmfkzVLlIDBrTDrCyHCnBmZwHjfltWkG6kQh-STJGINQA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=22033641&adf=695293775&pi=t.aa~a.572225079~i.31~rp.4&w=777&fwrn=4&fwrnh=100&lmt=1656916793&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&psa=0&ad_type=text_image&format=777x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=194&rw=776&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656916793508&bpp=1&bdt=1118&idt=1&shv=r20220629&mjsv=m202206290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3827089484964234-22eeb90cc5cd00f2%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA&gpic=UID%3D0000082ac2439c96%3AT%3D1656916793%3ART%3D1656916793%3AS%3DALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg&prev_fmts=0x0%2C352x280%2C777x280&nras=3&correlator=6084868307703&frm=20&pv=1&ga_vid=1548317444.1656916793&ga_sid=1656916793&ga_hid=933122935&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=2542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44766559%2C31068260%2C31068308&oid=2&pvsid=3648112441835221&tmod=301750697&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=JX6jlX4dxT&p=https%3A//megaznaika.com.ua&dtd=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 529A 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 11:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 11:26:25 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 529A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

234ms
67ms

Fetch
video/mp4

2a00:1450:401f:4::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06584164143F18932F995794EE1538AE3EA11CF6.49CF82F525741FCE408E2F164504FB29B0E5DEED/key/cms1/cms_redirect/yes/mh/5q/mip/2a02:8c8:c10:30::13/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1656915709/mv/u/mvi/2/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:401f:4::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 06:39:54 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 837881
Last-Modified: Thu, 16 Jun 2022 08:05:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 04 Jul 2022 06:39:54 GMT

Redirect headers

date: Mon, 04 Jul 2022 06:39:54 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/06584164143F18932F995794EE1538AE3EA11CF6.49CF82F525741FCE408E2F164504FB29B0E5DEED/key/cms1/cms_redirect/yes/mh/5q/mip/2a02:8c8:c10:30::13/mm/42/mn/sn-aigzrn7z/ms/onc/mt/1656915709/mv/u/mvi/2/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B12 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 11:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 11:26:25 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-aigl6nek.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9B12
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-aigl6nek.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

230ms
65ms

Fetch
video/mp4

2a00:1450:4009:4f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-aigl6nek.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0552A6108327F0D655F6FE435B9DF17B86FE9065.2AD33F5D0DF68B27C0ECFD775D1D675D8BD6EE73/key/cms1/cms_redirect/yes/mh/5q/mip/2a02:8c8:c10:30::13/mm/42/mn/sn-aigl6nek/ms/onc/mt/1656915983/mv/u/mvi/3/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4009:4f::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 06:39:54 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 837881
Last-Modified: Thu, 16 Jun 2022 08:05:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 04 Jul 2022 06:39:54 GMT

Redirect headers

date: Mon, 04 Jul 2022 06:39:54 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-aigl6nek.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0552A6108327F0D655F6FE435B9DF17B86FE9065.2AD33F5D0DF68B27C0ECFD775D1D675D8BD6EE73/key/cms1/cms_redirect/yes/mh/5q/mip/2a02:8c8:c10:30::13/mm/42/mn/sn-aigl6nek/ms/onc/mt/1656915983/mv/u/mvi/3/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 63CC 23 KB
9 KB 39ms
39ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 498711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 12:08:03 GMT
expires: Wed, 28 Jun 2023 12:08:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1CD0 23 KB
9 KB 44ms
43ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 498711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 12:08:03 GMT
expires: Wed, 28 Jun 2023 12:08:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 63CC 36 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 07:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 07:04:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 189ms
63ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67a44b17a7afc324aec118ce6fc61b9cc5e6ee9769e241b3837dfd9a4eeb93d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 06:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10483
x-xss-protection: 0

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CD0 36 KB
14 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 07:04:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 257723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Jul 2023 07:04:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63CC 0
20 B 117ms
117ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BLwJOOovCYvDQHMKJ-wbqug4AAAAAOAHgBAI&bg=!8_Cl8LTNAAaLlKKnq5Q7ACkAdvg8WuUsOAU0Zta-w3TCSi-vYBSTL4_hCGKMZYvv4oaQ0FZFKUgpSwIAAACKUgAAAAJoAQeZAsN9DJLwGPyf1Jn797Nk4yaaSEcBT-0PZsDL82ngo36-LSLqzqNYM7M26IL_8tmcSlKXWLIbMNIdqTz3CZjVJoZY7SI5ohrmUQJkh8HEM55duKD42Hx1HczGlsrBZRlADfCr0UWDNTPw2ekJhGMth3-W5JlJl4JbKvo5C0iBq5YR_E63PdBfbr1oIixqmRCIUsb6qB37qX3gUoRnJIAcO-vyrP20JiCLxUS3t4tp2Qsmc-PZKAaP_odm6Z83mWZoqu80NFTH6mbilcRUKUYFvZjCF2_n84XYPgpJ5Y6ysg5kFjC9OaIPF-vrFZrPil_zVrckqW5rRtPBCxmE6qlwZMM2DywU1fdkwhcpZJkEHf-U8tb2jMEfr9lZUlfvAlIQk7HPdfuljqz_X0B4O-0BeVNRRx70TvPvW7nZ53Ig2GB0vPoYNDj8Heq9_ydUIsrEBw7QLL1t4b1u3Ra_ZibAqT3tVhwRjiF3J0sjDUGwXDS0wizavORwhSvdI5KBXJJNPmeq7qOrJhCwUjKvbKCnAPY05Xqyl7c0k73fyWKsRZcB0ubVqDlvBg5UZiu1nfvSL-bpkd0IdX6c_79y0qvtyiHIZtc-CgNjx6FgNcVu09XsHaNkU0b5L5LkTCPAGWHi6RfP_wiDzPfavIvzguPsExPz5JO9De7kM0okxELKXSq5pC_2Idw78IHIGSWNEGXGAaKXoEasGXncKyI7uoC9C5_UOOPWbAqpF0TVnMpSp_AJ8ThjnfcWR7XftlElZRdfXvTfa7RzRPSw6Z_oYEd6f6yUGbwSLTbcU8Fwrh7ZpiQq3p2YnEMlmuKnLRH3Seyk9Y6OEsEr30KPoaOBPMvoRFSxxf1lb_b77UfmGp7mu0lTnlvAODtAz-8YAlqTjkkHQ7rLQXg26CesTKUWDdET5bYusRtusoTM4T5_qzFjVJ6zI1B5Yw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CD0 0
20 B 115ms
115ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BiHVGOovCYuzKHIj5zAbr077wAwAAAAA4AeAEAg&bg=!Dg2lDUnNAAaLlKKnq5Q7ACkAdvg8WlgDpM1pdvottUWGwetZEYkXHTsyA1o8VXABd04joNCQML3ojgIAAABxUgAAAAFoAQcKABYOaL43_R8HD01LQ3ciH5NzSEMxfUKjmQLQHsC8yjQgVlAATXETr4OUzGYGhj6nEYP1-dE8yULC7L1QkBcIifiBJHYWlirdZB9YtNVvCqr88f6q_4l_O2sasKJHui0inc5OLexhB2Y-B8p4Y74B6Kgo2CeA0-5ye7noe9W8eRKRSuSvpX9_AqBOdqxAPrPKYH0y4-yXhLhL4rUU82aWWIDSnO3K7DzEaunPANh-HMV76xoRRVnREfALdNDFucEO8XiwhxjwiQT-Zdjs4umabcfy_dJ2bGmzbe-OPjUeg_kxgrAWM-BKZ8y8YIL9aGOSCqui1vBt7CMU1okQh66n_sj6EgXnse8Ex7kdqXWw2unwGSTbNtF0R63T2Yk4ouPO2sWiTBEheJdEB69G5yRbZpCxuM4oEY5CAYmYCsfehWqLk2ZCd7VrSL-b_FTNVZTH0USIrV1AyhQTTNAQZuNqGrju2vYqzsTOzt6WFqtRxZQgjqabBVdU1p39gMnL2KQ0sBXjmWH-bY3PEPDI-E4poQJC1U-KYVwojmxvGuoq8tBrf_xPA0HV1SkaPxepVJh2JVZvG-TFUmJSl02MWWk1EVjq9oYhVBaeX_hDLCpNzx_a4cxIIrgW8nxb6HK9d3dQuCHNxzegb8zS5eySPWHwE9-5u65pf8rbX_c-ugRGRrbRz16TO2UunLEDd_aVaW6ug4UtUsllvciKk5gdNHbXj5eFnVcjnONyPcf8WcuCEybzPVEVAMQxJ-47otZ5qOWs1UQIyw6UtGXvN00oqOmBfYHvBb8u366yyjfycFG5SSdtICTRk0kxIrk0f984S393ANjiVTEzSZOevUPNfzohkb6fmF9LecHjzFd4CkRsa1Ev4AR44ZV0qctVYMwSyu_75pwv6VkdRKLNZaSq1vlj8_IbTS6AZrDZm9T3XlRUwi6oAUN1NQhBjt6F9EcgipqBA6t8Q37-CmuigAvApFTpduITjz0oC5FZJNA6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 271ms
271ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206290101/show_ads_impl_fy2019.js?bust=31068308

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Jul 2022 06:39:55 GMT

GET
H3 206 file.mp4
r3---sn-aigl6nek.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9B12 818 KB
818 KB 78ms
29ms Media
video/mp4 2a00:1450:4009:4f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:4f::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1941514d2e6b78cab30359102a29f1977d37a550cb744e58402f1ab18e4b8c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 04 Jul 2022 06:39:55 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-837880/837881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 837881
expires: Mon, 04 Jul 2022 06:39:55 GMT
last-modified: Thu, 16 Jun 2022 08:05:32 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r2---sn-aigzrn7z.c.2mdn.net/videoplayback/id/83084dd4bfdf5863/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688452794/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 529A 818 KB
818 KB 75ms
30ms Media
video/mp4 2a00:1450:401f:4::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401f:4::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1941514d2e6b78cab30359102a29f1977d37a550cb744e58402f1ab18e4b8c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 04 Jul 2022 06:39:55 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-837880/837881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 837881
expires: Mon, 04 Jul 2022 06:39:55 GMT
last-modified: Thu, 16 Jun 2022 08:05:32 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E36 42 B
64 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZo19HkWZrswNv5l3gR3Mn8GN16R0cME3W2kIpv3CEfgoBLWouHxZsneVjZBJLXoVaNSPBqN70L0ogqlkCOpR_J5mLOdDhJtj3HO4uKIfdlEHjlyPP0YwC1F5TRW_d6wObjlQ&sai=AMfl-YQ3I6C_upyPTAR45bxD5IUePXHq2iWlQ_41GwhYteup-cOX6L6uv5AKmQmTr1AMPLNgq9Iw1NsTfQcl&sig=Cg0ArKJSzJKj_U_AEYMgEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=255,931,1000,1000,1000&tos=255,676,69,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656916793575&rpt=541&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73D4 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 7479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 04:35:16 GMT
expires: Tue, 04 Jul 2023 04:35:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D32 783 B
534 B 56ms
55ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56d382ccebc6f54c688b52085ddfc8a52edca0abb982dc1a6fb3fb347180a972

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jo5dkuDpu0OdFgduH4T7Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-jo5dkuDpu0OdFgduH4T7Mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 06:39:55 GMT
expires: Mon, 04 Jul 2022 06:39:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js Show response
pagead2.googlesyndication.com/bg/ Frame 73D4 36 KB
13 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jM248wiKq0YW9gJU5iyZLO601i5VwbJBYGHxrXeF70U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 04:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 04:35:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D32 0
0 105ms
104ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=3648112441835221&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 73D4 0
9 B 73ms
72ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SyoZpw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 06:39:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 9B12 0
54 B 581ms
280ms Ping
image/gif 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l56dh8u3&c=730497841799&slotId=365248920899.5&qqid=CJrznIfQ3vgCFY-L3gody6wCKQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=913&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 529A 0
54 B 575ms
274ms Ping
image/gif 2404:6800:4004:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l56dh8t8&c=3090388295278&slotId=1545194147639&qqid=CPPgnIfQ3vgCFUy43godpVgARA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=913&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:812::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 06:39:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 107ms
106ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=3648112441835221&bg=!5eal5qLNAAaLlKKnq5Q7ACkAdvg8Wu26yZK_2SyMSsX1lE0gEqkDqbhhDzIUNRZSqvUkxyU1D-3z4AIAAABZUgAAAANoAQeZAqo9vXLeAKuZhTjOJAp_l2KkzQSpdm4_ex0H0oFoqEqE_ybraeQGvSK0WkQ_F3TNf3j8xWht0NskXQOCkdTH6-zNqAZGKdfMbuR6epAQng6wrQRG3ka43U6wfX-BUnxgUhLadPprs9CiWXEWnLLwH7Mne8Nse1Tkxf2PPqsWz-Seo4W89xpqhlA6XTho6gPO5FJHNdTL7aLhGQWHIKFgo_RTVIKzHZq9weBxjT8MTVeLg38S9FxM4f9fMYKcGFYYu5nAJ391qUsG2SvKnqvOGvzUF5kAxuU5yrMHTC9sBgN0R16LnW_iXD-J6i1ycWnOSRS4vahKBxHqD46m65Eqz5NtFQjalgk7QgvDb5df1_z9rOX9wZ7r_aUj0ZVtYv6JVkOiKb3AWGly9DIDYfCJY_U8q0_yLyBGw3DtA1y8u4beK3ZOAEC5RU7h0pHgYFMWoLMXKlOC71-c5XI81H1M3_mM6s4sqHmr1S-pld64i2hsFOaChi3jgr8FEK0MpQbm0lVqgLP0GarlUgv3zkgWrrq67clBdghnnOaPm35lDEJGAGpH_pWNufj_uoRcnkXPj1Pc6WlLGyUT6pXy3cIlWiIp_jhAJ1uT3JSXUEN0-CN7H8m3Jrywl_TWvN2uf1G0Bp95Ik151DvfyPexfrS2m571SIBYOH3wk7IHlfTNLQvpZ-LeO7MR_QXcV9-t1Kylvx1Lq3twzQGiNJf8HGblxHl6hhPrE8g9snA44Hr6mv-ExnbNGutfS0RRo6DFhkiCOplUQQd-EXIXUKfqJVceCOHfgEBit7z7ldui3VtnwzvHqWFr3dlGgu5Ub3iKE9DmhWEmOlvt9R2qwpyEDo99mLMRTYaK8BozPHLRx-QqP4idvabgLeoLA_2T6qRnuPXJleXcZ9TghJ9fBZFb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECgZBJB6nAD_AM4AI0EbKGE&google_cver=1&google_push=ARnp8GB1x9kCXKFAavNIrmby6JXE7BPnIdoI_i4lMKLcio5S3ibeYkm5TJzOB7iQiA2uFzFNv6FG6LlvFa3CumGDsMO-DOs1XhOa

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.megaznaika.com.ua/	1970-01-20 13:36:52	Name: __gads Value: ID=3827089484964234-22eeb90cc5cd00f2:T=1656916793:RT=1656916793:S=ALNI_MY53QxK2njzG6Dp19sr0K6C7Dk0OA
.megaznaika.com.ua/	1970-01-20 13:36:52	Name: __gpi Value: UID=0000082ac2439c96:T=1656916793:RT=1656916793:S=ALNI_MbSVaTnOttirK5uwsHxGbKK7J7wSg
.doubleclick.net/	1970-01-20 21:46:28	Name: IDE Value: AHWqTUk-yZiwRtYQCnqJ2sVEKm2nMnEN25fhNQyWi-ICKjuFJY2MMrPmhG9G1Sn0Jeg
.doubleclick.net/	1970-01-20 04:15:20	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 06:24:52	Name: d Value: EHoBCQHEJoEA
.quantserve.com/	1970-01-20 13:45:31	Name: mc Value: 62c28b3a-81a68-73266-06895
.casalemedia.com/	1970-01-20 13:00:52	Name: CMID Value: YsKLOrEn.H7DB-H9UfUEwQAA
.casalemedia.com/	1970-01-20 06:24:52	Name: CMPS Value: 2471
.casalemedia.com/	1970-01-20 06:24:52	Name: CMPRO Value: 2471
.e.dlx.addthis.com/	1970-01-20 13:45:31	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:45:31	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 04:58:28	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:58:28	Name: na_sr Value: 20220704
.dlx.addthis.com/	1970-01-20 04:15:16	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:58:28	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 13:45:31	Name: na_id Value: 2022070406395400018410562908
.addthis.com/	1970-01-20 13:45:31	Name: uid Value: 62c28b3a644ef2fe
.addthis.com/	1970-01-20 13:45:31	Name: ouid Value: 62c28b3a0001191349015eb38dd6ca5b8ebd810ff63bd7a5fc81
.casalemedia.com/	1970-01-20 06:24:52	Name: CMTS Value: 2336

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESECgZBJB6nAD_AM4AI0EbKGE&google_cver=1&google_push=ARnp8GB1x9kCXKFAavNIrmby6JXE7BPnIdoI_i4lMKLcio5S3ibeYkm5TJzOB7iQiA2uFzFNv6FG6LlvFa3CumGDsMO-DOs1XhOa Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ae
adservice.google.com
bid.g.doubleclick.net
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
imasdk.googleapis.com
megaznaika.com.ua
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r2---sn-aigzrn7z.c.2mdn.net
r3---sn-aigl6nek.c.2mdn.net
rtb.openx.net
ssum-sec.casalemedia.com
static.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.111.215.191
104.18.18.126
172.217.18.2
172.217.18.98
173.194.76.155
185.13.5.57
185.64.190.78
2404:6800:4004:812::2003
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2001
2a00:1450:4001:803::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a00:1450:4009:4f::8
2a00:1450:401f:4::7
35.227.252.103
52.199.73.68
69.173.144.165
051e047c2669c55ef50ddcc116c2182ef7bcc4cee85d2387ae779e2e295f8028
07b22178596c5c5ac3c9d568c7c86ab07960f1fb5ac0be88761eb3802df8905b
084f82a48a30e0321b7f80708ad93429917c89b2fa105efd5197a5397ba73937
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6fe39debcab225aa3ccd70f943708784e9f4f126cacc48e356d6dbdb47e659
0e0e523821b2daebe06e46364174b6bb24387892cfdc2aaaaf6b9cb5b9ecbc73
0e91b740e0aebfa7aeeff33dd62379b9920fd9419282ba124be588f8670fec89
0f286a6fd0f943a2fb6b677f6cb943f5b7252ddb7866f60fe619a46cf2d2eef5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1941514d2e6b78cab30359102a29f1977d37a550cb744e58402f1ab18e4b8c99
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2661bf7b0200e2fb896e87f63eb9b3ad0deb75e9e6b41d6daee5f05c1288a427
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2eaff01fe5dbaeb65b6e754073f041cbd3f65186517a7aed1846ca92811bbd71
3e751ff6d4a77450e63be195ef880e63b68eafaa1369b1d725ba692179f578a4
43605db4453aed3c966dda36f501cd25d35d7790e34f4c395c5259e69d89bc19
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d382ccebc6f54c688b52085ddfc8a52edca0abb982dc1a6fb3fb347180a972
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5faca302ad89600980495ffecda3c32dc6d9635adbe273672d33e7043633ceb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67a44b17a7afc324aec118ce6fc61b9cc5e6ee9769e241b3837dfd9a4eeb93d3
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
754d094dd65f0cdd09b01419446aa3b3542a63b1a598b81d26d0b2de51c7f20c
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7902144c6e1f4fc9bbbe18420a276042825b991e49f7ece7cc47ec28966d9d09
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
835edf469f45b32528e1d999068479d0b1733c1fef59ec056275643c1aeb9296
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ccdb8f3088aab4616f60254e62c992ceeb4d62e55c1b2416061f1ad7785ef45
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9ea282348ba7721a46dda4b470f183b0a7cb1134c090d979da736565a0736f01
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a35ffea85a4dcce6df2f1a9228714bfe9697bb952a0a37e1de6a6564e830c36e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7dc4ebe2135b6c6753aa8ab4663ecc848f5c4042d50490d5c6ceeb1194f5bba
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b94152da0493816a29e9a87e79f555938bc7b11840f15e14caa7a4878cbe2804
bbf67eb8656be94a16ae125b272c5a68e4d41ae3a27045435bb5fde90ce4dd31
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c923c2d4e425a32a800559d587a7c5b161404fd1617f1a86dee85c6add0579bb
d1b6261cd9258c5a946ea5d8ba24dd48441bcacf06cc0c35654300ae5b5a43ed
d263ac528b26dea0fea4a42f9143a6383b1ce2823b4d9ec26126aabfde9cd714
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d70fd41fc4185a97b37aba861add07ecbe292c81ccfa9872d3aec03fd116eaf6
d85c7fbcb1fa28636f23fd84199ea1e72ccee1f454743cd14454da24a1e260f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0e95d72bac3aa61e73bb12def05b04259bacbb34f2a38b59f18db6b9b75388
eaff7467e230f655c14f614297e945bea946fb6b45ca61b87748a37e27bf1193
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f377a72bea56583af908ba10e14df6683815bc2329741bf5da21a6f3fb2623d6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fff2ee7912e1e6c4287d1edeb49f9347a93d1893e708fc2df47915e29c4035e7

megaznaika.com.ua Open in urlscan Pro 185.13.5.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

93 %HTTPS

63 %IPv6

18 Domains

28 Subdomains

24 IPs

8 Countries

3310 kBTransfer

5626 kBSize

19 Cookies

3 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

megaznaika.com.ua Open in urlscan Pro
185.13.5.57 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

93 %
HTTPS

63 %
IPv6

18
Domains

28
Subdomains

24
IPs

8
Countries

3310 kB
Transfer

5626 kB
Size

19
Cookies

127 HTTP transactions
4 data transactions