megaznaika.com.ua Open in urlscan Pro
185.13.5.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://megaznaika.com.ua/
Effective URL:
https://megaznaika.com.ua/
Submission: On November 25 via api (November 25th 2022, 5:11:03 am UTC) from GB — Scanned from GB

Summary HTTP 190 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 24 domains to perform 190 HTTP transactions. The main IP is 185.13.5.57, located in Ukraine and belongs to FREEHOST, UA. The main domain is megaznaika.com.ua.
TLS certificate: Issued by R3 on October 8th 2022. Valid for: 3 months.

This is the only time megaznaika.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	185.13.5.57 185.13.5.57	42331 (FREEHOST) (FREEHOST)
11	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3 19	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2 3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:400c:c38::5e	15169 (GOOGLE) (GOOGLE)
2	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
1 2	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4009:16::7	15169 (GOOGLE) (GOOGLE)
1 1	35.157.182.139 35.157.182.139	16509 (AMAZON-02) (AMAZON-02)
2 2	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
190	32

14 185.13.5.57 (Ukraine) 1 redirects

ASN42331 (FREEHOST, UA)
PTR: s57.freehost.com.ua

megaznaika.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.116 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.237 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400c:c38::5e (Charleston, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4009:16::7 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r2---sn-aigzrnss.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.182.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-182-139.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.246.169.24 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	557 KB
42	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 94 cm.g.doubleclick.net — Cisco Umbrella Rank: 207 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294 bid.g.doubleclick.net — Cisco Umbrella Rank: 668	257 KB
22	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com csi.gstatic.com	254 KB
14	megaznaika.com.ua 1 redirects megaznaika.com.ua	246 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 52 imasdk.googleapis.com — Cisco Umbrella Rank: 421	274 KB
11	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3896	32 KB
8	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 450	7 KB
7	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 274 gcdn.2mdn.net — Cisco Umbrella Rank: 946 r2---sn-aigzrnss.c.2mdn.net — Cisco Umbrella Rank: 108165	3 MB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	236 KB
4	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 566	694 B
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	4 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 681	1 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1486	479 B
3	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 649	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 40 region1.google-analytics.com — Cisco Umbrella Rank: 2118	20 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1455	1 KB
2	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 1473	683 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 314	914 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4672	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 67	119 KB
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 587	763 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	703 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
190	24

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
25	pagead2.googlesyndication.com	megaznaika.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net megaznaika.com.ua
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net megaznaika.com.ua
14	megaznaika.com.ua	1 redirects megaznaika.com.ua
11	static.addtoany.com	megaznaika.com.ua static.addtoany.com
8	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	r2---sn-aigzrnss.c.2mdn.net	megaznaika.com.ua
4	csi.gstatic.com	imasdk.googleapis.com
4	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	image6.pubmatic.com	3 redirects
3	rtb.openx.net	googleads.g.doubleclick.net
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	gcdn.2mdn.net	2 redirects
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	pixel.rubiconproject.com	2 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	megaznaika.com.ua www.googletagmanager.com
1	d.agkn.com	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
190	39

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.megaznaika.com.ua
www.addtoany.com

Subject Issuer	Validity	Valid
megaznaika.com.ua R3	`2022-10-08` - `2023-01-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-08` - `2023-01-17`	2 months	crt.sh

This page contains 24 frames:

Primary Page: https://megaznaika.com.ua/
Frame ID: 246AD896149999B8D28DED85594220D3
Requests: 40 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 4BBCB97AA155DF0426B8FAAD583B674E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: C7662541D9EF75347465F9BCE8580DD3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&adk=1812271804&adf=3025194257&lmt=1669351698&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmegaznaika.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056324&bpp=9&bdt=414&idt=269&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4157860921666&frm=20&pv=2&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284
Frame ID: ABEFC9609C84BE3C1146D40954FF4EA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=250&slotname=4266011121&adk=3341900069&adf=712190411&pi=t.ma~as.4266011121&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&format=302x250&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056333&bpp=2&bdt=423&idt=281&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KmHMcV9B7G&p=https%3A//megaznaika.com.ua&dtd=286
Frame ID: 7C6462517D9652AE4D3C41C2F6F42DE2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=2054353094&adf=1575656066&pi=t.aa~a.1043414356~rp.4&w=1192&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=1192x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056335&bpp=1&bdt=425&idt=302&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=2&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=373&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LvFWjLusFF&p=https%3A//megaznaika.com.ua&dtd=305
Frame ID: BD6F2299A7D7E8CE262AE877F50822F0
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: E21CBE6279DD5760E1C90B3C017FB4DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8
Frame ID: D2A02EDDB984F87E14D62C32444BD88F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=1583115137&pi=t.aa~a.572225079~i.15~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280&nras=4&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=2375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=XzRacV9Uxf&p=https%3A//megaznaika.com.ua&dtd=18
Frame ID: B4AA18CC066703895CE3EF44310F4EF0
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=60&adk=2570090068&adf=3847253172&pi=t.aa~a.1495044458~rp.4&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=302x60&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057672&bpp=1&bdt=1762&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280%2C827x280&nras=5&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=zYTxaQi6P5&p=https%3A//megaznaika.com.ua&dtd=19
Frame ID: 97796B151A31BAE96BED927B91AA6BE8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 90320B9BAC6F29FADD3DDAA94E370C88
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9696871D688726C101C455A70023C055
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1811095B01425DF0CDAAF62BB20D40D0
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 262FA05A8140151D359D16AF4E76A084
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y7YPj1wEwAQ&v=APEucNVA_cNx8uVkfwPQZGpa5tGZCasaVGq9qKb4ojJROl7AKkvVWMALLnYdJRwOBc4ySYJuAz8xcTfoWxd9nB_ctaz2TsfBqDH9cvHSI5Cz4SLIJCSaqz2-UVQYpAJjpQTcccApFX64jQFO-jBlHAPJR4GLZD-MeYHYzTt0H0vjlJ0divvR5Mk
Frame ID: 14F86A395AE496617AEC228FDA3B18ED
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Frame ID: 000C96D733D4556F562BA485F47C3D72
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0DDE3C5A98EBBB00CF7280BAD27B4DE0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F73984A22C9E8929DB1BB8CEACD86BA1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 41F011FB6A593F2B03ACC3232F2CBF3C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F6B4DFB1ADA0600A86ECCEB52123377C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E019ED6FD4994B833D03D091415B0F1A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: E476FB696BC3CBD68DE0EEED76B97AB4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFEF6A5661B2E87208215F6370638BAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 966D63C54CA5AF6BBE1F160B0D185D7C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

МегаЗнайка - кращий сайт для допитливих дітей - МегаЗнайка

Page URL History Show full URLs

http://megaznaika.com.ua/ HTTP 301
https://megaznaika.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

190
Requests

89 %
HTTPS

65 %
IPv6

24
Domains

39
Subdomains

32
IPs

6
Countries

5481 kB
Transfer

8664 kB
Size

32
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/megaznaika/
Title: МегаЗнайка на Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/%D0%9C%D0%B5%D0%B3%D0%B0%D0%97%D0%BD%D0%B0%D0%B9%D0%BA%D0%B0
Title: МегаЗнайка на YouTube

Search URL Search Domain Scan URL

URL: http://www.megaznaika.com.ua/napyshit-nam-vidhuky-komentari-propozytsiji-staty-avtorom/
Title: відгуки, коментарі, пропозиції, як стати автором

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fmegaznaika.com.ua%2F&title=%D0%9C%D0%B5%D0%B3%D0%B0%D0%97%D0%BD%D0%B0%D0%B9%D0%BA%D0%B0%20%E2%80%93%20%D0%BA%D1%80%D0%B0%D1%89%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BF%D0%B8%D1%82%D0%BB%D0%B8%D0%B2%D0%B8%D1%85%20%D0%B4%D1%96%D1%82%D0%B5%D0%B9
Title: Share

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://megaznaika.com.ua/ HTTP 301
https://megaznaika.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1&C=1

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4BOYmC3RebUvyiwXHMs4wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHz8EmnTitG9aln76T0sILc&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHz8EmnTitG9aln76T0sILc%26google_cver%3D1

Request Chain 108

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE2MzIxNTIyNTYwMzk1NjUyNQ%3D%3D

Request Chain 124

https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FapubYxGJHqHB2TfarQ425tyIDzePBgVxFTzcQwKblyfMgA29fv6kf3GVlLvS_WCo_MYKebYATNnqnfcpir1QIlCHEaEMk&google_gid=CAESEJDzbk5u4WOzShvDbsu0U7o&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOKcgZwGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BU2tKM0ZhcHViWXhHSkhxSEIyVGZhclE0MjV0eUlEemVQQmdWeEZUemNRd0tibHlmTWdBMjlmdjZrZjNHVmxMdlNfV0NvX01ZS2ViWUFUTm5xbmZjcGlyMVFJbENIRWFFTWs HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSmhfbWp6TXB6OGpKYV9KZnhEQWFKR3lmTk0wRnRLN2ZVU1RyRkZ3c2d1NA==&google_push

Request Chain 126

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECyFuKcknROdono9IVxbvC4&google_cver=1&google_push=ASkJ3FaQ7Z-LoAcy-VN2ko0YbYIu0ZLXmmE92smMQve7TyYQBsHwiIX6exHalnrkFbkb5eHv8qPSUnpiVY3qLn6pwJHp4285KA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECyFuKcknROdono9IVxbvC4&google_cver=1&google_push=ASkJ3FaQ7Z-LoAcy-VN2ko0YbYIu0ZLXmmE92smMQve7TyYQBsHwiIX6exHalnrkFbkb5eHv8qPSUnpiVY3qLn6pwJHp4285KA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iSkFev5S2-R_KgzSz_tww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaQ7Z-LoAcy-VN2ko0YbYIu0ZLXmmE92smMQve7TyYQBsHwiIX6exHalnrkFbkb5eHv8qPSUnpiVY3qLn6pwJHp4285KA

Request Chain 127

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP_lYTYRyUK3ctUmw5vOoz0&google_cver=1&google_push=ASkJ3Fa6CAZw-tJEhdf7t_3ecLPdbncqpLTENirIqGdH9xE3hG6Z1zBNV9gBNaMbq-Ew11d37p2K3eiVxpNQG5pATmCKfIEwaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFXMVBKSzUtTy04N0RY&google_push=ASkJ3Fa6CAZw-tJEhdf7t_3ecLPdbncqpLTENirIqGdH9xE3hG6Z1zBNV9gBNaMbq-Ew11d37p2K3eiVxpNQG5pATmCKfIEwaA

Request Chain 128

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_cver=1&google_push=ASkJ3FZDa4mKU13rtHDyDaEX50Bw3m-Y8Y4rLCPM9Vez0o5_JQ-Ghd8YJgt8ODbhZY4P0nYWSEN3g-v9bOLyevpfwtYnkABaSws HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_push=ASkJ3FZDa4mKU13rtHDyDaEX50Bw3m-Y8Y4rLCPM9Vez0o5_JQ-Ghd8YJgt8ODbhZY4P0nYWSEN3g-v9bOLyevpfwtYnkABaSws&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_hm=Y4BOYmC3RebUvyiwXHMs4wAAFBEAAAAB&google_nid=index&google_push=ASkJ3FZDa4mKU13rtHDyDaEX50Bw3m-Y8Y4rLCPM9Vez0o5_JQ-Ghd8YJgt8ODbhZY4P0nYWSEN3g-v9bOLyevpfwtYnkABaSws

Request Chain 148

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA24YJb6lNQfObD0ofY7B-E&google_cver=1&google_push=ASkJ3FZmgInxsFwPAe3Or84cR00lq9M4hi4_Wzbz7haHSPiQCN9FlbljIJUMuXWq8SCEEbSVFgcV0qFnXo_XUpP5o43FDtAtRLk HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZmgInxsFwPAe3Or84cR00lq9M4hi4_Wzbz7haHSPiQCN9FlbljIJUMuXWq8SCEEbSVFgcV0qFnXo_XUpP5o43FDtAtRLk&google_hm=STc5hCssAaZfbfaT-PGc2A

Request Chain 151

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECyFuKcknROdono9IVxbvC4&google_cver=1&google_push=ASkJ3FZ66teh_hMJ_ibqGPwowglnS2cTxkmIUQ74kwG-bsoyTDzuXwGfxtelqy-wmqnLB8OFCLcVJ5_Ii8NvzHW5w9JGORDUwA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iSkFev5S2-R_KgzSz_tww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ66teh_hMJ_ibqGPwowglnS2cTxkmIUQ74kwG-bsoyTDzuXwGfxtelqy-wmqnLB8OFCLcVJ5_Ii8NvzHW5w9JGORDUwA

Request Chain 152

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP_lYTYRyUK3ctUmw5vOoz0&google_cver=1&google_push=ASkJ3Fa0pORFXgHdvMe1udUNlSxCrF-qflrACD9rpbfAG5oDZYHRU5v58vQG6W8jRsmC5nktJfFrq4ugpsHONiyVUkASbaX9qA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFXMVBKUDQtMUQtMklOVQ==&google_push=ASkJ3Fa0pORFXgHdvMe1udUNlSxCrF-qflrACD9rpbfAG5oDZYHRU5v58vQG6W8jRsmC5nktJfFrq4ugpsHONiyVUkASbaX9qA

Request Chain 153

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_cver=1&google_push=ASkJ3FbnjryAr3m1w4Vp1jYM8fUeAuzhiilBDn7h7wv0Plj5pVyknX3sgGWJC3JUDetGym4CdPB2byYcHe6_nyjUJWEtbN3LVtI HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_hm=Y4BOYmC3RebUvyiwXHMs4wAAFBEAAAAB&google_nid=index&google_push=ASkJ3FbnjryAr3m1w4Vp1jYM8fUeAuzhiilBDn7h7wv0Plj5pVyknX3sgGWJC3JUDetGym4CdPB2byYcHe6_nyjUJWEtbN3LVtI

Request Chain 157

https://gcdn.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/9C04E13EF4A4C86EECCE5CBC6D053628FBB26505.0E7E51F7D56F7B0C4531B5454D79BC9B40FF4043/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C52F18C48DB48182DA9B89D8F340D0367BD3655.6817829A888CB8EA3B9E17D2BD1CEBBB73D053D5/key/cms1/cms_redirect/yes/mh/NB/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigzrnss/ms/onc/mt/1669352159/mv/u/mvi/2/pl/48/file/file.mp4

Request Chain 168

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA24YJb6lNQfObD0ofY7B-E&google_cver=1&google_push=ASkJ3FZZk03Wv-Lf6a1AusrYLT5RLf4IHL4p2fJjaGj7mjsff0R1_mVLnVSCnTRRiCKSJ4rbTwbzgNDzt2vVNZkY_Zkj2YZ8xG7PMQ HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZZk03Wv-Lf6a1AusrYLT5RLf4IHL4p2fJjaGj7mjsff0R1_mVLnVSCnTRRiCKSJ4rbTwbzgNDzt2vVNZkY_Zkj2YZ8xG7PMQ&google_hm=STc5hCssAaZfbfaT-PGc2A

Request Chain 169

https://d.agkn.com/pixel/2175/?google_gid=CAESEP2KzKwhJDvqszbXBFzsIds&google_cver=1&google_push=ASkJ3FaCKCkX1-FM_KcH4KtPn1vYGQ6LUciT3EbsiGlV6KsQKvQi5wXghDlpsJocVqjC3qxAcGsy_3GIYnm7GDB54uo3OFtSMIViSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FaCKCkX1-FM_KcH4KtPn1vYGQ6LUciT3EbsiGlV6KsQKvQi5wXghDlpsJocVqjC3qxAcGsy_3GIYnm7GDB54uo3OFtSMIViSA&google_hm=Q0FFU0VQMkt6S3doSkR2cXN6YlhCRnpzSWRz

Request Chain 171

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZbcpw_dnhy83X3dWL89k8cYZgcAyj64JgOXx0TnWAuDr1sxPvC41ZatjrvLiRSq1tHRVQeYxrspeH36Hr612_VnvkUv456eA&google_gid=CAESENjSvMUbeG3rerSmyaNWhe4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZbcpw_dnhy83X3dWL89k8cYZgcAyj64JgOXx0TnWAuDr1sxPvC41ZatjrvLiRSq1tHRVQeYxrspeH36Hr612_VnvkUv456eA&google_gid=CAESENjSvMUbeG3rerSmyaNWhe4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjUwNTEwNTkwMDAxNDIzNDQzMzkxOA%3D%3D&google_push=ASkJ3FZbcpw_dnhy83X3dWL89k8cYZgcAyj64JgOXx0TnWAuDr1sxPvC41ZatjrvLiRSq1tHRVQeYxrspeH36Hr612_VnvkUv456eA

Request Chain 173

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEF-7vFur1Mug4nLg0cB1-Uk&google_cver=1&google_push=ASkJ3FYDAXHGU0tYHgFFnNQ2nPMcH__X5A2lkesYHltvyvRqjWRNDAbt5s3GmggndeoYSV_K86cJv5Ki1GknYn6UyE1kg_6gp9p8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FYDAXHGU0tYHgFFnNQ2nPMcH__X5A2lkesYHltvyvRqjWRNDAbt5s3GmggndeoYSV_K86cJv5Ki1GknYn6UyE1kg_6gp9p8&google_hm=soVuvs_FQ8-3AjWlJVIzGw

Request Chain 179

https://gcdn.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1237B07B7296EE07679C6C4700B14A34804A2EB1.64E30D538B9C3664B578E10624B7FACAB7A37E97/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1F52EEA896AC4725E19517784822B4999FBE2C21.19E7375B4F553B69080317EEB870CBA1C5DB65C5/key/cms1/cms_redirect/yes/mh/NB/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigzrnss/ms/onc/mt/1669352159/mv/u/mvi/2/pl/48/file/file.mp4

190 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
megaznaika.com.ua/
Redirect Chain

http://megaznaika.com.ua/
https://megaznaika.com.ua/

130 KB
25 KB

273ms
119ms

Document
text/html

185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx / PHP/7.3.17
Resource Hash: 356ac17007d8e06fbe0f818fc1993dfc23ee6a1fe9181d948201e77d96fbca6e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=3, must-revalidate
content-encoding: gzip
content-length: 25258
content-type: text/html; charset=UTF-8
date: Fri, 25 Nov 2022 05:10:55 GMT
last-modified: Fri, 25 Nov 2022 04:48:18 GMT
server: nginx
vary: Accept-Encoding,Cookie
x-powered-by: PHP/7.3.17

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 25 Nov 2022 05:10:55 GMT
Location: https://megaznaika.com.ua/
Server: nginx

GET
H2 200 main.min.css
megaznaika.com.ua/wp-content/themes/astra/assets/css/minified/ 40 KB
10 KB 77ms
73ms Stylesheet
text/css 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.8.0
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: ba71d7360fc084690191be50fae228b204839bff0cd2e2c2265b7d924e5b030a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:55 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 09:42:56 GMT
server: nginx
etag: W/"632596a0-9e45"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:55 GMT

GET
H2 200 style.min.css
megaznaika.com.ua/wp-includes/css/dist/block-library/ 87 KB
15 KB 125ms
121ms Stylesheet
text/css 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:55 GMT
content-encoding: gzip
last-modified: Tue, 12 Jul 2022 20:54:18 GMT
server: nginx
etag: W/"62cddf7a-15b64"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:55 GMT

GET
H2 200 addtoany.min.css
megaznaika.com.ua/wp-content/plugins/add-to-any/ 1 KB
699 B 125ms
122ms Stylesheet
text/css 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:55 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 11:34:15 GMT
server: nginx
etag: W/"62fb80b7-5ef"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:55 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 114ms
46ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5592b1f799f3bff73a1b1d87deb4a32a820db0e2dd4a561050c7f1d27116d9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 75694
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Nov 2022 08:09:18 GMT
server: cloudflare
etag: W/"c04-5ee0ab04c6251"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 76f7e17919bd75dd-LHR

GET
H2 200 jquery.min.js Show response
megaznaika.com.ua/wp-includes/js/jquery/ 87 KB
35 KB 147ms
144ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:55 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 20:51:22 GMT
server: nginx
etag: W/"61a7e04a-15db1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
megaznaika.com.ua/wp-includes/js/jquery/ 11 KB
5 KB 148ms
146ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:55 GMT
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 20:51:22 GMT
server: nginx
etag: W/"61a7e04a-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:55 GMT

GET
H2 200 addtoany.min.js Show response
megaznaika.com.ua/wp-content/plugins/add-to-any/ 129 B
318 B 75ms
73ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 11:34:15 GMT
server: nginx
etag: W/"62fb80b7-81"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 161ms
70ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8900067022887938

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f989f09848e494ea4beac0ac6f359f0bebf6a0484e356d2ecf1ca48cbcd3930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49725
x-xss-protection: 0
server: cafe
etag: 18067958891037202572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 05:10:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 146ms
54ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45408746-1

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

917de4f4f859f91d7ebc2940e72c63fc44c959b2deaf6f2069936b39c894d973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Nov 2022 05:10:56 GMT

GET
H2 200 cropped-megaznaika-logo.jpeg
megaznaika.com.ua/wp-content/uploads/2021/09/ 17 KB
17 KB 76ms
74ms Image
image/jpeg 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megaznaika.com.ua/wp-content/uploads/2021/09/cropped-megaznaika-logo.jpeg
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: d263ac528b26dea0fea4a42f9143a6383b1ce2823b4d9ec26126aabfde9cd714

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
last-modified: Fri, 08 Apr 2022 09:36:33 GMT
server: nginx
etag: "62500221-4206"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16902
expires: Sun, 25 Dec 2022 05:10:56 GMT

GET
H2 200 wp-emoji-release.min.js Show response
megaznaika.com.ua/wp-includes/js/ 18 KB
6 KB 77ms
75ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:13 GMT
server: nginx
etag: W/"628df239-48b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:56 GMT

GET
H2 200 Meha-Znayka.webp
megaznaika.com.ua/wp-content/uploads/2022/08/ 33 KB
33 KB 180ms
179ms Image
image/webp 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megaznaika.com.ua/wp-content/uploads/2022/08/Meha-Znayka.webp
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: a0156d4d5d0421d9838187bf5db14e6a3ff6026339a584af7e75321e2ae9cb43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
last-modified: Thu, 04 Aug 2022 12:57:50 GMT
server: nginx
accept-ranges: bytes
etag: "8376-5e569e5a3accf"
content-length: 33654
content-type: image/webp

GET
H2 404 letter-e1518349855751.png
megaznaika.com.ua/wp-content/uploads/2022/08/ 91 KB
91 KB 2013ms
2012ms Image
text/html 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megaznaika.com.ua/wp-content/uploads/2022/08/letter-e1518349855751.png
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx / PHP/7.3.17
Resource Hash: deb8fb8c4a377735d644968c583207134c816529b549595b61383c963a2e5b6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.17
vary: Accept-Encoding, Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://megaznaika.com.ua/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 frontend.min.js Show response
megaznaika.com.ua/wp-content/themes/astra/assets/js/minified/ 17 KB
5 KB 74ms
73ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.0
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: d6a23f9c4dec2f455c8e2340a99ad4db01a1d538bb1f2537bab3991ec64e14c7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 09:42:56 GMT
server: nginx
etag: W/"632596a0-4227"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:56 GMT

GET
H2 200 view.min.js Show response
megaznaika.com.ua/wp-includes/blocks/navigation/ 8 KB
3 KB 73ms
73ms Script
application/javascript 185.13.5.57
FREEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://megaznaika.com.ua/wp-includes/blocks/navigation/view.min.js?ver=009e29110e016c14bac4ba0ecc809fcd
Requested by: Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.13.5.57 , Ukraine, ASN42331 (FREEHOST, UA),
Reverse DNS: s57.freehost.com.ua
Software: nginx /
Resource Hash: 43605db4453aed3c966dda36f501cd25d35d7790e34f4c395c5259e69d89bc19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 09:09:13 GMT
server: nginx
etag: W/"628df239-208e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 25 Dec 2022 05:10:56 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 4BBC 677 B
541 B 40ms
39ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 248495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 76f7e17969da75dd-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 25 Nov 2022 05:10:56 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.9b4ec89f.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 556ms
519ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84b58bc5684e07213ce13351d3bf6b45f8fabc346f45f4a1ea17a4bbafbdd13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 08:09:17 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"117a5-5ee0ab045ab91"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 76f7e1799c59752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 142ms
60ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6ZM3CEQ47X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45408746-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21afbc996f589e039017dc90e88e88be8911d8e6cdb69951828a17110ebf2f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76528
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Nov 2022 05:10:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 135ms
42ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45408746-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6902
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 25 Nov 2022 05:15:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 167ms
84ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8900067022887938&plah=megaznaika.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8900067022887938

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221812a355ad9cfabb4c40792a5cbfe039935441f0278ec46005abaea2c63b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119606
x-xss-protection: 0
server: cafe
etag: 3260633503096173675
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 05:10:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame C766 10 KB
5 KB 143ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8900067022887938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 47651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:56:45 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 15:56:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 129ms
48ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1907207900&t=pageview&_s=1&dl=https%3A%2F%2Fmegaznaika.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B5%D0%B3%D0%B0%D0%97%D0%BD%D0%B0%D0%B9%D0%BA%D0%B0%20-%20%D0%BA%D1%80%D0%B0%D1%89%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BF%D0%B8%D1%82%D0%BB%D0%B8%D0%B2%D0%B8%D1%85%20%D0%B4%D1%96%D1%82%D0%B5%D0%B9%20-%20%D0%9C%D0%B5%D0%B3%D0%B0%D0%97%D0%BD%D0%B0%D0%B9%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=894975888&gjid=1949248609&cid=473975479.1669353056&tid=UA-45408746-1&_gid=60307323.1669353056&_r=1&gtm=2oub90&z=1916203630

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://megaznaika.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 105ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6ZM3CEQ47X&gtm=2oeb90&_p=1907207900&cid=473975479.1669353056&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669353056&sct=1&seg=0&dl=https%3A%2F%2Fmegaznaika.com.ua%2F&dt=%D0%9C%D0%B5%D0%B3%D0%B0%D0%97%D0%BD%D0%B0%D0%B9%D0%BA%D0%B0%20-%20%D0%BA%D1%80%D0%B0%D1%89%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%B4%D0%BB%D1%8F%20%D0%B4%D0%BE%D0%BF%D0%B8%D1%82%D0%BB%D0%B8%D0%B2%D0%B8%D1%85%20%D0%B4%D1%96%D1%82%D0%B5%D0%B9%20-%20%D0%9C%D0%B5%D0%B3%D0%B0%D0%97%D0%BD%D0%B0%D0%B9%D0%BA%D0%B0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZM3CEQ47X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://megaznaika.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
703 B 159ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=megaznaika.com.ua&callback=_gfp_s_&client=ca-pub-8900067022887938&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8900067022887938&plah=megaznaika.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c2f72b1750b6008924e043a7b014f835a809574e6e130d46d50dfc53d92df34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 182ms
50ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=megaznaika.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 143ms
49ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=megaznaika.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABEF 282 KB
60 KB 943ms
860ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&adk=1812271804&adf=3025194257&lmt=1669351698&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fmegaznaika.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056324&bpp=9&bdt=414&idt=269&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4157860921666&frm=20&pv=2&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8add9739cff8c0a952a3dde98e17b4e15e6734b10e65656c59a680036c834fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 61878
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:57 GMT
expires: Fri, 25 Nov 2022 05:10:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7C64 87 KB
32 KB 497ms
424ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=250&slotname=4266011121&adk=3341900069&adf=712190411&pi=t.ma~as.4266011121&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&format=302x250&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056333&bpp=2&bdt=423&idt=281&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KmHMcV9B7G&p=https%3A//megaznaika.com.ua&dtd=286

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d434098550e15240dc336c5933840ee8472c669b7900d17be393467b3973a592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32330
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:57 GMT
expires: Fri, 25 Nov 2022 05:10:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 107ms
36ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45408746-1&cid=473975479.1669353056&jid=894975888&gjid=1949248609&_gid=60307323.1669353056&_u=YEBAAUAAAAAAACAAI~&z=769431257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Nov 2022 05:10:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://megaznaika.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD6F 85 KB
24 KB 937ms
885ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=2054353094&adf=1575656066&pi=t.aa~a.1043414356~rp.4&w=1192&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=1192x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056335&bpp=1&bdt=425&idt=302&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=2&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=373&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LvFWjLusFF&p=https%3A//megaznaika.com.ua&dtd=305

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

117655d44a7c0d01dd855f832e471771cf2810c5c2cd4cd7f0d6baed695857de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:57 GMT
expires: Fri, 25 Nov 2022 05:10:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 318 B
482 B 184ms
183ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:56 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"13e-5edb43f5ee978"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 76f7e17d1e69752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 viber.js Show response
static.addtoany.com/menu/svg/icons/ 1009 B
782 B 472ms
471ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/viber.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb79f192691a7328c0bc35b8fa9650495d4ac4656dbcf64d3fa8fdf15b5aeef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"3f1-5edb43f877078"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 76f7e17d1e6a752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 telegram.js Show response
static.addtoany.com/menu/svg/icons/ 360 B
508 B 468ms
467ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/telegram.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"168-5edb43f8443f8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 76f7e17d1e6b752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 facebook_messenger.js Show response
static.addtoany.com/menu/svg/icons/ 378 B
524 B 471ms
471ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook_messenger.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"17a-5edb43f5eca38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 76f7e17d1e6d752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 skype.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
953 B 475ms
475ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/skype.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5087733b23740ec5d32585ab5b04a9fd27b7b7c885663fc2242907f0a2f6654d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:38 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"51f-5edb43f80aa18"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 76f7e17d1e6e752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 393 B
527 B 475ms
474ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"189-5edb43f5e5cd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 76f7e17d1e6f752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
657 B 486ms
485ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"2b7-5edb43f86f378"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 76f7e17d1e70752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
397 B 473ms
472ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://megaznaika.com.ua/
Origin: https://megaznaika.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
etag: W/"b6-5edb43f58ee38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 76f7e17d1e71752d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 7C64 6 KB
1 KB 138ms
50ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=250&slotname=4266011121&adk=3341900069&adf=712190411&pi=t.ma~as.4266011121&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&format=302x250&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056333&bpp=2&bdt=423&idt=281&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KmHMcV9B7G&p=https%3A//megaznaika.com.ua&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 05:08:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7C64 2 KB
846 B 152ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7C64 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeAIzYE6AY9_PLIGw3wOqkrjwA4jav9homN_Z1JARrJzAu9oaEAEg6drNImC7hoCA0AqgAeHZzbcoyAEJqQI8HJAUhE20PqgDAcgDywSqBNsBT9AeEweRfEvwIcOX3LXfqssVKTxQfjx-w_9CS2OfCJ04bL4Fj49H3p2uKB7nDtlcS5fb7CcvK5lsq-6vE05tzxiRYtKOoGuAdudSk7o_N_LgR88FaYtzTtap0RobXpIeZQmVSoAoE5ZqOy9QmFr1uFdpgcVB8ljDKcshY6l6VVQftezCfxlv8lM-LhJQRcRRCP2PTlVbo8_nVOwQlgcx7WeEOqvAUC7gY1eXfP4SvKTu6bomriKChNfVTmtGNoIBNXz4vBo_7X29T3xQwZ9z82As_gWRUp199SjEwATSxKil9wOSBQQIBBgBkgUECAUYBKAGLoAH4ZGelwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCIrwLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItODkwMDA2NzAyMjg4NzkzOBgA&sigh=ZsiL8kcZ9UY&uach_m=[UACH]&cid=CAQSGwDq26N9fks6Dz5awwIp0K7FV6aLFZQGg7NP_RgBIBM&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=250&slotname=4266011121&adk=3341900069&adf=712190411&pi=t.ma~as.4266011121&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&format=302x250&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056333&bpp=2&bdt=423&idt=281&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=3497&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KmHMcV9B7G&p=https%3A//megaznaika.com.ua&dtd=286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 05:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 7C64 23 KB
10 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7C64 3 KB
1 KB 148ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 7C64 18 KB
7 KB 141ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C64 154 KB
48 KB 153ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 7C64 34 KB
14 KB 129ms
41ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 01:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 01:40:14 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/9882503552796665557/ Frame 7C64 13 KB
13 KB 177ms
82ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9882503552796665557/2728354180183721846?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1c6f4a52378e183a0d6cdf2e4f763bb814f663022cdbc50e083fa0a16d4ba88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 02:20:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 05:10:57 GMT

GET
DATA 200
OK truncated
/ Frame 7C64 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7C64 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a8e5511d36d6618929926f68fc992688fb766171bc5648635d0bfeef8fbe8a3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7C64 15 KB
16 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 303965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7C64 15 KB
15 KB 137ms
50ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 549013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 20:40:44 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame E21C 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BD6F 3 KB
601 B 131ms
50ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=2054353094&adf=1575656066&pi=t.aa~a.1043414356~rp.4&w=1192&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=1192x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056335&bpp=1&bdt=425&idt=302&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=2&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=373&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LvFWjLusFF&p=https%3A//megaznaika.com.ua&dtd=305

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 03:26:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BD6F 2 KB
765 B 123ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BD6F 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBbsjYE6AY9u6LIGw3wOqkrjwA8u2rJVtgunowtgQlciulrwxEAEg6drNImC7hoCA0AqgAfD5vIoDyAEGqAMByAMCqgTLAU_QkzPLR0_dY9NdEDnLagBJa9BN6BnmRqj-1TrdcwJIL39zN9L3Ay0G3Dz-0XStgd0s9UmUA6FGizZYXp7PAj8E0F9m4XtjuKz5YoI3NC0EIbIB3aul888oEfoioc9gR1az-UatBX9JbccacMDR_I_6hDLV67hNrGp7Fb_5T0OZoemsdAmOfHOnaWr18aoWtnj6EYxX5KikCvbTG7kyiktAJwjryK0Witk4R0xjPforJapPmedKo7ThxjbXh8lQa1Js19cLLfkZMuUgwATUwuGA9AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH-IXDdagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBC--gLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi04OTAwMDY3MDIyODg3OTM4GAA&sigh=247Wr4CAZgk&uach_m=[UACH]&cid=CAQSGwDq26N9ggWahY0NuP6vv4e4kUkpTC2T9OJT8xgBIBM&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=2054353094&adf=1575656066&pi=t.aa~a.1043414356~rp.4&w=1192&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=1192x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353056335&bpp=1&bdt=425&idt=302&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C302x250&nras=2&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=373&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=LvFWjLusFF&p=https%3A//megaznaika.com.ua&dtd=305
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 05:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 150 KB
51 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d87b278525f14c2302fdfeabf01bbeb1530239316b6923c4588a04a501a6564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52288
x-xss-protection: 0
server: cafe
etag: 5352188971004196263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame BD6F 23 KB
9 KB 97ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BD6F 3 KB
1 KB 105ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame BD6F 18 KB
7 KB 91ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD6F 154 KB
47 KB 134ms
52ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame BD6F 34 KB
14 KB 119ms
39ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BD6F 23 KB
24 KB 154ms
40ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQAD9NYM5H_yNuDvD3WJoD21tMydR-3bA0F2WkjGe1FYWFK-UHJ-sAqo_jMmQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3dac5f1f77c54f3b2612135d3f29d6840e6cb43fecb1c56f347fffd6bf6e631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:50:24 GMT
x-content-type-options: nosniff
age: 523233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23696
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 17:40:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 03:50:24 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame BD6F 13 KB
14 KB 144ms
40ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSG3Ztv7pz0KTD-yvVKGdp4bS7QP4W1WCuTU-NDqtlZgYkRxpmH&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7befb548c06ea53681699286fb234ea6ef5c8c798247e2be98da2bd2c8aa172d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:10:08 GMT
x-content-type-options: nosniff
age: 579649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 06:44:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 Nov 2023 12:10:08 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=megaznaika.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 130ms
49ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=megaznaika.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D2A0 77 KB
25 KB 857ms
856ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6a4123eed2e08952c409ae4bf9e0bfa6cec0cd4b4280c40d7904ba9eb3854ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 25664
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4AA 77 KB
25 KB 490ms
490ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=1583115137&pi=t.aa~a.572225079~i.15~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280&nras=4&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=2375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=XzRacV9Uxf&p=https%3A//megaznaika.com.ua&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60337682dfb0130ed0f76df1432137dd90610169b18c6f0cc2d21c39b0edfb33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 25859
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9779 18 KB
10 KB 239ms
239ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=60&adk=2570090068&adf=3847253172&pi=t.aa~a.1495044458~rp.4&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=302x60&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057672&bpp=1&bdt=1762&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280%2C827x280&nras=5&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=zYTxaQi6P5&p=https%3A//megaznaika.com.ua&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31f2fedd030cdda14b4d9d44935c1854f08a1a1a54bc0fae701d022fb206069c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9904
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 9032 10 KB
4 KB 42ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 9696 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD6F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39bf422535b0039e90b4672d01c0263b0bae25c61e86540e5859bbb28a21637a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame 9032 4 KB
636 B 53ms
52ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 03:41:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9032 205 B
229 B 40ms
40ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:09:03 GMT
x-content-type-options: nosniff
age: 114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Nov 2023 05:09:03 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9032 604 B
628 B 41ms
40ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:06:35 GMT
x-content-type-options: nosniff
age: 29062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 24 Nov 2023 21:06:35 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 9032 19 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45232
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:37:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9696 3 KB
601 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 05:10:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9696 2 KB
765 B 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9696 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnWiNYE6AY-LPLIjq3gOEmYTAA8u2rJVtgunowtgQlciulrwxEAEg6drNImC7hoCA0AqgAfD5vIoDyAEGqAMByAMCqgTLAU_QFkcKc9xtM5KxaIdW_5W3CevbjPPCrijNCf_8qbZ2Gsz3mNEFBpw2DJZEKUc4g60FsN31F0gv6-XNF3VI8J_tRYYzt8juWjvK_ENjWhnhHPd4y8VYmTmh-fiZN4gc0lvobRjj_3hzRCF00NR0zmGb2ppo4eyXyCkWK5oCvUyYwwfLeBMJIgx-FyASP9bNhoW113Ybh0MBWKRVE_k93BkJRIyv2Eqq_ShfY0i6fYcIqRJB15irc6H88JlNtRec9qfawJb-dA2ZCrUMwATUwuGA9AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH-IXDdagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDCnArSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi04OTAwMDY3MDIyODg3OTM4GAA&sigh=YlnVFK_D1sk&uach_m=[UACH]&cid=CAQSGwDq26N9GSKCdeaD0XJ8mgqoPWGO2tOYECNFjxgBIBM&template_id=493

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 05:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9696 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9696 3 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9696 18 KB
7 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9696 154 KB
47 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 9696 34 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9696 23 KB
23 KB 124ms
41ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQAD9NYM5H_yNuDvD3WJoD21tMydR-3bA0F2WkjGe1FYWFK-UHJ-sAqo_jMmQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3dac5f1f77c54f3b2612135d3f29d6840e6cb43fecb1c56f347fffd6bf6e631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:50:24 GMT
x-content-type-options: nosniff
age: 523233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23696
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 17:40:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 19 Nov 2023 03:50:24 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9696 13 KB
13 KB 121ms
40ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSG3Ztv7pz0KTD-yvVKGdp4bS7QP4W1WCuTU-NDqtlZgYkRxpmH&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7befb548c06ea53681699286fb234ea6ef5c8c798247e2be98da2bd2c8aa172d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:10:08 GMT
x-content-type-options: nosniff
age: 579649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 06:44:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 18 Nov 2023 12:10:08 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame BD6F 20 KB
20 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 197889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 22:12:48 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame BD6F 21 KB
21 KB 134ms
56ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 13:44:22 GMT
x-content-type-options: nosniff
age: 573995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 13:44:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1811 8 KB
895 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 03:56:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1811 2 KB
765 B 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 1811 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1811 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1811 18 KB
7 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1811 154 KB
47 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 1811 34 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
DATA 200
OK truncated
/ Frame 9696 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c93aac14b21b1744b6ed008c0f9f1a5ceecdc15cb406c169ab1766ee2e8fb440

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 262F 143 B
166 B 41ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 04:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9779 42 B
63 B 76ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CogO7a7xwjKP3Qt26FP8KMWzKBZcBu0rp1tmBsmcN4ylV52tBbFW_c2Xcl9hhU-lHqNXsCe_MVRYTZb1G-jUglkipXdtM_AcpPnEjZPAFKUGCTlog

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=60&adk=2570090068&adf=3847253172&pi=t.aa~a.1495044458~rp.4&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=302x60&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057672&bpp=1&bdt=1762&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280%2C827x280&nras=5&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=zYTxaQi6P5&p=https%3A//megaznaika.com.ua&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9779 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:26:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 21:26:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 9779 18 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9779 0
0 135ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8vUKaMOBXpDf6AsW_QMqCTjE6FZ1K9qhawoyvotN1pajcw2Gtwwxm7ZnS7-fQHwfdHTTxcNLtSE1yXMEW918j4yZwtQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=60&adk=2570090068&adf=3847253172&pi=t.aa~a.1495044458~rp.4&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=302x60&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057672&bpp=1&bdt=1762&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280%2C827x280&nras=5&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=zYTxaQi6P5&p=https%3A//megaznaika.com.ua&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9779 154 KB
47 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 05:10:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 14F8 624 B
245 B 52ms
51ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y7YPj1wEwAQ&v=APEucNVA_cNx8uVkfwPQZGpa5tGZCasaVGq9qKb4ojJROl7AKkvVWMALLnYdJRwOBc4ySYJuAz8xcTfoWxd9nB_ctaz2TsfBqDH9cvHSI5Cz4SLIJCSaqz2-UVQYpAJjpQTcccApFX64jQFO-jBlHAPJR4GLZD-MeYHYzTt0H0vjlJ0divvR5Mk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=60&adk=2570090068&adf=3847253172&pi=t.aa~a.1495044458~rp.4&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=302x60&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057672&bpp=1&bdt=1762&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280%2C827x280&nras=5&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=zYTxaQi6P5&p=https%3A//megaznaika.com.ua&dtd=19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:57 GMT
expires: Fri, 25 Nov 2022 05:10:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9779 68 KB
32 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGhvTvALcwZ-YSNJMpC1w9FsZNS62z-n7_E1hxPHMWxF9_RKxYPfE-RlceLPdQeMwxLtBKrGUsMYG6r-spNrg4f73H-Q&cry=1&dbm_d=AKAmf-BxnhUL5uOomroKEpzO-ZPdIPsb0vtj0flx3ds9G35jqUM7oPxjgy4qMUtwDW9AH-TvuGXHlZ4cnFqknPqWIBWpqnI0C0RKyTI8QDp5Ej9dlV-E9fc9eUkpiY1OG4pvuoE07z8F5blc_Tr-GYmCIATlnp3_lI_h2OsFXyHuNuKS9CUV2mPECIbJS7A81t9IKJga7DiprlUaY7JAaKMGwXyENTtZwybaWFzbEgGXssnKJCz2G72NX4rN-pbXTNTVRMTXoWWGfM-7J-AdjoVs92Y-pbmf1GltgDFsEJq3Fc74ZSqYJzsRjIZ6oiDaTs_DR4f2AjAE6X9l27nIJVgcDFFkz2MwBWRcDPXpNqi3t0v28yv2u7MfIOCYmgMahsNwA2lzT9T3Z8WW_4U0Ja0ZnFRA6I0tfqeUroB5dG0O8GtqhnIgj3x5_vR53pKFMjiz9K8bRBHAPWrIojpU59NApdF8qgMxZacdC1LwW53HlERtH9wg_o3nnTHg73e-kIN1qgOe8XM-C_hneBOd0tx2RNKQZQ7zK2d0vlMGC2rhhC-d89fc3XkUUXQ8ULtNeVJorzovxvTt19_NPgsdp0v5ysvXPE-Pp6_Op4gULAgVQicC_WDXGvgKBft_slvGwVlhIb4PV6qJPC6jT7Nwla3GLJ07B0MKL4VPMH39EVfQkvT9iF4Rv8qK6szj8bGJEWUkw8gmKYnWVZSC-gQ0IPmg2uip4ON-za7EaznztjiOLPVI-6EHQkFiBE3JoS2p_gYdMevVnei7dk1EZ2NOHB1w4TmN8OnuCGO6WnQDNDinJiBMiSdjUIpOVujyiB3I6gKfHacOBn7jW3CZm_b0ELPLxXGpPBk9SZUADZTGXlrPM0Jlh96iY6f5HpO9Fh_IRiCXRLRH9EBJbxWN586LCfkxFz1H5Ead9uUQqyZV5xF12jaVffy_3r13zh12UJPPKAVXUafDJuI2eEUFXRcQ5kCWKODOS_wH87-Dulj8T4gpWSc4QOwFdwdio3MZlAQB9WRJR3F9VKI99RSoES6Y0rqf2DVXw35yO3YCyN0T4rvuAd4MFPQk6GMA099P2tE--Bj8FPVrr63AmuwS0nwsc0qEfT3wQkY2pbm4pHN7bSwt9Mr5hvZPqAswru61ES729HvCgl_dmiBogfeMMkAt8ucptIFrbEOJ0UzKjAkGdhcUKEsem9YGUQy4toPjl0Hss-wAFZKFUlbBSSlEoPX5UsGhgFhdEJUUoNLMbsCau7j1q9tLH0m8xO-YbPWLkXFJcvuzCBqhLCDxJfVO0IZjc2NEmhr2MPqVbqv3S1Llnmq1rwyAf2l7uItuWKIh9tRa8DARnkPF_Ed-wqVMUOaZPvyniTbK78W3_uDeyZRUoaaM65gWpKMj91gMVVyB_DxYFLNMQg02ylDDi_cmmh8hnCJGYjleaTc5LooYL4FNxT_VVHp-xROdH8Xkxc8569zhYewTiUGIibeXCGBUSOI-xShDcjCqIzE-phRyZpHZZzXWqb8kBDDZkeHVS2t101OcbmU1TWoh4XsSimjYiYk38xsANDVNRziO8TLPO3XeC9J-u6TaN4uQDsXGuTd_wB9s3y4g3lcLuMn2zHIOFvIfGGvrLqmqYKoeRzrjyNZCp-7wnLj78WRT7ZWBHLZ1Zlar48j1oXhzKhaUgwcMMo-x3Hz6eyIHngy3UJ6Hp6h8AoHKnwrbBJFl7XYN5pTX8XzMLOg8Keo4mgOBqzAVRjAuSyIQJBLrczxPHgC9niYq8xy1ujSFJjbUIJn-24H2FuuTtBelbQhmKa_UUynRZMqpeK7q-pGQF-VUqAJReOEK7sPn7BWjnNB6B3CkPUZtJL_RUEfZF8W01dSWAH38ZOrfrLkMCdRQOvxA3dphiA-69IUIyzYSNpVTwQLJBnb5ruSa4uyB79PcxJ2G7UytzYIeL14XF_vM-FtQ9BkytTFuUDpmpJY3o23cFOVHYNv_v_M2mIOncJBM6Nz0iVBwoid67G1HLhXLO93WHSo3hhOJAfmx1GddZeEw2yGf0vvT1Lxg0YOVafIsOcoiZ4Z3KyCxaSQt9RuQOuyw88sK48G55GxRyLa6MY8Qz1mpMWB4Jf4Yke56iwmdMufUGohIQ1fl3Gz1FZDBquL4-NVeTd8wf1RwfTGxo9Ca6Fq00Vzt38CqNW-PF57OBZbLfN41yDkLxrrmo72yNuNyf8jwGCzs-YyqnQ7G1hVRfUhEmcquPyqISeCv412Ux5anTe1ses5Yyx1XEfHaZneVK6a1O0I15EjpStiWgxnzF2m5fMs8S7UX47ZlDxSPFEXFWY_Qk4ygspkmfhRxsG-e4mtM-2cy5qnlotSLd2Dquc868RcEkmvZgjmcC1IbCBSW2w6xC-7SR-aJr1d8Nwp4Y9iTwWwtM_k_9B4zw4OPYFiL3WnlTvyoK0hQl9tJeTXPYAxyXD8y4hvbXt_gPlxCMLRzRcN_LeZw2is8jRraPCg_D81--t5U2vfQ6wUAs5Ycyzu4XigXTYx4o4OzDcQ-QB_rIHTA8LqRm3tnF3atkdaF74ojPeec-Pqro9rbLpEAocYtPSlfofMvfF-m_bPcaANdTj87MwPt9N5C6WTeqN1F4i0u-xBVwAI1DZqkkXOyAjEHC4RWg-So3z2qZzXXyJiz8lsHzPLOBh5rGHYM-2SGyVIA9y0R4UgL24RGQrYLth7pYhKM0UjWEQD_y22dLW5Rt9QO9uaokv74DHpq5BGdYpq1GsNd7UpTvx-XXmhqNFxyMBisl7RxDppOm7BFtxbnfdTRGOKalZEzFWXACvlXuyowgbtpIFZhaMfPb9NLYzSDM0xd6iq_VYp5xquoaRnVVZxQ6fLc0FUXAzNEohRNFV6qWPYeGuH42T6-5IcsZOjE6Qp_B3rC-z-AQWtb4zlN3YZ7Z6G1oOAqdaBwuOQWgDgBUTxrWyG9AkZcd3H_FyGsmsc756dhemKn21Tr_RytiO42RrdZabbZN8_cp4T6jFJVeG4irssaIiTC0_sL1a6olQF3D-r1wjLc5ylFn_9owjey-mmv6hJFA8iK4rjTR68novqNOyjse08tTa651NSDS9YIE0wE2AoGvL5ERKYlJsrWm_zHjjW2JZOkTZXwZxcPBpsS09kaKsvOI8VsyngiYQih-BR_cS4IWLd02x1FElPWr87mEelP_P3BKCDKXVZPCgHeDUjieZ5AZa53o1_WyRHz4C3S5L9eTxixY_hOQNpRW2FZIfBGhooS569hd-BoCoe9AEzzEwcH5dsqKPVKKxIQlgExwkvHFkOz1zcfLscDJNtN5jHv9iEmNhZUTRDXcj62YzjIrqBHyQDgNFhq0uM6y4D_6FjixCMjeA&cid=CAQSPADq26N9n6MTWuGibmW4U_R2ksxCpApVDTxeIe8_ZruJLUntUKynmaufztNSB-afDT3-yWbxWOm6bhmhHhgBIBM&rfl=1%2Chttps%253A%252F%252Fmegaznaika.com.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cf31e9dd12302355fa4ff12e8995c85a78b7b35f4d3d925ff12bed69be07b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=60&adk=2570090068&adf=3847253172&pi=t.aa~a.1495044458~rp.4&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=302x60&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057672&bpp=1&bdt=1762&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280%2C827x280&nras=5&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=zYTxaQi6P5&p=https%3A//megaznaika.com.ua&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 262F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
52ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:58 GMT
expires: Fri, 25 Nov 2022 05:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 000C 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 14F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1&C=1

43 B
766 B

40ms
39ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y7YPj1wEwAQ&v=APEucNVA_cNx8uVkfwPQZGpa5tGZCasaVGq9qKb4ojJROl7AKkvVWMALLnYdJRwOBc4ySYJuAz8xcTfoWxd9nB_ctaz2TsfBqDH9cvHSI5Cz4SLIJCSaqz2-UVQYpAJjpQTcccApFX64jQFO-jBlHAPJR4GLZD-MeYHYzTt0H0vjlJ0divvR5Mk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 05:10:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 05:10:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 14F8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4BOYmC3RebUvyiwXHMs4wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y7YPj1wEwAQ&v=APEucNVA_cNx8uVkfwPQZGpa5tGZCasaVGq9qKb4ojJROl7AKkvVWMALLnYdJRwOBc4ySYJuAz8xcTfoWxd9nB_ctaz2TsfBqDH9cvHSI5Cz4SLIJCSaqz2-UVQYpAJjpQTcccApFX64jQFO-jBlHAPJR4GLZD-MeYHYzTt0H0vjlJ0divvR5Mk
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 05:10:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMaQNdKDOyZTI1DN_UB0iBk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 14F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHz8EmnTitG9aln76T0sILc&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHz8EmnTitG9aln76T0sILc%26google_cver%3D1

43 B
1 KB

56ms
35ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHz8EmnTitG9aln76T0sILc%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIaBahCjyH4Y7YPj1wEwAQ&v=APEucNVA_cNx8uVkfwPQZGpa5tGZCasaVGq9qKb4ojJROl7AKkvVWMALLnYdJRwOBc4ySYJuAz8xcTfoWxd9nB_ctaz2TsfBqDH9cvHSI5Cz4SLIJCSaqz2-UVQYpAJjpQTcccApFX64jQFO-jBlHAPJR4GLZD-MeYHYzTt0H0vjlJ0divvR5Mk

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 05:10:58 GMT
AN-X-Request-Uuid: b7c718df-64dc-422a-ae1b-f1d40250da67
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 05:10:58 GMT
AN-X-Request-Uuid: b41e3f3c-feeb-4a36-a5d0-8b88376ea1d1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHz8EmnTitG9aln76T0sILc%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 14F8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE2MzIxNTIyNTYwMzk1NjUyNQ%3D%3D

170 B
188 B

52ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE2MzIxNTIyNTYwMzk1NjUyNQ%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 05:10:58 GMT
AN-X-Request-Uuid: 21391845-cb01-4f93-8e34-6df41f5228f9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE2MzIxNTIyNTYwMzk1NjUyNQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 9779 29 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGhvTvALcwZ-YSNJMpC1w9FsZNS62z-n7_E1hxPHMWxF9_RKxYPfE-RlceLPdQeMwxLtBKrGUsMYG6r-spNrg4f73H-Q&cry=1&dbm_d=AKAmf-BxnhUL5uOomroKEpzO-ZPdIPsb0vtj0flx3ds9G35jqUM7oPxjgy4qMUtwDW9AH-TvuGXHlZ4cnFqknPqWIBWpqnI0C0RKyTI8QDp5Ej9dlV-E9fc9eUkpiY1OG4pvuoE07z8F5blc_Tr-GYmCIATlnp3_lI_h2OsFXyHuNuKS9CUV2mPECIbJS7A81t9IKJga7DiprlUaY7JAaKMGwXyENTtZwybaWFzbEgGXssnKJCz2G72NX4rN-pbXTNTVRMTXoWWGfM-7J-AdjoVs92Y-pbmf1GltgDFsEJq3Fc74ZSqYJzsRjIZ6oiDaTs_DR4f2AjAE6X9l27nIJVgcDFFkz2MwBWRcDPXpNqi3t0v28yv2u7MfIOCYmgMahsNwA2lzT9T3Z8WW_4U0Ja0ZnFRA6I0tfqeUroB5dG0O8GtqhnIgj3x5_vR53pKFMjiz9K8bRBHAPWrIojpU59NApdF8qgMxZacdC1LwW53HlERtH9wg_o3nnTHg73e-kIN1qgOe8XM-C_hneBOd0tx2RNKQZQ7zK2d0vlMGC2rhhC-d89fc3XkUUXQ8ULtNeVJorzovxvTt19_NPgsdp0v5ysvXPE-Pp6_Op4gULAgVQicC_WDXGvgKBft_slvGwVlhIb4PV6qJPC6jT7Nwla3GLJ07B0MKL4VPMH39EVfQkvT9iF4Rv8qK6szj8bGJEWUkw8gmKYnWVZSC-gQ0IPmg2uip4ON-za7EaznztjiOLPVI-6EHQkFiBE3JoS2p_gYdMevVnei7dk1EZ2NOHB1w4TmN8OnuCGO6WnQDNDinJiBMiSdjUIpOVujyiB3I6gKfHacOBn7jW3CZm_b0ELPLxXGpPBk9SZUADZTGXlrPM0Jlh96iY6f5HpO9Fh_IRiCXRLRH9EBJbxWN586LCfkxFz1H5Ead9uUQqyZV5xF12jaVffy_3r13zh12UJPPKAVXUafDJuI2eEUFXRcQ5kCWKODOS_wH87-Dulj8T4gpWSc4QOwFdwdio3MZlAQB9WRJR3F9VKI99RSoES6Y0rqf2DVXw35yO3YCyN0T4rvuAd4MFPQk6GMA099P2tE--Bj8FPVrr63AmuwS0nwsc0qEfT3wQkY2pbm4pHN7bSwt9Mr5hvZPqAswru61ES729HvCgl_dmiBogfeMMkAt8ucptIFrbEOJ0UzKjAkGdhcUKEsem9YGUQy4toPjl0Hss-wAFZKFUlbBSSlEoPX5UsGhgFhdEJUUoNLMbsCau7j1q9tLH0m8xO-YbPWLkXFJcvuzCBqhLCDxJfVO0IZjc2NEmhr2MPqVbqv3S1Llnmq1rwyAf2l7uItuWKIh9tRa8DARnkPF_Ed-wqVMUOaZPvyniTbK78W3_uDeyZRUoaaM65gWpKMj91gMVVyB_DxYFLNMQg02ylDDi_cmmh8hnCJGYjleaTc5LooYL4FNxT_VVHp-xROdH8Xkxc8569zhYewTiUGIibeXCGBUSOI-xShDcjCqIzE-phRyZpHZZzXWqb8kBDDZkeHVS2t101OcbmU1TWoh4XsSimjYiYk38xsANDVNRziO8TLPO3XeC9J-u6TaN4uQDsXGuTd_wB9s3y4g3lcLuMn2zHIOFvIfGGvrLqmqYKoeRzrjyNZCp-7wnLj78WRT7ZWBHLZ1Zlar48j1oXhzKhaUgwcMMo-x3Hz6eyIHngy3UJ6Hp6h8AoHKnwrbBJFl7XYN5pTX8XzMLOg8Keo4mgOBqzAVRjAuSyIQJBLrczxPHgC9niYq8xy1ujSFJjbUIJn-24H2FuuTtBelbQhmKa_UUynRZMqpeK7q-pGQF-VUqAJReOEK7sPn7BWjnNB6B3CkPUZtJL_RUEfZF8W01dSWAH38ZOrfrLkMCdRQOvxA3dphiA-69IUIyzYSNpVTwQLJBnb5ruSa4uyB79PcxJ2G7UytzYIeL14XF_vM-FtQ9BkytTFuUDpmpJY3o23cFOVHYNv_v_M2mIOncJBM6Nz0iVBwoid67G1HLhXLO93WHSo3hhOJAfmx1GddZeEw2yGf0vvT1Lxg0YOVafIsOcoiZ4Z3KyCxaSQt9RuQOuyw88sK48G55GxRyLa6MY8Qz1mpMWB4Jf4Yke56iwmdMufUGohIQ1fl3Gz1FZDBquL4-NVeTd8wf1RwfTGxo9Ca6Fq00Vzt38CqNW-PF57OBZbLfN41yDkLxrrmo72yNuNyf8jwGCzs-YyqnQ7G1hVRfUhEmcquPyqISeCv412Ux5anTe1ses5Yyx1XEfHaZneVK6a1O0I15EjpStiWgxnzF2m5fMs8S7UX47ZlDxSPFEXFWY_Qk4ygspkmfhRxsG-e4mtM-2cy5qnlotSLd2Dquc868RcEkmvZgjmcC1IbCBSW2w6xC-7SR-aJr1d8Nwp4Y9iTwWwtM_k_9B4zw4OPYFiL3WnlTvyoK0hQl9tJeTXPYAxyXD8y4hvbXt_gPlxCMLRzRcN_LeZw2is8jRraPCg_D81--t5U2vfQ6wUAs5Ycyzu4XigXTYx4o4OzDcQ-QB_rIHTA8LqRm3tnF3atkdaF74ojPeec-Pqro9rbLpEAocYtPSlfofMvfF-m_bPcaANdTj87MwPt9N5C6WTeqN1F4i0u-xBVwAI1DZqkkXOyAjEHC4RWg-So3z2qZzXXyJiz8lsHzPLOBh5rGHYM-2SGyVIA9y0R4UgL24RGQrYLth7pYhKM0UjWEQD_y22dLW5Rt9QO9uaokv74DHpq5BGdYpq1GsNd7UpTvx-XXmhqNFxyMBisl7RxDppOm7BFtxbnfdTRGOKalZEzFWXACvlXuyowgbtpIFZhaMfPb9NLYzSDM0xd6iq_VYp5xquoaRnVVZxQ6fLc0FUXAzNEohRNFV6qWPYeGuH42T6-5IcsZOjE6Qp_B3rC-z-AQWtb4zlN3YZ7Z6G1oOAqdaBwuOQWgDgBUTxrWyG9AkZcd3H_FyGsmsc756dhemKn21Tr_RytiO42RrdZabbZN8_cp4T6jFJVeG4irssaIiTC0_sL1a6olQF3D-r1wjLc5ylFn_9owjey-mmv6hJFA8iK4rjTR68novqNOyjse08tTa651NSDS9YIE0wE2AoGvL5ERKYlJsrWm_zHjjW2JZOkTZXwZxcPBpsS09kaKsvOI8VsyngiYQih-BR_cS4IWLd02x1FElPWr87mEelP_P3BKCDKXVZPCgHeDUjieZ5AZa53o1_WyRHz4C3S5L9eTxixY_hOQNpRW2FZIfBGhooS569hd-BoCoe9AEzzEwcH5dsqKPVKKxIQlgExwkvHFkOz1zcfLscDJNtN5jHv9iEmNhZUTRDXcj62YzjIrqBHyQDgNFhq0uM6y4D_6FjixCMjeA&cid=CAQSPADq26N9n6MTWuGibmW4U_R2ksxCpApVDTxeIe8_ZruJLUntUKynmaufztNSB-afDT3-yWbxWOm6bhmhHhgBIBM&rfl=1%2Chttps%253A%252F%252Fmegaznaika.com.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 9779 8 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:20 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9779 0
0 201ms
88ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGkvEbPzYYc23k1sLc13AimzKG58yLYBeFplf9ITq9b4vBAE5I9V5Lgy89YaSO-ZrQlK9aqPIu9BOjtSfl9-nDnCzu-gxfGrAAJliMjwT0J_A-JBd_PDT_3UYCMkQRP2CU_VnUmGqr3nLdbyNxkwAhB52z_sTq8XvpO7hWEMvMia_6FgmKTvw3gPJo5m0G22Tx3qgLLIthMTzB_m597OMJcN1JWYBAC8oR3zvY9U0n63p04FSC73_phF8PvHh8vMX1Nylc0Xxf8ywEsafgwvHP8l4zxOoXFJIcP214hMCkD0Qn9JqUDLRptJ3fmVYSTowUiD0zwzQUHnOZEAVCkfILEP7qPjc82ASJ__GFlGykfGm5IL7CPOOdKBgzSV5YsC9Z0j6lcQnrwQwU50yK-kUD8sFG6oQEueJlcs4BueDdr8i-lZRq6PBCH77SglIUSefe6JHzhP4d6vwLXVj0nPzPoGFZjWYgtv--tXgXR2xw-6SeFyaAd09YRikHdMhdb-GDO98aV3Ng_-bBV5qhY1GFJti5XkUoq00-VQFzycL4aS2OAdGafA3MCVA_So0R0qNApt9DRi0M6aqU-dNdZeP4BkZWA1XGfWPt6HFPiCXp0MvXiNEbTJfJJT-kIzFGI9BIA2GzUhP8BE_W1j1DOsYOUl4amex248EZkU9OBLO4prmWH8Q2aJ8kCTZzsQofmEVmraJTZ5zH21du63HEUp8jN4cDCdDryFOyhZcDIolAhPcpC-4o5S2fWiS4nO64jQjQ5Oawz-Vg3VdqinFMNsYTRndBVTuFRSk4DcRPYq-l1dpnMXEfKG38_UrcGccDW8i7-3KDq9JFThttlGImdtQ6xiCcd7v9pldcPhAweuFjjkugc6yfhCRlLuluA8YUgrnJq64Nhwzo8eeCRmqmPyMsrrJS0jmvD5BM0dQHM1CuM2XjqabvZe_hcliwXrtF-vUv-yvLuVg6vYPakQrtGPPt-XrlDbabz-bsXAa80XxGljqF1CJNpqOlhwS8FdXobnt3crZy7mczhdqE-pUiilztYq1GLeD-XN7924T0_OdB1MZOt-yei_KtNgyFowsGeZLQL6kGZ_Mj_5hBrIyhUnfK5o_c6PcPUu2dd6ba92F890esESOuezVIQD-zu6zPK8pvssluFXO1aMlAzUhe1nBxNBdR_H46M8q9LfwMDTbfIEuCG0FYnSyaQC9KGMfHvd_tFBQ4tK6sQJS5r9L6PTCij7dYZfeOtW2dsSI&sai=AMfl-YRBE61CxGZpr1ESQtVuFRXOUEtFlXn79XoxcmS3h3kan-ySRvb8m44d-4-PiQEozz8PMAIC2951LhMm8Tfe1fuoiuJv1BDUQ-BrG1MLN3UufcJruLL0wl0LJBr5F89_dBfTYgj0Lm282QOuat6cJFO7uL5XJsAPaosWJqCm5Vz7EAtYhnuBo4c7cVKMI28CNrtcnojrxhOHWIdd0FdfiAjAEMVw0PsnX8oteQY8k_p61M2iY6NX-7xKlf3N7DhMAabR25FvR-C3JQ&sig=Cg0ArKJSzOAt4jjwnc24EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.79174&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 05:10:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9779 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 12:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:06:40 GMT

GET
H2 200 4695370464444840413
s0.2mdn.net/simgad/ Frame 9779 70 KB
70 KB 147ms
42ms Image
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4695370464444840413

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8c0c74d24ffe7e8605ef7eaaeaf02c72db68cb8d3f18cf24b48ac6fdc979f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 17:58:02 GMT
x-content-type-options: nosniff
age: 40376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71411
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 14:49:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 17:58:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0DDE 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Fri, 25 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F739 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 579857
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 12:06:41 GMT
expires: Sat, 18 Nov 2023 12:06:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9779 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e5b3d87cbcd7aa69aa739bb9ca030f510168331815b4746a1d3bf4a783ba58a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B4AA 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=1583115137&pi=t.aa~a.572225079~i.15~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280&nras=4&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=2375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=XzRacV9Uxf&p=https%3A//megaznaika.com.ua&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B4AA 8 KB
716 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 05:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 03:48:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 05:10:58 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame B4AA 14 KB
3 KB 156ms
40ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 10:02:14 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame B4AA 388 KB
131 KB 157ms
42ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134376
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 10:02:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B4AA 18 KB
7 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B4AA 0
0 134ms
51ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfm4ElHfibOZLRrBSuewvd--lEmbg12gVcZAc0Yv93jz-Yx-Y4Adzc-e7htQEFtBwvYX10KlcV_fpzbSzHnUsXJ4ZRyg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=1583115137&pi=t.aa~a.572225079~i.15~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280&nras=4&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=2375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=XzRacV9Uxf&p=https%3A//megaznaika.com.ua&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0DDE 35 B
463 B 133ms
42ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA24YJb6lNQfObD0ofY7B-E&google_cver=1&google_push=ASkJ3Fbt6K7ArqXs-snaYXdJibYjaUaEfJer_TFT2bWeS82mmz-MwstchQbyvU9Pq9mOKyy1X7gxkGAFXUgAIWIhD3RuOxhvkE0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DDE
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FapubYxGJHqHB2TfarQ425tyIDzePBgVxFTzcQwKblyfMgA29fv6kf3GVlLvS_WCo_MYKebYATNnqnfcpir1QIlCHEaEMk&google_gid=CAESEJDzbk5u4WOzShvDbsu0U7o&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOKcgZwGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BU2tKM0ZhcHViWXhHSkhxSEIyVGZhclE0MjV0eUlEemVQQmdWeEZUemNRd0tibHlmTWdBMjlmdjZrZjNHVmxMdlNfV0NvX01ZS2ViWUFUTm5xbmZjcG...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSmhfbWp6TXB6OGpKYV9KZnhEQWFKR3lmTk0wRnRLN2ZVU1RyRkZ3c2d1NA==&google_push

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSmhfbWp6TXB6OGpKYV9KZnhEQWFKR3lmTk0wRnRLN2ZVU1RyRkZ3c2d1NA==&google_push

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 25 Nov 2022 05:10:58 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSmhfbWp6TXB6OGpKYV9KZnhEQWFKR3lmTk0wRnRLN2ZVU1RyRkZ3c2d1NA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0DDE 43 B
351 B 98ms
31ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE8qsZYRTpQ33CIO9U2eDqQ&google_cver=1&google_push=ASkJ3FYUcCGxmlx1yFIBNxPujTGw8d7SC_VF9pyvBBjxyDoMH5RnAudKk6zbcYsZX_6-jZzEnDOxaT2_0n2kAHAveyQ80Tt5NxE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=60&adk=2570090068&adf=3847253172&pi=t.aa~a.1495044458~rp.4&w=302&fwrn=4&fwrnh=100&lmt=1669351698&rafmt=1&to=qs&pwprc=9164332977&format=302x60&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057672&bpp=1&bdt=1762&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280%2C827x280&nras=5&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=175&ady=1283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=zYTxaQi6P5&p=https%3A//megaznaika.com.ua&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: jdfestvqm1asbdej9u85ip5fbchq40kd

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DDE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iSkFev5S2-R_KgzSz_tww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

60ms
59ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iSkFev5S2-R_KgzSz_tww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaQ7Z-LoAcy-VN2ko0YbYIu0ZLXmmE92smMQve7TyYQBsHwiIX6exHalnrkFbkb5eHv8qPSUnpiVY3qLn6pwJHp4285KA

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iSkFev5S2-R_KgzSz_tww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaQ7Z-LoAcy-VN2ko0YbYIu0ZLXmmE92smMQve7TyYQBsHwiIX6exHalnrkFbkb5eHv8qPSUnpiVY3qLn6pwJHp4285KA
date: Fri, 25 Nov 2022 05:10:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DDE
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP_lYTYRyUK3ctUmw5vOoz0&google_cver=1&google_push=ASkJ3Fa6CAZw-tJEhdf7t_3ecLPdbncqpLTENirIqGdH9xE3hG6Z1zBNV9gBNaMbq-Ew11d37p2...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFXMVBKSzUtTy04N0RY&google_push=ASkJ3Fa6CAZw-tJEhdf7t_3ecLPdbncqpLTENirIqGdH9xE3hG6Z1zBNV9gBNaMbq-Ew11d37p2K3eiVxpNQG5pATmCKfIEwaA

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFXMVBKSzUtTy04N0RY&google_push=ASkJ3Fa6CAZw-tJEhdf7t_3ecLPdbncqpLTENirIqGdH9xE3hG6Z1zBNV9gBNaMbq-Ew11d37p2K3eiVxpNQG5pATmCKfIEwaA

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFXMVBKSzUtTy04N0RY&google_push=ASkJ3Fa6CAZw-tJEhdf7t_3ecLPdbncqpLTENirIqGdH9xE3hG6Z1zBNV9gBNaMbq-Ew11d37p2K3eiVxpNQG5pATmCKfIEwaA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DDE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_hm=Y4BOYmC3RebUvyiwXHMs4wAAFBEAAAAB&google_nid=index&google_push=ASkJ3FZDa4mKU13rtHDyDaEX50Bw3m-Y8Y4rL...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_hm=Y4BOYmC3RebUvyiwXHMs4wAAFBEAAAAB&google_nid=index&google_push=ASkJ3FZDa4mKU13rtHDyDaEX50Bw3m-Y8Y4rLCPM9Vez0o5_JQ-Ghd8YJgt8ODbhZY4P0nYWSEN3g-v9bOLyevpfwtYnkABaSws

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCSZwLHQJgaVAXXnnCXAEjE3laHTorm3SASAQpJCQJl4jTOWqerVfJANagKRUAhV5ARcLZJ6yMvqwg5bLBcuB1t518cEpT0axwi2NA0JEE9FjueqOyDdJOydLPt25G9XWOHOR9NEHRhpXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_hm=Y4BOYmC3RebUvyiwXHMs4wAAFBEAAAAB&google_nid=index&google_push=ASkJ3FZDa4mKU13rtHDyDaEX50Bw3m-Y8Y4rLCPM9Vez0o5_JQ-Ghd8YJgt8ODbhZY4P0nYWSEN3g-v9bOLyevpfwtYnkABaSws
cache-control: no-cache
cf-ray: 76f7e186fbf054b1-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 0DDE 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0DDE 0
12 B 133ms
49ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYvqp9k8cYT0EZdEjukx4KyMMbYkRu28Q6UISXTlPwrm2iMSsC4HwMO83BA3CBg4rREpDOYg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame F739 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9779 0
0 164ms
79ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGkvEbPzYYc23k1sLc13AimzKG58yLYBeFplf9ITq9b4vBAE5I9V5Lgy89YaSO-ZrQlK9aqPIu9BOjtSfl9-nDnCzu-gxfGrAAJliMjwT0J_A-JBd_PDT_3UYCMkQRP2CU_VnUmGqr3nLdbyNxkwAhB52z_sTq8XvpO7hWEMvMia_6FgmKTvw3gPJo5m0G22Tx3qgLLIthMTzB_m597OMJcN1JWYBAC8oR3zvY9U0n63p04FSC73_phF8PvHh8vMX1Nylc0Xxf8ywEsafgwvHP8l4zxOoXFJIcP214hMCkD0Qn9JqUDLRptJ3fmVYSTowUiD0zwzQUHnOZEAVCkfILEP7qPjc82ASJ__GFlGykfGm5IL7CPOOdKBgzSV5YsC9Z0j6lcQnrwQwU50yK-kUD8sFG6oQEueJlcs4BueDdr8i-lZRq6PBCH77SglIUSefe6JHzhP4d6vwLXVj0nPzPoGFZjWYgtv--tXgXR2xw-6SeFyaAd09YRikHdMhdb-GDO98aV3Ng_-bBV5qhY1GFJti5XkUoq00-VQFzycL4aS2OAdGafA3MCVA_So0R0qNApt9DRi0M6aqU-dNdZeP4BkZWA1XGfWPt6HFPiCXp0MvXiNEbTJfJJT-kIzFGI9BIA2GzUhP8BE_W1j1DOsYOUl4amex248EZkU9OBLO4prmWH8Q2aJ8kCTZzsQofmEVmraJTZ5zH21du63HEUp8jN4cDCdDryFOyhZcDIolAhPcpC-4o5S2fWiS4nO64jQjQ5Oawz-Vg3VdqinFMNsYTRndBVTuFRSk4DcRPYq-l1dpnMXEfKG38_UrcGccDW8i7-3KDq9JFThttlGImdtQ6xiCcd7v9pldcPhAweuFjjkugc6yfhCRlLuluA8YUgrnJq64Nhwzo8eeCRmqmPyMsrrJS0jmvD5BM0dQHM1CuM2XjqabvZe_hcliwXrtF-vUv-yvLuVg6vYPakQrtGPPt-XrlDbabz-bsXAa80XxGljqF1CJNpqOlhwS8FdXobnt3crZy7mczhdqE-pUiilztYq1GLeD-XN7924T0_OdB1MZOt-yei_KtNgyFowsGeZLQL6kGZ_Mj_5hBrIyhUnfK5o_c6PcPUu2dd6ba92F890esESOuezVIQD-zu6zPK8pvssluFXO1aMlAzUhe1nBxNBdR_H46M8q9LfwMDTbfIEuCG0FYnSyaQC9KGMfHvd_tFBQ4tK6sQJS5r9L6PTCij7dYZfeOtW2dsSI&sai=AMfl-YRBE61CxGZpr1ESQtVuFRXOUEtFlXn79XoxcmS3h3kan-ySRvb8m44d-4-PiQEozz8PMAIC2951LhMm8Tfe1fuoiuJv1BDUQ-BrG1MLN3UufcJruLL0wl0LJBr5F89_dBfTYgj0Lm282QOuat6cJFO7uL5XJsAPaosWJqCm5Vz7EAtYhnuBo4c7cVKMI28CNrtcnojrxhOHWIdd0FdfiAjAEMVw0PsnX8oteQY8k_p61M2iY6NX-7xKlf3N7DhMAabR25FvR-C3JQ&sig=Cg0ArKJSzOAt4jjwnc24EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=229&vt=11&dtpt=228&dett=2&cstd=0&cisv=r20221110.79174&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 05:10:58 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F739 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWkzTYU6AY8DGO-PF7_UP6-SfuA8AAAAAOAHgBAI&bg=!i4iliMzNAAbvMpMzzzI7ACkAdvg8WnQCi4fn6XzrZ93wBoM-sedem-sQ5WrUWBfD0LEqg1RwPIJXEQIAAAB3UgAAAAJoAQcKALPklQrpbPRiuLxwxcOXRlo5GY9hMKdTloHp96dSX_seAKLyTpwJyJ1mgzvF2MmsiuKwvRExw-qAlSXLywsHWp_7pxrpr9L0AGQ53RK56HGu0QMFFWPpO0WIEt-r3po88SfO1C1LDjhvo689X5Sz9HcJvlPfMH6sZiC6JP6a3jkwEpLf0CDcuPEa-vklES71ODyLeTVhL41TGGewnpjyMiykGoE0J-DIb0xyQ6mnZ_jPjghzfpkCyShEvzTMOSZ66oM9ztF6X2fWSnhhuQGYR9SaIj7nQ1wb8z2PXKEDG9AxTPYYhtT37POcA-G9ADLp8gRjTzTC8Fcl-bESfemwf3etMqUwTZM0n6bj3AJ_tCxiIk4vbGSIQK8kDS8TAiZbPxX3Z6iHG-PZFPDGkOCZyHKaNslhE-hRVApsksM6_2U76IU7ZF8xx6ZICNhw0m8I-nkP6KihArpi4o50of0U-wiswXKeUVxZ7vLm01Ek5goJdY4U82YvyTb6htq6pkVE3nY2peSNFjOp943UmLPvVfJDaBY29MHSPzRQ9zJcergj0YftiYmVG964dB9KQVeYFOf0DVX-VSadXewAr3nijfvsK8KfFCrsNRs1dvp7zdpzJZFoHDCd28jcKrBxf2qwL9tg9xkBg9Uk2Es-QW5oLLTK678StU7mfueG4RHOe--1D5YBtUQ-xuM2TfCvfH7XDnGe9xH-4VTyTWHQj27cHxWijQjcXxo6uH3ZzwIxf062V_glQGKck92oGuzOtkLWGlkbWPVsLE68xEq8vaAiU2VktJ6XvYu4hf8bLuwyQ72GGh4EnKNTjNVcaMGs7NWth6qG7mL8bKJo5XGvSvVNQ2DnHkNHEzKooGvs3CH18tGRiCNJgUbTbu__80jcGMmQiDWuKsR2TTRcLWdn43FPn-UykzouUI77BbvYRFidr4Zj9sJs86fzRvRfrCvzZ-qGHp--tGWdhhYmsggBFCfQ01BY8f-KkEI8maSniG0mCOHyEuqcaBBuT55Bxr2vfIOL768UyFPxS52lCYG15hY6Ao6rZ8RSAIQ_F8yE9EjbbjD_l7wdxdckdTQLyniuLlo0Si85eROqj19661lPlwL_yqj1VBUBO-q82iffdIdyQypXg0OypdOKcGCSp7MFKW2IeeEMikomT63xRyqK6pQkT14n7spFUszHnks9udALycf1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame B4AA 0
327 B 363ms
123ms Ping
image/gif 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~law1pjly&c=8033825835273&slotId=4016912917636.5&qqid=CMPWiODIyPsCFVf4dwodD7ACiw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B4AA 9 KB
9 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 293668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 19:36:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B4AA 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 34123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 19:42:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4AA 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CfsP7YU6AY4OiKtfw3wOP4IrYCJe3zc5tyoexyO0QsJHli7IwEAEg6drNImC7hoCA0AqgAa3bprcCyAEFqAMByAObBKoE7QFP0DPA6cmTrzl2BTwC0i5peD5_WF4Ud0yb74T-BBgLny49ldsXCNrZcolT6Ud9CIk4PdsWU1PhCM3G4-tjRogmBM9zr9OlkGDslTI8l4O164l8OGVDEDXHfAp35eJsj1XQqwSX-SxcSaC_AGS5CoRHm3YmEOLEAQ7DhI_VhQtpdSiFP7hRBEg2EwPHriL8oSLoWLgYQRvjD8OQNsUcMxJST94nL5_-gf3s5bVP5gzgu6hhSzhoYwkYD11cvRW0tGXyvBK6vXGswDlfsRxsbBLMPdhadFuezM4GK590LgfEcRQj7vSkXwCL-ckEn-jABPzFtv2WBOAEA5AGAaAGdoAHu6TZyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE7SqoxHIE93zxeED0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1669353058451&ai=CfsP7YU6AY4OiKtfw3wOP4IrYCJe3zc5tyoexyO0QsJHli7IwEAEg6drNImC7hoCA0AqgAa3bprcCyAEFqAMByAObBKoE7QFP0DPA6cmTrzl2BTwC0i5peD5_WF4Ud0yb74T-BBgLny49ldsXCNrZcolT6Ud9CIk4PdsWU1PhCM3G4-tjRogmBM9zr9OlkGDslTI8l4O164l8OGVDEDXHfAp35eJsj1XQqwSX-SxcSaC_AGS5CoRHm3YmEOLEAQ7DhI_VhQtpdSiFP7hRBEg2EwPHriL8oSLoWLgYQRvjD8OQNsUcMxJST94nL5_-gf3s5bVP5gzgu6hhSzhoYwkYD11cvRW0tGXyvBK6vXGswDlfsRxsbBLMPdhadFuezM4GK590LgfEcRQj7vSkXwCL-ckEn-jABPzFtv2WBOAEA5AGAaAGdoAHu6TZyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE7SqoxHIE93zxeED0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame B4AA 30 KB
16 KB 158ms
73ms XHR
text/xml 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CIJD6OxdKDAfCuz2tTHGvEI1jifUMPvhu-TNy9EU9GRLk9BAB7OPvInSMMoHZrGZTZT4zR_8n2hztN1a6RaPfQdESlLw&cry=1&dbm_d=AKAmf-BDGNZ8y_3wCDVG-Kb9lGlH_RvJ6LpIbnkUMCcd652udl3Ue-pxFS3hPOT9cTq9v8tw_vd8OTJJVWCsrzjmKJoYwagiaN6dIVc8h77kr_41AGnNIs6zVGYjPImgMV_e88dkcCIXHZEFybM68zM7dJCalpSPbZDzV2xansYocutxint82JeweWgGfHtAm_YaRWgxayC8aPM_VKpwpjlexHknl--T8LuG_WHxEvsiH1Jzd_jlSZkeZMY8JuOAodeAvGDFmb8gTyPQSTF_TxXYvoBaod6mWvBImBfs0x2qGarVi02x04_UzgOaGD-sIF5APX26VcE6z0hAadSNUQjAeonN98DPJtIlGoLTr69PuJnuUHBX8_Hk_rA4vmhMlYonoSzSlKjKmwgh3xOSbKX0KE01hPNZHmTUjYjAHmkAnaFmwLI6zy2doWMxuw2SWgBnU_ge9cNQsC0mA07bEVOl0-bMzL46_vv4_rB1HxmozDHIh77DKjohe9YMCZHGbfPoVj-ET-Up956NExoujOSl5jAqshJ1nbyhUQiBOP7DbhkDXKvoTAEdUDnI9eaRJjZKCar_CKm6zm5XlnFXqHbDrbg8JVVwPu3GVIaw5XTtBa0tBKEjFGIuy24UcSPcbrph8DRKwPLJIRCEQBuJdbenKbA0AlklTzVBRfPfPZOOKFMt3s5a1MCwtbERaHg_KUiXGPXCToQXo3M83vkBdxK_2zlxvjtDUPEgBbUzCZLdBpzDZjdrqj-IH_wSk9QWk72sgzh72kxIk-L6fBXvXCPWuwQfti20sY07ZFff3cYsO7ox2NQz8CTGkvLCbV_2mBQtZbagz1haiyx_FNB_PqmLMaleoLkhDjekXY39VIeIItPt1tToxRXB3Xg7JCjUB94GOgASxfi8KMR6KRnPGTmMH86AFAbKF6ndSr25xmr2xU-SrrJfcrAvFeFNDIRhWHIYlNfDQFeGCDYk66IVh7NlTeAeowRWbVBBhWmsycC4By4ZcO3yGxtCn2SwhlqbWE_jyrlV70nzM9fgj-AXC8AIQb6q8jBnSfYtjSAMCg3Iy55au4QP0kk0tzlvyG1M9H6SUOtzmctsT2vLpZw5ZZi0ByvxwmmQSeftDvvVBoRmqfwiCbyaMNeZI7HRpP_hR1q7b2gUmiemisoHdrBerIyDmyIo_qY6Wxpy9mUZqorQ1ySXBjBxb-Iv3mVB7P2AlHYk2fjk9mHfq9B4s8uuMOM-QLtj2gIQTfHXSaGdObmEMMNjzrdu16HsaCDfHFEsiLun1_EA1XgGQzaoyBwVcbcRikF24OZv27kl3FqifGCoqLGolvX9EpgthWQc-_n_jHXfMfWA1F21qrHpvP7HWyy99hGw-60tgO8RCfo1604WCebLl6imgRY42fEBR7zZm_uard_Pbtm2kXwFPt8x-kDhvUMa9eAeZ3JXfFcQbR2HoptriMhe-ycmPflc1Tm8pQ-uuPa8-B-5aTugrbNHaVEI2grn_a6Njat2JfgNTWM_VOmmL2QdQmox6vsQxcJDKLN__VGuN_LTL5dI4akh3dk4kMnTIlPA4vfrDiUqT34EFBMBiYyjXCQgnX_GPqMbYKtyKFejsQVyrpEs431BCMTJZuQujWAYvP-VIgsy9luWGGYmWh5w7TBVoIYNq73AfLE-S5IgdWHLV-YAv139L6NLj_M3ZPlIIOlW-AM_qyz0UQos08E3b-fFm6QIIfnS_bA5KZss0vs1Xzi7fLP8XsDEuX5vYMYP0uiPIuQtopvB8vg1F2vA-6ObpX_44tizlg46dPB40IXxmaFdu1j-a2NzVcC-t-5XClteaIVn2GBMTmqp4Oe_wHdj5UwVQjcM3xDBUewosj_9QH1gPr7W2WKuIOBBrZ5aAurlr6zmZtvMdA2YO2u5y-lohTnbwuxzmD3JVX2xUDQ9MMtcVRlAjTX1nnPUUgfOcbuNQdjQaxF9RhJ3laLD645o_URBZbciJAeLXKjW_9GKQCxQH2O7hFt8e88FyGKeQ-ocb4jUZs_yOlNkcprHBYmhcMZIQCBHkM9UvIkpRY_WwagvTlzbnp8JE3ycy40SVipohSDHhAE5OTuHy1IR-VGPmq13SQTSPLR35eYoV9orvaiZpQYE42xxrqV2IMaZ3QafsAoAypilO_fW9cwTQz1WFVpCydijZKrqVSxE-sjR6qDlGID57RDQoDH77-5aeHpaKzeJZ7aPCOTkvmmXrdPIO4MMN1E4R1tDmUPqIdOOWDnPfGAftSjA8gnAIGLBtD0YcRqtOHgDh4gy4XdRE05s-UKDA_XRJAS4cvRozbUe60e60ZNjN9hB7FH3bJZ9rAYGdEoEronRVDuPPmZ6irsYl53rYDQvOgEibYEeesEUAdkLPueuoC3s_1jX02iANd7ohDzyIGA6FvGqQ3XIU9eX6gZdZHGvN5NyPnUZ6RwsII90Oy3UdeoGVGFnvC1BtmiaGYAuUUzcS2URST_5vjq4tsKizESItkYoYcsOwIo57cPiRuOY1ESaFgkjk8Qgd2tyHG7LgICbPrPpQA1F0rjRY3TQiEQitP5NBseFoPvGd5-gv_8kygTj-mo8ln4DaN4AjMzhS2Erg1bizkjuM7555bSzZicSAQ1JxvHHe7Cf0K-JzdwZOzZccd2wqFMzPPYLURp5SQluMPqCZajq8KwkgFvwt_rU7NEVGmm4d64SUWXcxUAvidvXXmc28stCvCm7cI_dogkgVrz6mDwKddqQOcm1Fi8uNXr2tG8cJoJZRvrG-7fRbvxCBgcmVeGvr5v7YjMze0Mwj0NpjGK_CikrUDDtJY5fO4gfsdkST1God9aIE2d_y9FeDJKXyYOh1vYSTeG9yF_h1045CDL0G0j3Wo7OQC30BsFlgBAkmoHMpxbb-RgoCEHon-e7zWaMtIk9keOVbjznDtORmolps5rbpri8WdO4Rcr9G4Fz5jFCrc1mbiv0KHy7_pET4yzF8qlDDxiy91lylalqdvqSdT_7exLJdKKSEqK2k8v9dBEmAhplHqybl-6W25Ij4Dq1RVDV13F9VX1B2kR67FoaTptx0ciGJF2s6x8ZrF2rMwN5v7wjpJY1a6drasPg_TgiUQ8TUXQRLAPVPZH-iDb8tXDZDrXG1BipZliKLQqenVh51HVdZ11VUUD5rT0bQm2sJAsG2fD_6kd7Ucw6lpkB_FGapciy-p4wHgpMQc_b39ThMCtmvUaYVWHNMxN5Eio9MjkwQEnr6V9F5Mr1pTwieqhHN2zbMCE6vXp136uO4l6M2dditPYvKjoe3xZK40D_Os2hNRMcQEbtR4_f-U1pRhUokDwj0YWl16pn27_W6fwibugR9Vn7kNXKVoaFcyB0TXpkqcWa8jMw_LtewFgzxGMK-Yf1SrUzRkAgxYVOlOljmGq0QU8_67564mpYIP0f_bugsvbqf2AmRaTBlrz-pegRBtE6t-J6gtopyy9eCbQAqZCWqpN84q54yiuVqBjqp-m3cWdk9AbzSaB9OW4lKaKKMeXJgrQbmmNN9Eit2dzWYmQTNUDsOi2lfq63RPeCDDeHn6qekrzvDpTeKHpB5UMnxgW1ISpqznE0wN5__STc_sYR7I18_fG8Uk6PPS37RbrcN0j6ms6zwet0XGY6PUNZv2gdGvULZsKk5vINLFTlLHPiddW7ndvHQsPifY8f-0sDma1jK3-TrmaCZockqbV33Cv1ISRySqahEpWz8X9AOjI3O8pErwiKfuN1Q-zTDhtSIawGjy2JVEkvAa8-mu5NZIi1DTiw2FMOsEvU_bIMUZhlxISPq52H-92er5np3jQQQ2AuKXIl087m_3GqzXiQ_JWxZiGiytV5u5kwupEG&cid=CAQSPADq26N9ie9ytItxcagnY-8ItY1co5IT6AP5Wd6RQqbDRJvDFWNbjG7dFH9fVWtqW3NKpWxi9kRmtTgYyxgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

cafe /

Resource Hash

247a016cd7eb271ea01fa481bef03bce10d9a37dd4c661f0bcb34cde421861a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16150
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B4AA 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyiHhYU6AY4OiKtfw3wOP4IrYCJe3zc5tyoexyO0QsJHli7IwEAEg6drNImC7hoCA0AqgAa3bprcCyAEFqAMBqgTqAU_QM8DpyZOvOXYFPALSLml4Pn9YXhR3TJvvhP4EGAufLj2V2xcI2tlyiVPpR30IiTg92xZTU-EIzcbj62NGiCYEz3Ov06WQYOyVMjyXg7XriXw4ZUMQNcd8Cnfl4myPVdCrBJf5LFxJoL8AZLkKhEebdiYQ4sQBDsOEj9WFC2l1KIU_uFEESDYTA8euIvyhIuhYuBhBG-MPw5A2xRwzElJP3icvn_6B_ezltU_mDOC78GDRzfvxT4qX6aHuhEnV1m-Fliemuz_d8-SiPGboG-UlcPzxYhpzXy8Fh_7BjNm7pbTH2LzFgW6qWMAE_MW2_ZYE4AQDiAXOl57HRpIFCwgiEAEYAUjultwBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAe7pNnIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEP2EDximoLPaAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBO0qqMRyBPd88XhA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi04OTAwMDY3MDIyODg3OTM4GAA&sigh=m-I2Bkb8X-I&uach_m=[UACH]&cid=CAQSPADq26N9ie9ytItxcagnY-8ItY1co5IT6AP5Wd6RQqbDRJvDFWNbjG7dFH9fVWtqW3NKpWxi9kRmtTgYyxgBIBM&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=1583115137&pi=t.aa~a.572225079~i.15~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280&nras=4&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=2375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=XzRacV9Uxf&p=https%3A//megaznaika.com.ua&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 41F0 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Fri, 25 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B4AA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe312441a08b62cb2d34cdaedecd3e0016e23e0aecd37ac3f8f3b9d85057e0a7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D2A0 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:29:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D2A0 8 KB
716 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 05:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 03:40:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Nov 2022 05:10:58 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame D2A0 14 KB
3 KB 121ms
40ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 10:02:14 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame D2A0 388 KB
131 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134376
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 10:02:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame D2A0 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 10:41:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D2A0 0
0 47ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnnOaF86eQCR1qV4DOXe6ngAPwbOKAjXS7pgwXFN8Wz1wmv9FlmFiO6rMVjZ0Ilc_ph06GHdynRtb8qNpgckil4Q_7_w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41F0
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA24YJb6lNQfObD0ofY7B-E&google_cver=1&google_push=ASkJ3FZmgInxsFwPAe3Or84cR00lq9M4hi4_Wzbz7haHSPiQCN9FlbljIJ...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZmgInxsFwPAe3Or84cR00lq9M4hi4_Wzbz7haHSPiQCN9FlbljIJUMuXWq8SCEEbSVFgcV0qFnXo_XUpP5o43FDtAtRLk&google_hm=STc5hCssAaZfb...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZmgInxsFwPAe3Or84cR00lq9M4hi4_Wzbz7haHSPiQCN9FlbljIJUMuXWq8SCEEbSVFgcV0qFnXo_XUpP5o43FDtAtRLk&google_hm=STc5hCssAaZfbfaT-PGc2A

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZmgInxsFwPAe3Or84cR00lq9M4hi4_Wzbz7haHSPiQCN9FlbljIJUMuXWq8SCEEbSVFgcV0qFnXo_XUpP5o43FDtAtRLk&google_hm=STc5hCssAaZfbfaT-PGc2A
pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 41F0 42 B
60 B 38ms
36ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3Fbrl5O229-W4RAdVA9bmkOVsVUa5w3DMj55yvRY2ScEWEZobC0w-Ufeh97vwjrz2E9wtMt6apjbl8J_4esJx9Zfmg-5ZJg&google_gid=CAESEJDzbk5u4WOzShvDbsu0U7o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=1583115137&pi=t.aa~a.572225079~i.15~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280&nras=4&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=2375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=XzRacV9Uxf&p=https%3A//megaznaika.com.ua&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 dds
rtb.openx.net/sync/ Frame 41F0 43 B
64 B 63ms
31ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE8qsZYRTpQ33CIO9U2eDqQ&google_cver=1&google_push=ASkJ3FaL-ATTgwodDm8EBk-f9y5amXD69V_uavJX7Kx-TuwSYmvOgt758eMLkDigSw2VxKGFRRnEMeCXnqwRUFmR_g86QoKqFNI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=1583115137&pi=t.aa~a.572225079~i.15~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280&nras=4&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=2375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=XzRacV9Uxf&p=https%3A//megaznaika.com.ua&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:57 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 6iasjt0d0770o0kq9e3ac2iugopucvab

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41F0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iSkFev5S2-R_KgzSz_tww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iSkFev5S2-R_KgzSz_tww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ66teh_hMJ_ibqGPwowglnS2cTxkmIUQ74kwG-bsoyTDzuXwGfxtelqy-wmqnLB8OFCLcVJ5_Ii8NvzHW5w9JGORDUwA

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6iSkFev5S2-R_KgzSz_tww%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ66teh_hMJ_ibqGPwowglnS2cTxkmIUQ74kwG-bsoyTDzuXwGfxtelqy-wmqnLB8OFCLcVJ5_Ii8NvzHW5w9JGORDUwA
date: Fri, 25 Nov 2022 05:10:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41F0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP_lYTYRyUK3ctUmw5vOoz0&google_cver=1&google_push=ASkJ3Fa0pORFXgHdvMe1udUNlSxCrF-qflrACD9rpbfAG5oDZYHRU5v58vQG6W8jRsmC5nktJfF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFXMVBKUDQtMUQtMklOVQ==&google_push=ASkJ3Fa0pORFXgHdvMe1udUNlSxCrF-qflrACD9rpbfAG5oDZYHRU5v58vQG6W8jRsmC5nktJfFrq4ugpsHONiyVUkASbaX9qA

170 B
188 B

52ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFXMVBKUDQtMUQtMklOVQ==&google_push=ASkJ3Fa0pORFXgHdvMe1udUNlSxCrF-qflrACD9rpbfAG5oDZYHRU5v58vQG6W8jRsmC5nktJfFrq4ugpsHONiyVUkASbaX9qA

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFXMVBKUDQtMUQtMklOVQ==&google_push=ASkJ3Fa0pORFXgHdvMe1udUNlSxCrF-qflrACD9rpbfAG5oDZYHRU5v58vQG6W8jRsmC5nktJfFrq4ugpsHONiyVUkASbaX9qA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 41F0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_hm=Y4BOYmC3RebUvyiwXHMs4wAAFBEAAAAB&google_nid=index&google_push=ASkJ3FbnjryAr3m1w4Vp1jYM8fUeAuzhiilBD...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_hm=Y4BOYmC3RebUvyiwXHMs4wAAFBEAAAAB&google_nid=index&google_push=ASkJ3FbnjryAr3m1w4Vp1jYM8fUeAuzhiilBDn7h7wv0Plj5pVyknX3sgGWJC3JUDetGym4CdPB2byYcHe6_nyjUJWEtbN3LVtI

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCdxAeIczMagBthwRrGskMKC5q4BxqX%2Bj2i6WBDzdd17paVU4WHvS1MaQJcOvQU7SnVrlwDSepxpjGFcsmc90fBtikA9IUKfCat0rqghXdYCTSbETFJsNXpjU%2Fx4f1UAaSpUUqsIswUcng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC4_Z7z7N01Dd1PoCqgEdz0&google_hm=Y4BOYmC3RebUvyiwXHMs4wAAFBEAAAAB&google_nid=index&google_push=ASkJ3FbnjryAr3m1w4Vp1jYM8fUeAuzhiilBDn7h7wv0Plj5pVyknX3sgGWJC3JUDetGym4CdPB2byYcHe6_nyjUJWEtbN3LVtI
cache-control: no-cache
cf-ray: 76f7e187ec9154b1-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 41F0 43 B
296 B 281ms
43ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEF-7vFur1Mug4nLg0cB1-Uk&google_cver=1&google_push=ASkJ3FaodQhvBg20WLILRiexMpD57OJ_EZbzQmDAfU3FcGMIj85xx4O96_dalKvnr6pzjYNkA0nSPlPyv_nrBMEpTNOJDU4Jcxg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=1583115137&pi=t.aa~a.572225079~i.15~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=0&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280%2C827x280&nras=4&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=2375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=XzRacV9Uxf&p=https%3A//megaznaika.com.ua&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 41F0 0
12 B 50ms
49ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9ZdhjzoPLYFSeNzVOXDjq2JFkEQ6Z0h2wcLzwbSp6XNiUa9IdHohxHzehlqqD5dSaTybS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame B4AA 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 10:02:17 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame B4AA
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

168ms
29ms

Fetch
video/mp4

2a00:1450:4009:16::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C52F18C48DB48182DA9B89D8F340D0367BD3655.6817829A888CB8EA3B9E17D2BD1CEBBB73D053D5/key/cms1/cms_redirect/yes/mh/NB/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigzrnss/ms/onc/mt/1669352159/mv/u/mvi/2/pl/48/file/file.mp4

Requested by

Host: megaznaika.com.ua
URL: https://megaznaika.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4009:16::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 25 Nov 2022 05:10:58 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1745046
Last-Modified: Mon, 21 Nov 2022 15:38:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 25 Nov 2022 05:10:58 GMT

Redirect headers

date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C52F18C48DB48182DA9B89D8F340D0367BD3655.6817829A888CB8EA3B9E17D2BD1CEBBB73D053D5/key/cms1/cms_redirect/yes/mh/NB/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigzrnss/ms/onc/mt/1669352159/mv/u/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F6B4 23 KB
9 KB 40ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 500920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 10:02:18 GMT
expires: Sun, 19 Nov 2023 10:02:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame D2A0 0
54 B 122ms
122ms Ping
image/gif 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~law1pju9&c=8186440365927&slotId=4093220182963.5&qqid=CIWeiODIyPsCFZPWdwod5CMJ3g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D2A0 9 KB
9 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 293668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 19:36:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D2A0 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 34123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 19:42:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2A0 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CX3ToYU6AY8XpKZOt3wPkx6TwDZe3zc5tyoexyO0QsJHli7IwEAEg6drNImC7hoCA0AqgAa3bprcCyAEFqAMByAObBKoE7QFP0NCxnUFmTtyue1TxldlA1QRx1tLZncNWqhS2KcYkF1Us4cdg55adNbhBjm_dfLEdXIo1p05o4Kto3P-1os6LJv3-8YiyS7K5eBfI57-erZJ3dO-YkF31k3jFS3YTVYESgEmSNUJs_X6eTEzl505RFa2INPl0U9U_mDBGv76C5NQr1N0TqD7_Cq6we7OS6Zzi20YTqZBkZcqII07bOoWjAmpxSKhHuP9vBvNBAwirJknZ1zXkYAGptpOC22-n5dkU2JZftPOSixgCD9Tdq7rKZrUlie9reHUZR_mwGb6WWss2LON9UI8EuG_u8FrABPzFtv2WBOAEA5AGAaAGdoAHu6TZyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE7SqoxHIE93zxeED0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1669353058756&ai=CX3ToYU6AY8XpKZOt3wPkx6TwDZe3zc5tyoexyO0QsJHli7IwEAEg6drNImC7hoCA0AqgAa3bprcCyAEFqAMByAObBKoE7QFP0NCxnUFmTtyue1TxldlA1QRx1tLZncNWqhS2KcYkF1Us4cdg55adNbhBjm_dfLEdXIo1p05o4Kto3P-1os6LJv3-8YiyS7K5eBfI57-erZJ3dO-YkF31k3jFS3YTVYESgEmSNUJs_X6eTEzl505RFa2INPl0U9U_mDBGv76C5NQr1N0TqD7_Cq6we7OS6Zzi20YTqZBkZcqII07bOoWjAmpxSKhHuP9vBvNBAwirJknZ1zXkYAGptpOC22-n5dkU2JZftPOSixgCD9Tdq7rKZrUlie9reHUZR_mwGb6WWss2LON9UI8EuG_u8FrABPzFtv2WBOAEA5AGAaAGdoAHu6TZyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE7SqoxHIE93zxeED0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D2A0 30 KB
16 KB 141ms
72ms XHR
text/xml 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AP9rXOSAGs5CZaVf3yJ08iVpBjro0onvtoZVggogAWWm_jmGavzqHuD4BdPsHwQg1ooXMZpgBC0b48BBXABIO5FDinbQ&cry=1&dbm_d=AKAmf-AfZuMUVZITWFgO87QC6ozYhN1iRPzMmCNsJhobHoW0-Tvw-HcHSPBMYfpl3cgJTIEv1rVmT7h8mZfORsTmkQFHzPLpWk_9XwTOZP2CdU909zBeRPI3ReSRCM_RPJfv7KQbBxq9WGDQH9zuZ3UENle44-YhZ7LfzlV5im-JWzDqGBSl9GOIQLoWHTsAZxgfhjWvrmH8JJlfKLtAKuyGMGDekMNwBQRBPbG5iNnEDzTAjs0ViIIt6TvdRO3Tq1WEGhqQXDJggabaeJInDYJJt-mmo9ID485b_c43dFu5VUktVG5R40dk38QpDTiLH2CjYArKiKTAXhTY9mzcFAgh6HfkW21a7gbjlH2Pfi84yxOq9OMPsyCy0F2C-o0FH8t10icAlHc7k4N2bNe22R-RPnVWfo2a1loylXQbtimZVXfObme49G_-3Mc5ZG5q7KMMwiub35Ls4koujlqUBxNYaD3wqHfQkzxztCCneJxbTdMngvF_-QnV9UDkP8fhLIVY5Bkt4iOxmiSU50wAdP2Cg5gFdelKbn5xvPrUjUOepLfTbdZJg0u-Qx3b3NfSYIBKqTjJ1iIDXk025bz2xfpHsQ_aKIGhkUNdpgKNuGRtVVo6pwXQ-Yc82M_RRoKOkyeW4Hu4LYaZMiBH1kV7H8MRw__XIECG_niP6RSH5tBNAdVS2gxffpod5kcJEi3G5f5jsCtZd-Eid9H37_XPs84Z8hdxG0skjU1SgPogF33qAf0jpJsLbfGOvj-KYoInpecY5XJLGJF_sBYFXlQssVDMkATxQbX3WevdJ4wLwJQgsuGcS1PTfRKgOoQF0BlZL_FYEHllBrveHHmB7cIzJbqzYw0jLDRXRnEHxXzgY6BorgzIo9uga2qO9UrSGpnJFkU-nlu4MPrBsB4l8rf4sz_vsxWOFyJN634vKn3Tc8InJVrdLEngIpcyZHGgsBxbMQaxNFbC8rujs9xQwjqt1GRbXJWV9CRKM797WRZkOOl907222KuIGxIdOt3tKb37NJLLCULGgTtmWGFA_VpEfPrA0FwSv9MnP8bzoHLYlGui8HSqOuh-HePKlJTNs2Byp-8abXPtDPTq7PWwsYqUXhTZwsE68VwdXuy39KpAR-Ej669hAD67JUbmzuug53ikmMhl4m2MV4dtLvsO1o7b6txIB7JGGsF1wfMGKyxAyAJr9S4uV_exd2ReOE-R4EHmgsAzWEB-_GBFkx4ZLbCQDIYy3u40jIqipPPvNLfKTxnNhYb6yJvzRIsoJHvGWrY6EywuozsuLcsRO0IozORYrWc3rSYkm3FEQs4rdAadJQxp4u85RZjOacyhiE937g64Nr-YUynA3lLSBBKtK_pL16X0CA1x2btUvDS5brzVb25qzYh72RdMH8lXzcQpNmk4vrNYkWUsmeFTMWexh_MmHJfU7OQp9RGlCB5Y_dI0YuZNZICNJpR5lbxZ6Edo0V1rxct9nYy2B9wa1NbAgpuMjq4bboTATxTOWRA0mP31C2YKPmz2OIjeYcORDkh5so7nNT2DvXsxR3LRbO6n056zl9_P7hTss99_6bodNOn--qx4kv8FTD7_bhlMaNq7AnUgLleVCI43D3x7svALFzSIVC--cWWkHSdR1NYbs6KQ1lDNY_Yv0JzEIZIFyeFrosZJyrPEZTxhMLRpTSvKOUqcNWMEJdX1d8BmQwzLfnR7QCBOfOhzq3wgJI_cQvRczDBuOeWdsmsElV4AMZKLpcseUSsriLJKLScDtcJ8kYgB8JLQ-dDqyT6CDO1b1FTqDH87DTionNBWRyBDpPbHzRY2XRYJ4cXISaQ1JsgxKWWkxO3N6fCYbSB7pt2S37J7sC80HCuja5BPPhEjCcU8v4fFTZcXYBI2P8XRmVFGYk2q-WkPSV0sA5sk_awX42u4313BUoYOfd8S890vxUCXa-sYrXPsuEfiP8zM2gYMFlYrbqa8TPn5fravrcRgsfASmUFp3x-Jvh9s17qEvgJJ3eNPtMyGCxFbCVnOV43PjSJKifYsHZaaRocfVWiIOZ-YR9QGh2A-shHYo-E4csU7VQSu8dY4pTSNnhbbSkWbB425nGs71tzCqAGoi4eMfqywG1Fu8SxdRc7_QLDWhPdMG-Bn0SIE7WC2H2YTwmje1CbmDvEQPo9F5Ns34fS3xTq3ExzUvQo_BdmS00A5sHszo61HCM26gNFErHF4wWlnkNrbTXIS6XlIp1Wv7YPcJLWSMBVR4UElAmcLULFdrzS8DFRiKjx_kVpNyzLCX4tHchOWU6itoyt1tcWN6ASGJgjn8FLo2H1BFfpXwuUygcm3h2yKjGX1S3Ot15Mph1ANX45gyVpiOObBuS3jqz5aWZFfCMCj1SLU9RfRrgdYaiO8YDgCOFyIBrUZnCJSXpxk5mzrKs6nEg_fVyjxQTejNhnGEEnwV7fGAEtpcCIitWJ9a5debfwGZdmhDaSIXdMITnOzRua14PwUZdTUVbYD_j_fIcbSNL-UuWaD4cpckF1pUsjqocgpEia-NMsQiOPpVtDVurvIEvSAO0uysfERWLld_G8T1TXRac32wJXg5d6d7sAkP3XJHdHVl9rCId0jibDrBVPZpgvjSuYmU6VGXLMWFWEu_Gry_NxhPaL_MaotmC1vu2jkjfv9D-j0lM0-vTN7iV002AZ2SfD67ZxtQsuo401YJkY91XwMcd4YTiigVq05xXUAVXSJqehsVFevDDJ2OP6DXk7KSJT49yv9L14sWCkAUsjO7PHf_ckAeJTrDcgoWosdqQsYbo2I0lXfujwdlV_hjkBqF6swA1VeCAo89pgTJlPAgF6GBe1JxRZPk7l1Cy0W2Z63wa0yAv5fPrZDNr9B0P841kJLkFgwAWoom6rE0CySmMPw07QMVSwhPfhDADIXq9tvdDbNf7mHPWL1FK52vYPD4uhUqcEG2UF4AnPuqBHOf96Wwm2m1Mfu99EkhlpZe6imiid60BVksjpdHxfTsweA2iDohD9GYkas46LtwsJOc68P5_wljhu--Bmq4lSnCtn3aQ5sTg8BftdLMRsoIk1KTz3SieHceeFKRjYMy0eckHnI76V5FcCJqknBVkBTnIFCd2V9GteJiqkuIicJp9tKTzfEyEXUKNtKPMpl2dVirrPahuVL-PZC71Q9dfTtvkG8_JmBenG5NWElGAO674aEgqqKDiHs7kq5GFBjwqHkkRiPO2pbAXWk7s4ees0-k-bzKxkbCQVaabxkmhLvWVZFBBexXTnbqTqbYoap4EJB63e2p17kkoa4UR4CjYUk1OIHsaqolgXR1CjcZyWGFzWbSkmewg3PaotnEMxGP2bzf93QIX0h0zh0VjuDf071HnmQ5jP1Rkj1cTB9X5ytwN2H8gwpi0PXjSnNYclVAznBhYqo-8GxUXupkZrDhu6JFHA4ZzuITvQpYjK3WTKeTJ67S_X7Dphkdp7T44la3pBanps1KmNoOwrzwlKsMeLe2MmpKzM8iYrwBZr3wa6hTEc0KcOQjepLWN4H5gbancDpOXOEj9qXGGdizx99jE9B4iBCNVp2y-wrZNi4agx0ksq6yT9R3nlwynIMLfAUow8R95ccyV5N6icgIzqvup6wiqGihUQSlNhEYLO3UHliEfezyeF-hWwHUB4ZY9KR4fpjnOBMnhSGS6eL5kpPAp6HzAR5qTM58OPTZwqF7nQqOOGou2Fn_2ungkpEjSMLAFJrZcWk6rnQ5c6rg7LEG1Zq6T7CjeokENz_YBwgQU5Kpl7zOSmZBfBHptTPvQrklmbdOxIYANrLGV8oJ9pvEY2AVmY9-tE12GzHK2-cpDJRkvq7MPZzSvpthJLEGR3Q2Sj1Tpb2Tk_i&cid=CAQSPADq26N95a-FdIu4c_kDVc6GwBbZ4lWMuZjF8iQrc64EYmiLGaJX5anMRBRsartsFPg_XYEJPMnypOUPxRgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

cafe /

Resource Hash

af836a761446b204f09d05b44a84b9546742c8f0096de686e8b0059310f4a308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16214
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D2A0 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6pbwYU6AY8XpKZOt3wPkx6TwDZe3zc5tyoexyO0QsJHli7IwEAEg6drNImC7hoCA0AqgAa3bprcCyAEFqAMBqgTqAU_Q0LGdQWZO3K57VPGV2UDVBHHW0tmdw1aqFLYpxiQXVSzhx2Dnlp01uEGOb918sR1cijWnTmjgq2jc_7Wizosm_f7xiLJLsrl4F8jnv56tknd075iQXfWTeMVLdhNVgRKASZI1Qmz9fp5MTOXnTlEVrYg0-XRT1T-YMEa_voLk1CvU3ROoPv8KrrB7s5LpnOLbRhOpkGRlyogjTts6haMCanFIqEe4_28G80EDCKsmEdhNwHfyRzsuJ3-I_lqEaonhEsKvOQGW0rkc9Ncvs-N-HYMM1u_H5DBp4Tr2NYuQeqEFz2XKDuHr_sAE_MW2_ZYE4AQDiAXOl57HRpIFCwgiEAEYAUjultwBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAe7pNnIAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEN3SDhimoLPaAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBO0qqMRyBPd88XhA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi04OTAwMDY3MDIyODg3OTM4GAA&sigh=EnVpXMsdbws&uach_m=[UACH]&cid=CAQSPADq26N95a-FdIu4c_kDVc6GwBbZ4lWMuZjF8iQrc64EYmiLGaJX5anMRBRsartsFPg_XYEJPMnypOUPxRgBIBM&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E019 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 66412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 10:44:06 GMT
etag: 48472445140208031
expires: Fri, 25 Nov 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D2A0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1442a354d89a5c3e0a0e5be8deffd8e14a01dc79335194f628be852cc8b4b6f2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame F6B4 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 16:29:26 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E019
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA24YJb6lNQfObD0ofY7B-E&google_cver=1&google_push=ASkJ3FZZk03Wv-Lf6a1AusrYLT5RLf4IHL4p2fJjaGj7mjsff0R1_mVLnV...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZZk03Wv-Lf6a1AusrYLT5RLf4IHL4p2fJjaGj7mjsff0R1_mVLnVSCnTRRiCKSJ4rbTwbzgNDzt2vVNZkY_Zkj2YZ8xG7PMQ&google_hm=STc5hCssAa...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZZk03Wv-Lf6a1AusrYLT5RLf4IHL4p2fJjaGj7mjsff0R1_mVLnVSCnTRRiCKSJ4rbTwbzgNDzt2vVNZkY_Zkj2YZ8xG7PMQ&google_hm=STc5hCssAaZfbfaT-PGc2A

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZZk03Wv-Lf6a1AusrYLT5RLf4IHL4p2fJjaGj7mjsff0R1_mVLnVSCnTRRiCKSJ4rbTwbzgNDzt2vVNZkY_Zkj2YZ8xG7PMQ&google_hm=STc5hCssAaZfbfaT-PGc2A
pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E019
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEP2KzKwhJDvqszbXBFzsIds&google_cver=1&google_push=ASkJ3FaCKCkX1-FM_KcH4KtPn1vYGQ6LUciT3EbsiGlV6KsQKvQi5wXghDlpsJocVqjC3qxAcGsy_3GIYnm7GDB54uo3OFtSMIViSA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FaCKCkX1-FM_KcH4KtPn1vYGQ6LUciT3EbsiGlV6KsQKvQi5wXghDlpsJocVqjC3qxAcGsy_3GIYnm7GDB54uo3OFtSMIViSA&google_hm=Q0FFU0VQMkt6S3doSkR...

170 B
188 B

52ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FaCKCkX1-FM_KcH4KtPn1vYGQ6LUciT3EbsiGlV6KsQKvQi5wXghDlpsJocVqjC3qxAcGsy_3GIYnm7GDB54uo3OFtSMIViSA&google_hm=Q0FFU0VQMkt6S3doSkR2cXN6YlhCRnpzSWRz

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Nov 2022 05:10:58 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FaCKCkX1-FM_KcH4KtPn1vYGQ6LUciT3EbsiGlV6KsQKvQi5wXghDlpsJocVqjC3qxAcGsy_3GIYnm7GDB54uo3OFtSMIViSA&google_hm=Q0FFU0VQMkt6S3doSkR2cXN6YlhCRnpzSWRz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 466606.gif
id.rlcdn.com/ Frame E019 42 B
60 B 39ms
36ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FbSKo5o4phceOd2Ij9IJCHR000StIDon7T7L5F3uFbwuaqzbn_63RSckvk-kvQSkUUI693tsGg4YNMqlN2G7B_Px8qempGOqw&google_gid=CAESEJDzbk5u4WOzShvDbsu0U7o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E019
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZbcpw_...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZbcpw_...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjUwNTEwNTkwMDAxNDIzNDQzMzkxOA%3D%3D&google_push=ASkJ3FZbcpw_dnhy83X3dWL89k8cYZgcAyj64JgOXx0TnWAuDr1sxPvC41ZatjrvLiRSq1...

170 B
188 B

51ms
51ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjUwNTEwNTkwMDAxNDIzNDQzMzkxOA%3D%3D&google_push=ASkJ3FZbcpw_dnhy83X3dWL89k8cYZgcAyj64JgOXx0TnWAuDr1sxPvC41ZatjrvLiRSq1tHRVQeYxrspeH36Hr612_VnvkUv456eA

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjUwNTEwNTkwMDAxNDIzNDQzMzkxOA%3D%3D&google_push=ASkJ3FZbcpw_dnhy83X3dWL89k8cYZgcAyj64JgOXx0TnWAuDr1sxPvC41ZatjrvLiRSq1tHRVQeYxrspeH36Hr612_VnvkUv456eA
pragma: no-cache
date: Fri, 25 Nov 2022 05:10:59 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 25 Nov 2022 05:10:59 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame E019 43 B
64 B 34ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE8qsZYRTpQ33CIO9U2eDqQ&google_cver=1&google_push=ASkJ3FYWFtFLAZVKIdqTG1F48_Vx2GzqE2XxVLUxSVjOZQYPVKW5v5J-u_mcAe9j2IEidf5ULEVqRtT0OXk6YiT4Yy61bagA14Vlxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:57 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: avfkj632qpfeqlfip8696i5vjil5nps8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E019
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEF-7vFur1Mug4nLg0cB1-Uk&google_cver=1&google_push=ASkJ3FYDAXHGU0tYHgFFnNQ2nPMcH__X5A2lkesYHltvyvRqjWRNDAbt5s3GmggndeoYSV_K86cJv5Ki1GknYn6UyE1kg_6...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FYDAXHGU0tYHgFFnNQ2nPMcH__X5A2lkesYHltvyvRqjWRNDAbt5s3GmggndeoYSV_K86cJv5Ki1GknYn6UyE1kg_6gp9p8&google_hm=soVuvs_FQ8-3AjWl...

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FYDAXHGU0tYHgFFnNQ2nPMcH__X5A2lkesYHltvyvRqjWRNDAbt5s3GmggndeoYSV_K86cJv5Ki1GknYn6UyE1kg_6gp9p8&google_hm=soVuvs_FQ8-3AjWlJVIzGw

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FYDAXHGU0tYHgFFnNQ2nPMcH__X5A2lkesYHltvyvRqjWRNDAbt5s3GmggndeoYSV_K86cJv5Ki1GknYn6UyE1kg_6gp9p8&google_hm=soVuvs_FQ8-3AjWlJVIzGw
pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame E019 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E019 0
12 B 50ms
48ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWyR0LBD52bxuxURkcDhr1HgtGni3TTghvcK2EyuxvgtR7nJ6aRrGZPBPTGc3YQAl32bhq8g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8900067022887938&output=html&h=280&adk=1778563731&adf=3301984422&pi=t.aa~a.572225079~i.13~rp.4&w=827&fwrn=4&fwrnh=100&lmt=1669351698&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9164332977&ad_type=text_image&format=827x280&url=https%3A%2F%2Fmegaznaika.com.ua%2F&fwr=0&pra=3&rh=200&rw=826&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669353057636&bpp=1&bdt=1726&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df286ea03e338d2f1-22a195e88dd7005d%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ&gpic=UID%3D00000b86c09229de%3AT%3D1669353056%3ART%3D1669353056%3AS%3DALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw&prev_fmts=0x0%2C302x250%2C1192x280&nras=3&correlator=4157860921666&frm=20&pv=1&ga_vid=473975479.1669353056&ga_sid=1669353057&ga_hid=1907207900&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=598&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770880%2C31070950&oid=2&psts=AMjMPc0CKbG2gBRnRjz6vxzdkNfW0jKO03_WfEnTYV9394owRy9iWHJQ7aKH47MP6o93ctxBNSwdnyWXtswgPvUxVg&pvsid=3180693011408720&tmod=256419586&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=6LHdG0KAv8&p=https%3A//megaznaika.com.ua&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 143ms
61ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24cb8670cef76efee9d6858e1212093101908886d84abb7d34b5e4987a9afadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11261
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD6F 42 B
64 B 145ms
76ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWejkls12PYVJSNw9PT719325ID5LoJOM2mZ_wdNRsdKPg8IkwrHu5wDuMg5WqqlXItqEGQgYtXhU8FV6RjHa1SssfKZ194tSAEdM-CT_ViyRsLgkDI3YMYjVkullA73A2he-2gA&sai=AMfl-YRJgeRd7RPTET3sBU4QUFvw5Ms3CKi23sZ5aYssnBlds99rnxSm-dG6pUTglpVBeg2Qkp6ODT4y37OnI6g&sig=Cg0ArKJSzBO7EohclfTHEAE&cid=CAQSGwDq26N9ggWahY0NuP6vv4e4kUkpTC2T9OJT8xgBIBM&id=lidar2&mcvt=1013&p=0,0,280,1192&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2054353094&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669353056641&rpt=1187&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D2A0 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:02:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 10:02:17 GMT

HEAD
H3

200

https://gcdn.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

33ms
33ms

Fetch
video/mp4

2a00:1450:4009:16::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1F52EEA896AC4725E19517784822B4999FBE2C21.19E7375B4F553B69080317EEB870CBA1C5DB65C5/key/cms1/cms_redirect/yes/mh/NB/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigzrnss/ms/onc/mt/1669352159/mv/u/mvi/2/pl/48/file/file.mp4

Protocol

Server

2a00:1450:4009:16::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 25 Nov 2022 05:10:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1745046
last-modified: Mon, 21 Nov 2022 15:38:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: null
expires: Fri, 25 Nov 2022 05:10:59 GMT

Redirect headers

date: Fri, 25 Nov 2022 05:10:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1F52EEA896AC4725E19517784822B4999FBE2C21.19E7375B4F553B69080317EEB870CBA1C5DB65C5/key/cms1/cms_redirect/yes/mh/NB/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigzrnss/ms/onc/mt/1669352159/mv/u/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6B4 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9QDrYk6AY4mkI-iSmLAPnvy56AgAAAAAOAHgBAI&bg=!aWqlai7NAAbvMpMzzzI7ACkAdvg8Wty5yHo8hcyW-TJ9d4oBKc6yTfEMP3x-7xMPZHGn6mHmZK8CJQIAAABRUgAAAAJoAQcKACaqsnhv4UUFOAEU4bFGG1qG_Bzmw4SvqeJXXNGZtvClQwKfMBoewZkCz4XXyqnJ3-hORkK8ASRYWX0zXCxpH3kbtVXMZ8ShhYxx-E_uSgHE4Kddq7z655hDcIy1uNppiCskge4wBASZZxIRGqslR3s39dQOQvcf0WSg1CpRMdJw18rHE29CiU_DDV9chDQpdWJ5FgPrDCXWuTxiHAjq1DnGOb2L7wbJCzf3B_nJ4IpxMHTc-Ioa1ukZovQc8fHw7D-WhJuQBTceXgMbHG-gsdA_TNMCQWAKFzKocQ-uFifawS8PDCVf0_le0_x2ejOV21pIRZHlkp8GX5Du5CKOOVel3vCAt7MPL6AFso8oHWRV4x89keQ5CwkKSy-am2O6ipqMGV-PuxoLUC3Zom0tRYVEimMRjKa2fWIByhyb1MOYYUFC_4YshJhNgdYId8U4KI76pak9TIJ518YabpBT0tQn-YCCLAV1dffcc3jrbHdGkePnn9bzOupRYQoknRpwvAhl2yTDmtP9kq187Lg3C0QBAj7HW0ndpNqX4dy5pOopzaL39qeR7eluUmkhPGeIOoaH2PhroQ09C1O-KoBHWE_VZM5bZOOhPb6P800p72UUpj9Y0_RkS5AHgWNRSPp3n_m-UdDImsntUqqYiK-MqFR6tOuKsdCkYqkS7CQqf5pAdUh1mqRKDn07khsOR8r59QfQ7xKebZYmIEIoMfPEapHmBtuNSQueGuy7mKeD5Bt0s3Mx11H5r-1oIiR0LcVYIK1jXkFXph1REXgeJeBWcmgYPZobtTqvyEvcBr8DTLcmjhjcv7tFlKWY4O313XlfUfF2uOEZuJURWivs56QXYNgORZGZMgiwPUXJ91l2ZHnd-MQxRRgEuHIvpjPNVjbSSUQ3IALqT4GkZlHgRbieQL_eeJonHvSxOx48_HH3sTN3IAcT5K1mrdqoPu49ufmS7O-zf2wvHsgv0F_36uE5F90g0mA1JzRBfpcXU5CTjv2ExgqvaKNz7F6b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame E476 23 KB
9 KB 41ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 500920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 10:02:18 GMT
expires: Sun, 19 Nov 2023 10:02:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame B4AA 2 MB
2 MB 63ms
30ms Media
video/mp4 2a00:1450:4009:16::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:16::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2671f5dac2a432faf0c0f49a26dba5d48f4f7587bfb3eaa7493f3927b36e50b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 25 Nov 2022 05:10:59 GMT
date: Fri, 25 Nov 2022 05:10:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1745045/1745046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1745046
last-modified: Mon, 21 Nov 2022 15:38:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 05:10:59 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame E476 36 KB
16 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 16:29:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFEF 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 27465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 21:33:14 GMT
expires: Fri, 24 Nov 2023 21:33:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 966D 783 B
537 B 68ms
68ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dd1eee9e67eb8bb10735511fe59f339df47d1cecbefc0ee4cebcee3ce6009d80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bNRWcRLFf-D7P6ChVkKPVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://megaznaika.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-bNRWcRLFf-D7P6ChVkKPVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 05:10:59 GMT
expires: Fri, 25 Nov 2022 05:10:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 206 file.mp4
r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame D2A0 2 MB
2 MB 44ms
43ms Media
video/mp4 2a00:1450:4009:16::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-aigzrnss.c.2mdn.net/videoplayback/id/0205a1932bacd05e/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1700889058/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1F52EEA896AC4725E19517784822B4999FBE2C21.19E7375B4F553B69080317EEB870CBA1C5DB65C5/key/cms1/cms_redirect/yes/mh/NB/mip/2001:ac8:21:e::9/mm/42/mn/sn-aigzrnss/ms/onc/mt/1669352159/mv/u/mvi/2/pl/48/file/file.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:16::7 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

2671f5dac2a432faf0c0f49a26dba5d48f4f7587bfb3eaa7493f3927b36e50b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 25 Nov 2022 05:10:59 GMT
date: Fri, 25 Nov 2022 05:10:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1745045/1745046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1745046
last-modified: Mon, 21 Nov 2022 15:38:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9696 42 B
64 B 92ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu22WPb0yZ35h7DJXXYob4RTgWxPMMB7VLkxLxxy1OwAss3a2DINM2qz4s13va3fqJRK7yrTZps9d7xRHdwAZOQaa9cUWPYLFGK3AqzAe1IezmJoQTECi1EXmisFHDd_bvP_Ne-GQ&sai=AMfl-YTFrvg9GzfwiQmzbQHiKI3RbSHkSTMM1kaniF25RZNc9T9KluUQehDBpi8DRgDeGr_u40hTGMJXqkdQS1I&sig=Cg0ArKJSzABjU3in8aaZEAE&cid=CAQSGwDq26N9GSKCdeaD0XJ8mgqoPWGO2tOYECNFjxgBIBM&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=94,778,1004,1127,1158&tos=94,684,226,123,31&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669353057730&rpt=217&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame FFEF 36 KB
16 KB 47ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 20:46:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 966D 0
0 75ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3180693011408720&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E476 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BQKLYYk6AY72jNNfU1gbvw4qgBgAAAAA4AeAEAg&bg=!Xl2lXRnNAAbvMpMzzzI7ACkAdvg8WmGkGFEr_9ITjROzc7caZBZYn_fXcEULeSTXlp1D5unPpknfxwIAAACGUgAAAAJoAQeZAspVWf6kDF4LiJISGhIiG4B_rcY0mGMrlBlUTDCsSYn7sjApPoBnsb0o12PFzKjP8XuvQwdDPujmJgfgoNdhHhGdlOHOgVeXdUUfb-d55kohTewsAME-QQvnXgBBS9bs_8-V8zlrAuB6edw3WVqaUdRlbvE8naAs2sB4uvcZukPlah-_8tilwtW5KUKcrD--6MTGJ5FvOSgea361mVLJp4H_kNk0tdTXPyiaycdTDzeev8ZIvpKfNTlZ8vmHK-SiVWUFKhjjy9F7dsJKPqpFLaKvxE6nj9nSKlr-6AMsMlF2WPraaI_wsfPKPyEvEIlVnM8rB7w-AEF28itwFH_EaM7U-Li7qL4WlbClnGok_11TWtHN-0sv-vPQ-b_pyNq5pXXbERmMhTRJMc9aKbNFtyGSgJYhgQlNYWW_1hrMKKvMphnnjdCYYr6pYnqqIXE5rS1Imi83t8jCYO3GqQ_Ae8jD4-EDGxqadGcdlbi6fcdwOXo0B2pJmqz9nfKninkGhYEVO7KsFRuyssvTsqjjaL-lCmvmAeVvkA1UHHmNOIaPXQnGNpbfYGs-sz5jxA5OVDWnXDLPhU3SBIkfSXW-LeQZ9nEnwfb9ZQ8LhJ0gCOHa6ZLOcl00lusmHGzqjCzn3SXC6GHYrnWXmrmLEgrWuZbwYQoTe71BP4hmmZXTC82RfEPSbm-VMIgDl3keYpiMr-tbYQoxCntMiDQAXeuCQDlxnoIW6z25wGHVE2fISf0JjUokB0hi2xVSDfKsCKD-76O9IB1_-LLFv0_SvZhYR8i06jFapH_HYT5zw9Tejbn8usVV-SE4NNaV7u2VRFe5E3oggX2E1WJ5Bs0SxwDXt8H8M2mVGNyW6ImnEz5TJtdowA-FSFRJdYlLGOP26B_XHt45GDU7bj12rRXSDwbZFSCVfSCMTtkjyUplwyD0LK1nYAMngEulCVAWVqI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FFEF 0
10 B 41ms
40ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7UYecg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 05:10:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame B4AA 0
17 B 353ms
122ms Ping
image/gif 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~law1pjmc&c=8033825835273&slotId=4016912917636.5&qqid=CMPWiODIyPsCFVf4dwodD7ACiw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=733&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3180693011408720&bg=!AQKlAkbNAAbvMpMzzzI7ACkAdvg8WgexvXKjjSH0zJBF7c3Y9D7k09DmVV1d4c92fb7XBYKCjq-ungIAAABZUgAAAANoAQcKAJdAL0XlIoLy--2c1msCpNUKGtEMLOo-LBZXS33xW1HI7XBfrRfIIeaNOzqU7bFFTYgT_vNgMICTyO-N3dQ-nkLmVtzbCLIH92nmWmHmSPA10iUxgM1OWZpiA5615pU7_ovBY65a0jzbs-qcz8T2yBgCbwNIhicHVyLrjNOQhydyZLtNopv437-LiaK4Pi6eryVVRi5BPbPbmQKxy6OLXTMk5DHE68NnqRiKwProypMr7UALKZdU-5Bq0kIkwhV74KDsQ4qD5aSBMbJgjv-80awBG8vJdtvjgdb8dcnSjNfRJjELYbPk3du4I0wSEGwwzQRDI6Uuj5RNnZaP-so_2oJdXT387GcKOEXBUMrWfK5alNxJYZrOH8m8uBZiXs0-_pBwPBjBMoKAwUpeCDg5GhEPXQZml4WDRR72v8sLrBUNHUswtUaAW3Fk6XcBbLmGMcuEbxQLWxOYcc2w0RikgKO2WAKvE2vwz_ypb1Qfzwob10JEEa3ZIJOCmPQRE7ytscYNedZHuxXrPr9iymBQ-hpULaVJJFWBZw-Hr-beINTat637wkL_OwW3-NXxRxvUhBfUbcpEHdZIVyoH4QFKy6xlnk0RnWjlkx2BXWL6OfSGfFRvHMPxEW5plKtOjfXtke-0gLTfuckAFxuZ6cFK5y5yYqEOtKYI96l6ufvMq7waEL1OLDGGMeVCQkHsfW_6NTQ1-GnNUMTvbTKg1w-gsfuCU18igvztZ4aKJn70YO9WMEAdk4hAevTv3ONi6cf2O8yXWF_ZnPxh2kI2a6YeyXe71vzzdRarDsHnBSalRFUtmccoR10hbP1mUgwDa3fg7s2yoBm58eDQwJYRDotquMwLLQrt7yCuAr0aH-hTCCc2Ux37Qfvy3a4OU9151OkJ1rjLjai6UvdtZlliAmuOFuZOX5mwU-tQBRVHcOR4-HJaasgSZd0Q5oIKZ0IY0pGkzlYPkf0W-T8MNXD_GUSDfPd9lXSLXcN1bGAOrZxa1NKlL5iW4Yv9BDs3wJlwroNhQHhlSpcQL-m1ivulGD9zabXyVJKwT1AMOkTj0OYIYAd6mW2yl4pVvXi-q9nfT6aZfdQQXtjjmHn_MZ0LOl2Noh0TnMG0G1W4HRo0_tI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://megaznaika.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame D2A0 0
17 B 122ms
122ms Ping
image/gif 2607:f8b0:400c:c38::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~law1pjus&c=8186440365927&slotId=4093220182963.5&qqid=CIWeiODIyPsCFZPWdwod5CMJ3g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=733&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400c:c38::5e Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 05:10:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ3e8fWyPMX1v9xK92huF4s&google_cver=1&google_push=ASkJ3FYrllvoHKDS7d5DYLZdn128cZJRc7Pz1B67PwHYzv_rtps3SM_Ymc1Hm6Xe_93rnI2RWerzfK8pxhezyT8EC2cL3eSE5YfK

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ3e8fWyPMX1v9xK92huF4s&google_cver=1&google_push=ASkJ3FZ5GdCk-eKRgJYqkW8liPOeGWpqaCaUPBoUmZNwJ00kVemDxdDYnCzWlRgsP2IeeP0z89Y67QtiUq47HkfrRrwS_-tLTiG2ng

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.megaznaika.com.ua/	1970-01-20 07:43:59	Name: _gid Value: GA1.3.60307323.1669353056
.megaznaika.com.ua/	1970-01-20 07:42:33	Name: _gat_gtag_UA_45408746_1 Value: 1
.megaznaika.com.ua/	1970-01-20 17:18:33	Name: _ga_6ZM3CEQ47X Value: GS1.1.1669353056.1.0.1669353056.0.0.0
.megaznaika.com.ua/	1970-01-20 17:18:33	Name: _ga Value: GA1.1.473975479.1669353056
.megaznaika.com.ua/	1970-01-20 17:04:09	Name: __gads Value: ID=f286ea03e338d2f1-22a195e88dd7005d:T=1669353056:RT=1669353056:S=ALNI_Mavf-_gvAO0kr2KOSCJFG2SYHmlRQ
.megaznaika.com.ua/	1970-01-20 17:04:09	Name: __gpi Value: UID=00000b86c09229de:T=1669353056:RT=1669353056:S=ALNI_MZHrevOnqZiC7xI9CKcMcfD-MpwLw
.doubleclick.net/	1970-01-20 17:04:09	Name: IDE Value: AHWqTUktJR-3oAO0F4cK-MP3YEQCfKP-2J0knuUjYQen0MdTyWIYBxJ1DJyf1c0T9B8
.doubleclick.net/	1970-01-20 07:42:36	Name: DSID Value: NO_DATA
.rlcdn.com/	1970-01-20 16:28:09	Name: rlas3 Value: 6LQX/ZS7MSn3/+SYLTa/fmFnu0Gst4xwFlCDpDZkjSo=
.adnxs.com/	1970-01-20 09:52:09	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>4FDDB6!@wnfH8K6pQK`!5=E<L5?%LWg20#u30rrFmlb7hjP*nXa1cDAqDayeb:nN%nugO%v4VB%nmRo)t?so
.adnxs.com/	1970-01-20 09:52:09	Name: uuid2 Value: 3712363082030799907
.casalemedia.com/	1970-01-20 09:52:09	Name: CMPS Value: 1871
.casalemedia.com/	1970-01-20 16:28:09	Name: CMID Value: Y4BOYmC3RebUvyiwXHMs4wAA
.casalemedia.com/	1970-01-20 09:52:09	Name: CMPRO Value: 5137
.quantserve.com/	1970-01-20 09:52:09	Name: d Value: EGsBCQHUJ4EA
.quantserve.com/	1970-01-20 17:12:47	Name: mc Value: 63804e62-4233c-c4506-2cbf1
.rlcdn.com/	1970-01-20 09:08:57	Name: pxrc Value: COKcgZwGEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 07:43:59	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:52:09	Name: KADUSERCOOKIE Value: EA24A415-EBF9-4B6F-91FC-A8334B3FEDC3
.casalemedia.com/	1970-01-20 09:52:09	Name: CMTS Value: 5228
.innovid.com/	1970-01-20 09:52:09	Name: uuid Value: b2856ebe-cfc5-43cf-b702-35a52552331b-20221125 00:10:58
.agkn.com/	1970-01-20 16:28:09	Name: ab Value: 0001%3AuPt8bRLPNFJl818DVnV67a9Z%2FstkbhwE
.agkn.com/	1970-01-20 16:28:09	Name: u Value: C\|0CEArEwrjKxMK4wAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/	1970-01-20 17:12:47	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:12:47	Name: na_id Value: 2022112505105900014234433918
.addthis.com/	1970-01-20 17:12:47	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:12:47	Name: uid Value: 63804e63a660f893
.addthis.com/	1970-01-20 17:12:47	Name: ouid Value: 63804e630001e69d28245b34d7b93bc8e5c1c9e1abc2fb1368a1
.dlx.addthis.com/	1970-01-20 08:25:45	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:25:45	Name: na_sr Value: 20221125
.dlx.addthis.com/	1970-01-20 07:42:33	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:25:45	Name: na_sc_e Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://megaznaika.com.ua/wp-content/uploads/2022/08/letter-e1518349855751.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ3e8fWyPMX1v9xK92huF4s&google_cver=1&google_push=ASkJ3FYrllvoHKDS7d5DYLZdn128cZJRc7Pz1B67PwHYzv_rtps3SM_Ymc1Hm6Xe_93rnI2RWerzfK8pxhezyT8EC2cL3eSE5YfK Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJ3e8fWyPMX1v9xK92huF4s&google_cver=1&google_push=ASkJ3FZ5GdCk-eKRgJYqkW8liPOeGWpqaCaUPBoUmZNwJ00kVemDxdDYnCzWlRgsP2IeeP0z89Y67QtiUq47HkfrRrwS_-tLTiG2ng Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8900067022887938&fa=1&ifi=8&uci=a!8&btvi=5&xpc=e38sWgsSPa&p=https%3A//megaznaika.com.ua Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
ag.innovid.com
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
megaznaika.com.ua
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r2---sn-aigzrnss.c.2mdn.net
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.addtoany.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
142.250.184.194
142.250.185.194
172.64.154.237
173.194.76.154
185.13.5.57
185.64.190.78
185.80.39.216
185.89.211.116
2001:4860:4802:34::36
2606:4700:10::6816:46c5
2607:f8b0:400c:c38::5e
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:4009:16::7
2a00:1450:400c:c08::9b
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
35.157.182.139
35.227.252.103
35.244.174.68
69.173.144.165
72.246.169.24
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
117655d44a7c0d01dd855f832e471771cf2810c5c2cd4cd7f0d6baed695857de
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1442a354d89a5c3e0a0e5be8deffd8e14a01dc79335194f628be852cc8b4b6f2
15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21afbc996f589e039017dc90e88e88be8911d8e6cdb69951828a17110ebf2f44
221812a355ad9cfabb4c40792a5cbfe039935441f0278ec46005abaea2c63b01
247a016cd7eb271ea01fa481bef03bce10d9a37dd4c661f0bcb34cde421861a1
24cb8670cef76efee9d6858e1212093101908886d84abb7d34b5e4987a9afadb
2671f5dac2a432faf0c0f49a26dba5d48f4f7587bfb3eaa7493f3927b36e50b7
2a8e5511d36d6618929926f68fc992688fb766171bc5648635d0bfeef8fbe8a3
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2cf31e9dd12302355fa4ff12e8995c85a78b7b35f4d3d925ff12bed69be07b71
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f2fedd030cdda14b4d9d44935c1854f08a1a1a54bc0fae701d022fb206069c
356ac17007d8e06fbe0f818fc1993dfc23ee6a1fe9181d948201e77d96fbca6e
39bf422535b0039e90b4672d01c0263b0bae25c61e86540e5859bbb28a21637a
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
3c2f72b1750b6008924e043a7b014f835a809574e6e130d46d50dfc53d92df34
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
43605db4453aed3c966dda36f501cd25d35d7790e34f4c395c5259e69d89bc19
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d87b278525f14c2302fdfeabf01bbeb1530239316b6923c4588a04a501a6564
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f989f09848e494ea4beac0ac6f359f0bebf6a0484e356d2ecf1ca48cbcd3930
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
5087733b23740ec5d32585ab5b04a9fd27b7b7c885663fc2242907f0a2f6654d
5592b1f799f3bff73a1b1d87deb4a32a820db0e2dd4a561050c7f1d27116d9a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60337682dfb0130ed0f76df1432137dd90610169b18c6f0cc2d21c39b0edfb33
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8c0c74d24ffe7e8605ef7eaaeaf02c72db68cb8d3f18cf24b48ac6fdc979f7
705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7befb548c06ea53681699286fb234ea6ef5c8c798247e2be98da2bd2c8aa172d
7e5b3d87cbcd7aa69aa739bb9ca030f510168331815b4746a1d3bf4a783ba58a
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8add9739cff8c0a952a3dde98e17b4e15e6734b10e65656c59a680036c834fa0
917de4f4f859f91d7ebc2940e72c63fc44c959b2deaf6f2069936b39c894d973
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0156d4d5d0421d9838187bf5db14e6a3ff6026339a584af7e75321e2ae9cb43
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1c6f4a52378e183a0d6cdf2e4f763bb814f663022cdbc50e083fa0a16d4ba88
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af836a761446b204f09d05b44a84b9546742c8f0096de686e8b0059310f4a308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6a4123eed2e08952c409ae4bf9e0bfa6cec0cd4b4280c40d7904ba9eb3854ce
b84b58bc5684e07213ce13351d3bf6b45f8fabc346f45f4a1ea17a4bbafbdd13
ba71d7360fc084690191be50fae228b204839bff0cd2e2c2265b7d924e5b030a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c93aac14b21b1744b6ed008c0f9f1a5ceecdc15cb406c169ab1766ee2e8fb440
cb79f192691a7328c0bc35b8fa9650495d4ac4656dbcf64d3fa8fdf15b5aeef1
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d263ac528b26dea0fea4a42f9143a6383b1ce2823b4d9ec26126aabfde9cd714
d3dac5f1f77c54f3b2612135d3f29d6840e6cb43fecb1c56f347fffd6bf6e631
d434098550e15240dc336c5933840ee8472c669b7900d17be393467b3973a592
d6a23f9c4dec2f455c8e2340a99ad4db01a1d538bb1f2537bab3991ec64e14c7
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dd1eee9e67eb8bb10735511fe59f339df47d1cecbefc0ee4cebcee3ce6009d80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb8fb8c4a377735d644968c583207134c816529b549595b61383c963a2e5b6b
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fe312441a08b62cb2d34cdaedecd3e0016e23e0aecd37ac3f8f3b9d85057e0a7

megaznaika.com.ua Open in urlscan Pro 185.13.5.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

89 %HTTPS

65 %IPv6

24 Domains

39 Subdomains

32 IPs

6 Countries

5481 kBTransfer

8664 kBSize

32 Cookies

5 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

megaznaika.com.ua Open in urlscan Pro
185.13.5.57 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

89 %
HTTPS

65 %
IPv6

24
Domains

39
Subdomains

32
IPs

6
Countries

5481 kB
Transfer

8664 kB
Size

32
Cookies

190 HTTP transactions
7 data transactions