urlscan.io logo urlscan.io
SecurityTrails logo

tsikavi-fakty.com.ua Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tsikavi-fakty.com.ua/
Effective URL: https://tsikavi-fakty.com.ua/
Submission: On December 10 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 14 domains to perform 114 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is tsikavi-fakty.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 16th 2022. Valid for: a year.
This is the only time tsikavi-fakty.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
33 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a03:2880:f04... 32934 (FACEBOOK)
2 34.149.12.213 15169 (GOOGLE)
114 22
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
tsikavi-fakty.com.ua
33    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
tsikavi-fakty.com.ua
3    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
13    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
18    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:26f0:480:9::210:ee05 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    2a03:2880:f045:f:face:b00c:0:8c (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
ad.atdmt.com
2    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
Apex Domain
Subdomains		 Transfer
34 tsikavi-fakty.com.ua
tsikavi-fakty.com.ua
899 KB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
347 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 269
216 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 298
81 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
66 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 469
tps.doubleverify.com — Cisco Umbrella Rank: 491
tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9446
111 KB
3 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 5208
www.google.co.uk — Cisco Umbrella Rank: 3293
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
3 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
94 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 26
20 KB
1 atdmt.com
ad.atdmt.com — Cisco Umbrella Rank: 4147
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 837
704 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
44 KB
114 14
Domain Requested by
34 tsikavi-fakty.com.ua 1 redirects tsikavi-fakty.com.ua
18 s0.2mdn.net tsikavi-fakty.com.ua
s0.2mdn.net
googleads.g.doubleclick.net
13 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tsikavi-fakty.com.ua
tpc.googlesyndication.com
12 pagead2.googlesyndication.com tsikavi-fakty.com.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 www.gstatic.com googleads.g.doubleclick.net
3 www.google.com 1 redirects tsikavi-fakty.com.ua
tpc.googlesyndication.com
3 fonts.googleapis.com tsikavi-fakty.com.ua
googleads.g.doubleclick.net
2 cdn.doubleverify.com s0.2mdn.net
tsikavi-fakty.com.ua
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.uk pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 tpsc-eu3.doubleverify.com cdn.doubleverify.com
1 tps.doubleverify.com cdn.doubleverify.com
1 ad.atdmt.com googleads.g.doubleclick.net
1 googleads4.g.doubleclick.net tsikavi-fakty.com.ua
1 www.google.co.uk tsikavi-fakty.com.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com tsikavi-fakty.com.ua
114 22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
news.google.com
smachnoho.com.ua
100-facts.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2022-09-18 -
2022-12-17		 3 months crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh

This page contains 13 frames:

Primary Page: https://tsikavi-fakty.com.ua/
Frame ID: 0E1C6227B468E2A8C7F18015BD9D6688
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: 479C9CB92965FA1CF1786AEB9A605272
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6045510541183088&output=html&adk=318159125&adf=2184669829&lmt=1670537393&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftsikavi-fakty.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670653669910&bpp=7&bdt=468&idt=318&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4284496959100&frm=20&pv=2&ga_vid=1883540078.1670653670&ga_sid=1670653670&ga_hid=544564990&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44779793&oid=2&pvsid=3123382991985673&tmod=1475625821&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333
Frame ID: 2B57F64A5B00B6514E1AD378D8E93458
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6045510541183088&output=html&h=280&adk=1023900848&adf=340119183&pi=t.aa~a.1043414356~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1670537393&rafmt=1&to=qs&pwprc=1247491666&format=1170x280&url=https%3A%2F%2Ftsikavi-fakty.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670653669917&bpp=1&bdt=475&idt=331&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4284496959100&frm=20&pv=1&ga_vid=1883540078.1670653670&ga_sid=1670653670&ga_hid=544564990&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44779793&oid=2&pvsid=3123382991985673&tmod=1475625821&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=76U4ABffLo&p=https%3A//tsikavi-fakty.com.ua&dtd=334
Frame ID: 55C73C1F609D5B708A0671DA88F2622A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: C8016B8EEC49707ED3F17753783F55D1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1E2ACD10A99E65B4481253CD97DEAF03
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 877206D57DA7E99AEC3C78151FF1C85D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 57F88905B8B9B53A23471DA9DBE659AA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5AC45B0639449D4BBE37210C2D42717C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9185FAB65D09DB70A226EF029171E029
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Frame ID: E791FB4100CD2BEA71385B76F2C0DF78
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C0DE467B88ADB4D988390849D70F065B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3317.js
Frame ID: 0D4A23ECF9499577461DFC19F4EDC63C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Цікаві факти — онлайн-енциклопедія, цікавинки, новини

Page URL History Show full URLs

  1. http://tsikavi-fakty.com.ua/ HTTP 301
    https://tsikavi-fakty.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

114
Requests

99 %
HTTPS

91 %
IPv6

14
Domains

22
Subdomains

22
IPs

4
Countries

1883 kB
Transfer

4318 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tsikavi-fakty.com.ua/ HTTP 301
    https://tsikavi-fakty.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 98
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tsikavi-fakty.com.ua/
Redirect Chain
  • http://tsikavi-fakty.com.ua/
  • https://tsikavi-fakty.com.ua/
123 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
54b1357bb1e71a21b7bafb91ea89b2a5008b5c4b27518c12ab4712fc57ad5a5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7773eab92eba76cc-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 10 Dec 2022 06:27:49 GMT
last-modified
Thu, 08 Dec 2022 22:09:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25RiRad%2F1PRCftAoR1ZUUtyGIEMPfGzhZ4EGnroRTT6h5CMO5eE0Dp5PjTFIaJjoGZvJUJZPEt0XK%2BrZ0K3s8oBJjf4%2FPACXqr%2Fzktf%2FONGjivFtpLkaDYeReM5yis3JCx7wxJcvuH3bsDDnyD%2BSxtKgxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
wpo-cache-status
cached
x-powered-by
PHP/7.1.33

Redirect headers

CF-RAY
7773eab84e08bc8e-LHR
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 10 Dec 2022 06:27:49 GMT
Expires
Sat, 10 Dec 2022 07:27:49 GMT
Location
https://tsikavi-fakty.com.ua/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VjLcJSI7g8w6fwD20cggQs4cY6RB1Vw7aquOBUlUTQtKfZ9elPsEQfxLqwaQBziFRLS6Gxo0NNnsShnEiiMDgFn%2FjDasADUcHW6dNYHlCWbsLFg55JMP6FwTP3MuTAVGR9tJYVLFPUt91EFmYxYQ%2Fu%2Bjw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wpo-minify-header-a87a2536.min.css
tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/ 		171 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/wpo-minify-header-a87a2536.min.css
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a80166b9298c2fd0bb8a7becc5fc1f390315a5cc44666b241ef16fcbd34d95

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 19:49:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2497895
etag
W/"636d55c8-2aced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYt2%2FMPt3TobIwM083EP5MX9AEdfr7EhAkIAshz4nWyJK9yCjYDUwKE5fXAF4%2BuqtPX3WozQUvvKp%2F5cLKzgLhAILiI8FYRgu5upeZQniAQF6fNgTZQWY8RWu%2B3E40M5Fwb7VVCBMYajuwUiQv8oIykc8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7773eaba3f4d76cc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpo-minify-header-2ba9135c.min.js
tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/ 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/wpo-minify-header-2ba9135c.min.js
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be702d24bd54ea430325573b3ae73e42f0e438b4705843384c29305e9bfdb63

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 19:49:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
690659
etag
W/"636d55c9-20a26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3xoQwFbxYUR7fgp%2BvmqAhMGxI%2B9gfKcdqVu3EUrmH3SbEYLHP%2F7HuZ%2FhV8Y7TYc1dZVvf9%2B9YWcktvdOi6tc2kC0f3b5Km9JJ1DCrlFWIkRXHhYg3KIxYCmhFqYF4oKBTYt32wdFkDg1yZAFlZwhE%2B7uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7773eaba3f4e76cc-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500|Roboto:normal&subset=latin
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 10 Dec 2022 06:27:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 06:27:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Dec 2022 06:27:49 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6cf25b087c6f4c67b356828b6bbacea19dc192bce47fc0a307b757dd533dc33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49594
x-xss-protection
0
server
cafe
etag
7119533436419046499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 06:27:49 GMT
/
tsikavi-fakty.com.ua/10-tsikavyh-faktiv-pro-ternopil/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tsikavi-fakty.com.ua/10-tsikavyh-faktiv-pro-ternopil/
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 08 Dec 2022 22:40:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qy1jlfUdXqR3qNOIXvDYFhmL81pp%2BDYhVzCWV5OhMxwzOQj1y85VU3HvvP5K%2FKD9zNFiFSctHfhFUFDQsvuG%2Fei4HdDV2jmVnTWhMLJQqa6is38D%2FXpCbs6HXEB%2Fa4Cho8QLTSTrI8ILsf%2BB2OQGveQkPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache
wpo-cache-status
cached
cf-ray
7773eabb291c7315-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
favicon-32x32-2.png
tsikavi-fakty.com.ua/wp-content/uploads/2020/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2020/04/favicon-32x32-2.png
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd0e68ff4749e012c245a7d5070af5709d73366c61b367820a939851b06683

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1076488
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1420
last-modified
Sat, 30 May 2020 16:01:13 GMT
server
cloudflare
etag
"5ed28349-58c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFODjf1sY4OPNyGP8pcRJ5whhCQl8d4HH1JVibtWUTWmuN%2BuQS9vzCsQsL6tDkPy8kgBk91tpwaiDkyER88PMrSoeXxG7t9GOGDrdAMoQWH5nRRKLaMjaDd76977ralZU5ZS6tqODUH1GTL9WfZ%2FR%2BMYAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb29197315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
favicon_created_by_logaster.ico
tsikavi-fakty.com.ua/wp-content/uploads/2022/06/ 		191 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/06/favicon_created_by_logaster.ico
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f587de8c2fd31cc618c6f0b2f8edf71b65ad90fea1bcfd9acda28fcc70ca2a79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 12:50:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
336473
etag
W/"62ac7884-2fc26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BwfUkoNC8DkrrCXZh8qu0frWlgdbu7SPrkDLTVOin4G%2Fma25q4t4hGZ7P2Y3ZU4DwcLKpOciv8hrgQJGB9MzBKg%2BEbbl7WPWLy3X%2BgPxNk1cM1gLoV%2ByLLbAEYJrntSD3ljD%2BQxIPnPXdNw%2FVmIXeJj9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
7773eabb291a7315-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpo-minify-footer-75e31037.min.js
tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/ 		312 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/wpo-minify-footer-75e31037.min.js
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2646898fdab627bdfac19e324eb1c6d52990428fb2722b3b373325de8fa653

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 19:49:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
30905
etag
W/"636d55c9-4e117"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8MQL6ZmMZDq1lZZ2wSaShEpoDnmcTlZvTmgEoh30UFVT8VAbXbTDdgxhC8ka60IghwB60uC5xiCmKIYigBcHr1eh14PGeI%2FLKlZeeGpcjumAA9%2FfmrTgeLOW4OIfsCcvG0ykSq7Hr2ZWZH8IApUcFFiVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7773eabad8fe7315-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54W84TD
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45afa6fd9d72bdcbe004c40c4ab60dd04c66db3ab9ad8dae77451719cea0f1f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45036
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 10 Dec 2022 06:27:49 GMT
nobg.png
tsikavi-fakty.com.ua/wp-content/themes/mts_sociallyviral/images/ 		68 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/themes/mts_sociallyviral/images/nobg.png
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/wpo-minify-header-a87a2536.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/wpo-minify-header-a87a2536.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1076488
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
last-modified
Sun, 12 Dec 2021 14:08:44 GMT
server
cloudflare
etag
"61b6026c-44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUiv6aphrLtGXE8Y4MOyQ2YTHBbUJMnaxFv2ioI%2BlRQDXyVxDkYkcW0n%2FdzAK%2F4E6obyAd9r60GpaW1%2FfRbUKGY0%2FC1fUVWb4zrJOE2G%2FBDICYnsa3toDPjiVsEYdPQ2WucBEcbfn0bXGBp9exlinsqfFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb291d7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tsikavi-fakty.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 13:14:53 GMT
x-content-type-options
nosniff
age
61976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 13:14:53 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tsikavi-fakty.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 05:13:29 GMT
x-content-type-options
nosniff
age
90860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9840
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 05:13:29 GMT
fontawesome-webfont.woff2
tsikavi-fakty.com.ua/wp-content/themes/mts_sociallyviral/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tsikavi-fakty.com.ua/wp-content/themes/mts_sociallyviral/fonts/fontawesome-webfont.woff2
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://tsikavi-fakty.com.ua/
Origin
https://tsikavi-fakty.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 12 Dec 2021 14:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"61b6026c-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WllTdvHa%2FNwxJyB7vvGjHECQB943%2FnbwsQ08YcbCzUERtas9FQ6rs0uwnPmd5GIqV6bxDAdVzi%2BR7TMLdq4ff867enWn8nrVvr3%2BrS%2FsAzu%2BXuo8XCtztRuaRZJejT4DMBTdoZ6bK10N8Si2JO%2BtLKRGqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7773eabb391f7315-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tsikavi-fakty.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 20:10:25 GMT
x-content-type-options
nosniff
age
209844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 20:10:25 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:normal&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tsikavi-fakty.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 21:51:35 GMT
x-content-type-options
nosniff
age
376574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9628
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 21:51:35 GMT
einsteinrightagain-1200x750.jpg-770x297.webp
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/einsteinrightagain-1200x750.jpg-770x297.webp
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b417896c4b22d4728ccdb78b54b1240047d80a8b5a195a2bed0b7a6e3f20a7da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 11 Nov 2022 11:13:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"636e2e59-5e60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKc6W4RYTJ79kmuniLGuIo9ig6GxrN%2BRcGzPCrdbzA%2BsihaIkEG9G%2FOWDI2T67lzqDE1d9QNXdWgtA1NUpY%2B9SYejXdNjsUNAnxzssJ99xOFYPxtWsu95H9G20nKF0qWH1y8E4K3nFvqiODNqmZhuWieig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7773eabb59317315-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24160
in_article_webp_a6e0cf38ae-370x297.webp
tsikavi-fakty.com.ua/wp-content/uploads/2022/10/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/10/in_article_webp_a6e0cf38ae-370x297.webp
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d10fa51d773ec643fa6caf9c1098a5500407cac577a01fbdb4249b22b24f2ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 11 Oct 2022 07:15:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6345180b-8d66"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vjru3fBgTNMBmrR2kxbkEcQ3j2Qv4y8rnrhapzC6fJR5peWP29DsPHnpRzMQ1dIkyDcMzyZcsWf96dx7cMTyvc2hwsa5OV1DfFe3VXGF42uEnPxBJ%2FFMMilO3myNZaul2aVz4tYjOY6nl6GM%2FbIUIC4A8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7773eabb59327315-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36198
photo_2022-08-09_14-29-02-pic4_zoom-1500x1500-57233-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/10/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/10/photo_2022-08-09_14-29-02-pic4_zoom-1500x1500-57233-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4103c4901ce29243e7d25d4e4b3d727543ce45a307f72452884dfc2f1ba717

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18402
last-modified
Sun, 09 Oct 2022 15:52:53 GMT
server
cloudflare
etag
"6342ee55-47e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Fora8wsoicDOE6s98aqnQmFJIr1l4gQchEESa8F1DTSFD1VA3lQYmoSSIC%2BldqsA0l5frvQd%2BNrmXS5FIXvf4nKt7%2FDb8DlxTW4XHQinRCoF9Em0CRO2GEa6rN%2FlgOMboZxn6wskQGi8tnOiPtCWbdySg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59357315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
286501a7-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/10/286501a7-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a4a66a36b1450f337384ea80e6fd90719e8171ea9ab67ed1f455883aaf3e767

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20006
last-modified
Sat, 08 Oct 2022 11:46:48 GMT
server
cloudflare
etag
"63416328-4e26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4wU5XXJUcb8ud%2F52vts%2BUJeeYfAWznCqxWpmsgVWKRiE8d1n9gqovwmhtMTrn6oA1PZ%2BcvxzBIc3KrqiNjINj%2BQI5zK050VljxsGiBJbpZBItiDA5wQlopy6ToNHUag1Y7idBn0Blew5FSvBDljcCSs9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59367315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
a815c39e-370x297.jpeg
tsikavi-fakty.com.ua/wp-content/uploads/2022/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/10/a815c39e-370x297.jpeg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7ce8efd9e8c3b36cb560bcde9d63ea3424fb5952ec8a402f0153b846e008ab

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19175
last-modified
Thu, 06 Oct 2022 11:15:53 GMT
server
cloudflare
etag
"633eb8e9-4ae7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E7Cqal2G8yAUX1UHyC6Nztm8394v5feUvKLCvfINTAzzbLoVkxIeeIC0APrsmGLdP7u6fRU%2Bw9e7qS0f%2BlTI0QdLLQWslbsLlTMaaF44KPQlnL4IChPaGJ%2FTjLYgmwb4Pp8lVMqgbC2GQVGzab4nySPPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59377315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fakti-o-brazilii-770x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/fakti-o-brazilii-770x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1029f063e38cc8d43ff9c7cac71271b3cd0c77924699b71e2074d2edc9a1b4e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63647
last-modified
Sat, 12 Nov 2022 13:25:49 GMT
server
cloudflare
etag
"636f9edd-f89f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5c6EZ2042PzZyaL2ZVNsBr7uk%2Fczvb7hatRd9KsbWUnwqJjmGEsH31Dbd9Ffe0SzuOAt9IgW39YB84X39zB4ujKiOMZGzY9ZLb%2BtN1eKWtPPeTSuSp2djkpWEJQEylF5C15Ck5UK2zw5w6c5ZF1r2o4jiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59387315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
261_eafaa9291a18724af44d581ea02003d8-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/261_eafaa9291a18724af44d581ea02003d8-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4ba2e7674a24883e0e33ea0dff4665b17a48e951f1b28ff7e8521888aaa4a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30747
last-modified
Fri, 11 Nov 2022 13:13:21 GMT
server
cloudflare
etag
"636e4a71-781b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1jyzc%2BWEKOcdPd98KOS94OZvwB5uuu0ORvHeUITfc0do87Hbc39Zww%2FbuirXL1J3ta%2Br3aO9iDc%2BWO2FaNSuWCDh0KbLIGwIQWIX7mpFa4qNMyEAPGpzxEO7tRTCb3SfOMNYeklxajimCCRToAQ4HpAnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59397315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
c1a11621-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/c1a11621-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1f1b4f5c87057bf15bd734cb226c426365a5ad235da96048f9e710f4df64b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27004
last-modified
Fri, 11 Nov 2022 12:39:56 GMT
server
cloudflare
etag
"636e429c-697c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yPcVuVO%2B%2BxZyct6m1bo7IkLfoBK8Fxjz3Lo%2BLlIum64hgajHiPz6YiYK6K48kyBWcQ0m64Cc2jQENG%2Fl4el6i6lHuCVqGSnKFDsAJNOQ52mDnCS13u1vhoagmbvhw4V9dYAx%2BMFCMkbUqvV8Pu0HpqSKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb593a7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
9039df44-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/9039df44-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591682a200f9e6167a454dc5f3e9f066f22ed523add013f1b9a9c120dbb1bca2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27154
last-modified
Fri, 11 Nov 2022 12:00:54 GMT
server
cloudflare
etag
"636e3976-6a12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wUef6eUGJaNAJRe7Fvk9g%2BO9%2BrwOgmwQ6UyJLod3plczUsJcU3uP1VkjcgXxb7CGV3NRjYK%2BSAaL7gRaVNSxKpP3XCBeXtrA8dH23xDAGliDrXJKdVlXnXvaWoAvolxDq4cz4HXwyfw%2FvVNbw411YyJLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb593b7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
1bdc0c30-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/10/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/10/1bdc0c30-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
762a2c71852a8f8daa3b52eb872e6b642d0fae95d87cdab5e4a1fd0e144a7dc4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32590
last-modified
Thu, 06 Oct 2022 13:31:54 GMT
server
cloudflare
etag
"633ed8ca-7f4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V38s0W35NfblwbsQQDi4jtprBKPKRhq3SOClszRs0ubWP3TMGGuPE4V5TnoGyfJMtNaFH2xvj1S3e66KCtLOF5wg6o%2Fm3gMA1GmJmfC22OTWT0%2FUUbSPiJwvADAU9%2BhbQGXmFYVKXVtc6Czk32SjxhadFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb593c7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
d4eb8ad5-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/10/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/10/d4eb8ad5-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
502a26b163ad0c4b0c024fff080fcacbdc20343be2aa5728db33b18fc0d4d525

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32735
last-modified
Thu, 06 Oct 2022 12:44:34 GMT
server
cloudflare
etag
"633ecdb2-7fdf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kI2vsuHtLWv11ZNHvQ5lnGl3lMQZHuxDahDeVM2hD67Z6C2odmAiXmskRVIUMWpxgJv4i9wMdEtVMVHuk5XYH5RrMT%2FRnYNMWnwq%2FvUAtj4TEZyHORw0kYEo4dtFETQ32M0bRFA0xa3lzjWo3a3VS3Yjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb593d7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
89-interesnyx-faktov-ob-indii-370x297.png
tsikavi-fakty.com.ua/wp-content/uploads/2022/07/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/07/89-interesnyx-faktov-ob-indii-370x297.png
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0142d336c4b4ab29c72e071a78874f33b811c545411e2e76835237919f42df4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1513
last-modified
Thu, 21 Jul 2022 09:13:38 GMT
server
cloudflare
etag
"62d918c2-5e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heVWP7u8OQ1eCQjiGllBqSoZ1aDteV8WOQNWGXQYUgwhCpvcWXLZW8%2BUsZQg2PP2u5yRCiVRKt0j0lmCdN6N9lOIzENPpSDBKgDA7xGcXG5DVitXQYrAFfLkzpBEmDfnIzN0kt1yPWr%2F6eRnHp57NKp5qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb593e7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
50-interesnyx-faktov-o-severnoj-koree-370x297.png
tsikavi-fakty.com.ua/wp-content/uploads/2022/07/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/07/50-interesnyx-faktov-o-severnoj-koree-370x297.png
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf1afe9dcd35502f06ec369beade258b4bb1f77e946a0073b9bd503b9cda8ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1454
last-modified
Thu, 21 Jul 2022 08:27:17 GMT
server
cloudflare
etag
"62d90de5-5ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV7WAhLeGTWBm%2F%2B15tnJHe2oUPb90VIbr5koYGNqaVwb%2F5VlzQW6483mUaOvgRYWiqR0VzgjVorAKWk9bZz9AHqxCIUd0JrRt%2FDi%2FrSzRm7W4YGLxTkgnyyYQgqkb6F7j7zCdQjK3xbSrK8DABs8oQ%2BgjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb593f7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fakti-o-pozharnyh-770x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/fakti-o-pozharnyh-770x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
960ac92847369d4dc7769a0fdd8b951790a8ad116ec10d6d68764bcffa61bbd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29406
last-modified
Fri, 25 Nov 2022 08:46:40 GMT
server
cloudflare
etag
"638080f0-72de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4nJnyvuMXYZhOoO3IJtRBt730GzURnLRq2eff3iJwhp7KxI%2Fa5i%2BZuBNJc0Nc5HXl0xp3JjYgmtr0hW08RpiS9zm%2BPc0tzoUMvwqrslY4dzRZ3QQj8gbshBV3ADAdQq2M%2BfXPdIUk5kZnSWd663rUQIGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59407315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fakti-o-biologii-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/fakti-o-biologii-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6643473855f449fb42ba65e150ad33edbb25e237b4c795f82c559fc65b7e1a8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20330
last-modified
Thu, 24 Nov 2022 18:19:32 GMT
server
cloudflare
etag
"637fb5b4-4f6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAcLEalrbWICX0sOP%2BgyDlF6No0xuKFLbvVei6Ki2th6wIphqFB8cMjDDHdRvOnBTEKlDc0VhGUknXg0%2F1RTtoSmLDAMvRUtU2h5dTlaBa4WPul%2FFTAOWMO8gePdHoLm9g9I3ngc9hgOau5R2tmbgEro8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59417315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
interesnie-fakti-ob-ekologii-1-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/interesnie-fakti-ob-ekologii-1-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c992151a1f6b4f3377beeed90146b6dea77215a5e7baf0a5217c3f6345b9fbe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18502
last-modified
Thu, 24 Nov 2022 16:54:39 GMT
server
cloudflare
etag
"637fa1cf-4846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CApDt2vYG%2FJm5PomARAJ64MO2gI%2FAsmLcmmyRJ13Kf3nk9rgpU0t7r7T60LXU8ihJIU%2FQJFZyozx3Fkdb9BFzk0HBjyo01Lt%2BjFSLcoYp7ms48hczjkyWa97w5dH%2B1cot%2F5Q3LdXTVrJITawL%2F7U%2FlvJQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59427315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
interesnie-fakti-o-egipetskih-piramidah-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/interesnie-fakti-o-egipetskih-piramidah-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b63f2a8f59a6177de0dfd582562e28022c5ef87632f39178001f5b8c5df9860

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73888
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15791
last-modified
Thu, 24 Nov 2022 16:33:41 GMT
server
cloudflare
etag
"637f9ce5-3daf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6ZeNklIH9%2BG4PKcRwBiPCtHhqCcDIyVD7xKbqvml8oO4cD1zTHBAgphsLBtfoOPy961LFHAiQoeRXjXEOCI0KLBWrstwNZGon8SFC1dx3pMbDayqdo1lnxKHLJlufizvyYkUe8TsgUrQ%2BxNvJfhSqHvpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59447315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
interesnie-fakti-ob-etikete-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/11/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/11/interesnie-fakti-ob-etikete-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3a8dd97b766ae810b61a1ca31f7204a1b8798aca73663ac40939f7ae002f7d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36131
last-modified
Thu, 24 Nov 2022 16:02:59 GMT
server
cloudflare
etag
"637f95b3-8d23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFb5vGvhImtiygaD3ZsOcrLhGYv%2BhZHtk1ZkwQ0mPk0WakGHXwRBT3Vk9WdIj40SbSvaZtPtAlHyRon8WH60Exie0gVLLqL%2FY%2BfOP%2FKaAI5%2FRUEMFCo3%2FPfjED4YXWPCgYddiqH5Xb62Fr1Xg1WPW%2BkGfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59457315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fakti-o-fransisko-pisarro-770x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/12/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/12/fakti-o-fransisko-pisarro-770x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf558cbd90fe029ee6273e60b47eb6a0642a2cc1e3d953b48ce53edf6537102

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29894
last-modified
Tue, 06 Dec 2022 10:35:01 GMT
server
cloudflare
etag
"638f1ad5-74c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FPxie4t4MKlq3Y72hryUWiImOL%2FpQv6kLqbnk2Eq6vaHBQeCLMyitCfxJDlfWEG7iOag3y3TzdI6stGWYou9r9oOu%2FJ3EjhAuFQIFlGyJghBoPd68A2JVBhDJ8UtUfwtJN8pg2U4tBYC4ar02BON%2FRmew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59467315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fakti-o-pifagore-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/12/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/12/fakti-o-pifagore-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa9dfc75c750a318188f90245c9d6532bb24418ee2f3d06a7373ca28478871b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30439
last-modified
Tue, 06 Dec 2022 10:14:41 GMT
server
cloudflare
etag
"638f1611-76e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IHLxCYO6VVVDifoQFQ5N3IhoUuxSPDdqZHFH1jWLtOZj9nxny2cAOiWqrV%2FQN2FHnITZoaSljO9gsyJEK61upfVuqE6XzL04dT3Ek1YYU0XF9wi6n3F7IuLDQ7swLZ9qH%2BAknB2BuJDvddKTnVhnospvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59477315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
2wsdr5thuko-19-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2020/07/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2020/07/2wsdr5thuko-19-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb79b3952cee32bf332e840b7e4c16c638a7ba35ca332e558d6036b2b30cc98a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16157
last-modified
Wed, 23 Sep 2020 08:57:54 GMT
server
cloudflare
etag
"5f6b0e12-3f1d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLA%2B5mWGZXluQcUrUr%2FQ9YW3JgZbux7duvYZ1m6QOR1S5LVnU7ZnfOcAtkqT0POeM%2BT%2Fw%2FKSLk4lfmPTyIlgTa%2Bgbd8%2FU1y6oxeQeplKMRMZjils7Kl9HHLZZ%2FYVW%2FkeESYnl5oHancYFOW%2B6cMfYopT9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59487315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
yozef-gaydn-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/12/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/12/yozef-gaydn-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25435081b566fabcdbd8aefccc92d177ab36fd769be542d69ee85fdc516cb981

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
73887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25760
last-modified
Tue, 06 Dec 2022 09:44:25 GMT
server
cloudflare
etag
"638f0ef9-64a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73xDdASVaGAY3u6woW5LEeqyEr96vU%2BcXYCxuTCRhgnYOA1cuLJzUjPDrzldYzSi7kvoEmy7DZELwCZmyp1a0lnh9rgcF0zMuIJj%2Boz0Eft8k3KA0zK9KkrY7%2FGbwQSAjgwFaz9jOvAi64q0Qoyko0EF3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb59497315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
otto-fon-bismark-370x297.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/12/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/12/otto-fon-bismark-370x297.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a9627b6c165b0c48d2345ce464b2599a4826cdb7ba5c8f9fd046bcb4bfc098c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10660
last-modified
Tue, 06 Dec 2022 09:34:12 GMT
server
cloudflare
etag
"638f0c94-29a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCHxEPKLKR%2BWr1KBNbUwfb0S41i%2FlR3iqv0EMO1fsBU09pJp58NkVk9gNquKXaupVBGdxXBuHvkFW7RoOLziuDNRuVTi4IH5ZaGPPMOioTO%2BnuJ%2B0qJOsdbt%2FkDvUpK5KMLmH000xWJ1feOTkgzZ1%2FHd0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabb594a7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
fakti-o-fransisko-pisarro-1170x400.jpg
tsikavi-fakty.com.ua/wp-content/uploads/2022/12/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsikavi-fakty.com.ua/wp-content/uploads/2022/12/fakti-o-fransisko-pisarro-1170x400.jpg
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/wp-content/cache/wpo-minify/1668107825/assets/wpo-minify-footer-75e31037.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3157ff9344c461b55846d95140931765a14095b22e5264bdaba6ab8ec3e55792

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
50860
last-modified
Tue, 06 Dec 2022 10:35:01 GMT
server
cloudflare
etag
"638f1ad5-c6ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agkDVfdLUFdg6RZLhLciss7%2FdXWqVNfsUXVfM%2BzhdilI4sKa%2FiK9zqsDeUqJEX5Qx0PafQxcFoBszSY41SZA%2FgI%2Bl85frmQ%2FHVs78t%2FPomP2CVv2G7fxaAHbawfZ0hnvbKYRkVnBj%2BvVZxuqGT8mn64TKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7773eabc099d7315-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54W84TD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 10 Dec 2022 05:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4323
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 10 Dec 2022 07:15:46 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c467919d48705c63ac71127205b2592dd1926d8eb1d2c2393e1bd01d44d3c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119969
x-xss-protection
0
server
cafe
etag
1062880945581319869
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 06:27:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame 479C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tsikavi-fakty.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
23838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 23:50:32 GMT
etag
10353107486223812946
expires
Fri, 23 Dec 2022 23:50:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=544564990&t=pageview&_s=1&dl=https%3A%2F%2Ftsikavi-fakty.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A6%D1%96%D0%BA%D0%B0%D0%B2%D1%96%20%D1%84%D0%B0%D0%BA%D1%82%D0%B8%20%E2%80%94%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%B5%D0%BD%D1%86%D0%B8%D0%BA%D0%BB%D0%BE%D0%BF%D0%B5%D0%B4%D1%96%D1%8F%2C%20%D1%86%D1%96%D0%BA%D0%B0%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%2C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1327668098&gjid=269747198&cid=1883540078.1670653670&tid=UA-153396395-1&_gid=786095266.1670653670&_r=1&gtm=2wgbu054W84TD&z=172813052
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tsikavi-fakty.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 06:27:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tsikavi-fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-153396395-1&cid=1883540078.1670653670&jid=1327668098&gjid=269747198&_gid=786095266.1670653670&_u=YEBAAAAAAAAAAC~&z=270013086
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tsikavi-fakty.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 10 Dec 2022 06:27:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tsikavi-fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		407 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tsikavi-fakty.com.ua&callback=_gfp_s_&client=ca-pub-6045510541183088&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13769db2034115079afb72e27c08e569b06b6bbe412de0f87f9a9e56a9a244b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=tsikavi-fakty.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tsikavi-fakty.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2B57 		249 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6045510541183088&output=html&adk=318159125&adf=2184669829&lmt=1670537393&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftsikavi-fakty.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670653669910&bpp=7&bdt=468&idt=318&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4284496959100&frm=20&pv=2&ga_vid=1883540078.1670653670&ga_sid=1670653670&ga_hid=544564990&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44779793&oid=2&pvsid=3123382991985673&tmod=1475625821&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9ec89f73a589a32f7bc417810b50076b1703bb5d7214a18287c3ff6a510cc28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tsikavi-fakty.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
68554
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 06:27:50 GMT
expires
Sat, 10 Dec 2022 06:27:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 55C7 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6045510541183088&output=html&h=280&adk=1023900848&adf=340119183&pi=t.aa~a.1043414356~rp.1&w=1170&fwrn=4&fwrnh=100&lmt=1670537393&rafmt=1&to=qs&pwprc=1247491666&format=1170x280&url=https%3A%2F%2Ftsikavi-fakty.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670653669917&bpp=1&bdt=475&idt=331&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4284496959100&frm=20&pv=1&ga_vid=1883540078.1670653670&ga_sid=1670653670&ga_hid=544564990&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44779793&oid=2&pvsid=3123382991985673&tmod=1475625821&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=76U4ABffLo&p=https%3A//tsikavi-fakty.com.ua&dtd=334
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e710dbaf053fae980e405b9cd3e04e2a06b70bc574e20138e4e4758c32b5e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tsikavi-fakty.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 06:27:50 GMT
expires
Sat, 10 Dec 2022 06:27:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-153396395-1&cid=1883540078.1670653670&jid=1327668098&_u=YEBAAAAAAAAAAC~&z=1618110400
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 06:27:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-153396395-1&cid=1883540078.1670653670&jid=1327668098&_u=YEBAAAAAAAAAAC~&z=1618110400
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 06:27:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B57 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20221206&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6045510541183088&output=html&adk=318159125&adf=2184669829&lmt=1670537393&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftsikavi-fakty.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670653669910&bpp=7&bdt=468&idt=318&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4284496959100&frm=20&pv=2&ga_vid=1883540078.1670653670&ga_sid=1670653670&ga_hid=544564990&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44779793&oid=2&pvsid=3123382991985673&tmod=1475625821&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=333
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 06:27:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44c75665b9862b5a75834897dda157cb99abd4beaf03d23ffcf484336b3ccb28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11191
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a7edf750ace5c5abb39c3ea35f07225e5005f511c7292bf6bbbacd42572a99f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52348
x-xss-protection
0
server
cafe
etag
17294710055792136398
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 06:27:50 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=tsikavi-fakty.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tsikavi-fakty.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame C801 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tsikavi-fakty.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
43430
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 18:24:00 GMT
etag
10353107486223812946
expires
Fri, 23 Dec 2022 18:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/ Frame 1E2A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tsikavi-fakty.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
43430
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 18:24:00 GMT
etag
10353107486223812946
expires
Fri, 23 Dec 2022 18:24:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6045510541183088&plah=tsikavi-fakty.com.ua&bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 06:27:51 GMT
css2
fonts.googleapis.com/ Frame C801 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 05:07:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Dec 2022 06:27:51 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C801 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 02:14:59 GMT
x-content-type-options
nosniff
age
15172
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 10 Dec 2023 02:14:59 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C801 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 00:48:09 GMT
x-content-type-options
nosniff
age
20382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 10 Dec 2023 00:48:09 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame C801 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:27:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
43226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8084
x-xss-protection
0
server
cafe
etag
2222875591315018765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:27:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1E2A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuE0HYZmJ9ca3OL8gQ-eJ49yI7cY99aak7yxmtXKb8dhiheYN1WtFStvWHpdz_inreM9J7NTyGJVItz6koCH-r1qB9zlZPFpjc9Zk9c7jSdyHrml-mc7I-QZptRYubT-1kK28KHbkPyV71hyvrJpI9VSLLhKcOTCUdPjPACM1Wh2h-61NURuCXCRjeMQkqF5hMIX2BbGUmBt_v2jqyDQUYWc5D0V5t0S-yXBLCBItJOuiaSpDUvrhuFRWDlOXy1CSmeewx4owKxku7NxjahfrIMVLwVNzDxBOnfWgWCuLqZdUbItaRrC4RKEmLJZ9E7OgmvO5i2JCMh-_CriWsLE9lVvI2k2vaTb4SuGkS_ra-Fb9o5KBSGbaEw5RSgH-G_Ww8cXFGbAcEGV-4cMoh2GBoAuza0jJ315OxB2Fgd0X5vle546MOGIoaJHOSO2IFhqe8uZ5BFQLjE6QYqC31uW15u3JYh83BoaAeXfzqTk8DP9LLMB3aF5-oywAlV5IsfgvwVgbvDugrXPE6ixd57nBuHNSeWx-6HC_aAAqkrDJsoNCEHkT3Wdz-39-i8DXWBMxXgUhwccsVAPuRhtNQED3mu66DkyZ8gGAUTMHD2KEE7GTW0lBLx2tgw2fAnHqDuV468b9kEBDPiOI_m_d_Lx2-OdKHQAsCGGFpoW1U-Po1sI-mFKCDOEY35aQrTma7sDuDFRrrHWkqKSQ1BS4VKBcIk7eAK7SnN8XrwEiqy70Xp3mEsZSzYwukDznGCA3_4to9SO4wly-9FP2C7tbmeICIrHozxR0HVnkycPXEmt0R_bePmSnIICrDHDFl5ji1mclawxdRo1MdGvXdTgiEqfWAORiZYMP39rgOI73v-_2saptTWUrAgg2h0wAz1zM7V6fk0NwoVfb6bqWQ_xYqvOX_LLV6itdXG3qDJ3MCOkB-jRJ4A6WmX0rjtGxdlQU8NpHUYKNMXfyykEA98OFn54EesmPgrhpaFgS7-erIHkyRRe1_a1m5QeMfjQZuuYadkNPuvuSuk-SixT7wMjIYMps9a0QApJAdUFiqVgWEp8lKSiob2j2txO_Jd2JMB&sai=AMfl-YQQsGcw2OMfOURZvbrSKT_jn88yl5j-L-UXt1jYf6cw0_To5IQFBhJbv_4x83mUgoAaMkAgGknAV7uIrEEsS72Sp3ipSph6HGovhSukPNt_oZbzUOcHTKwUue70x7ry996AQJHpkE-Y_czrWeslcd-SsFkWtvT-q_VR6aWawSfyOJVgUy4YKhPaQp4nUstzvlS7qgLY5l5QnU1qqcLsjrHPjHqmdpTDkZDyTVUryMp1w-ndJRCLhg&sig=Cg0ArKJSzM5p5nYWC1xLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 10 Dec 2022 06:27:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 10 Dec 2022 06:27:51 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 1E2A 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 15:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Dec 2022 15:32:31 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 1E2A 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 23:59:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
23317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 23:59:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1E2A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 07:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 07:06:25 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1E2A 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 18:19:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
43722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14217
x-xss-protection
0
server
cafe
etag
13612117104345174519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 18:19:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1E2A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 16:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
49646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 16:40:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 1E2A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
65842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 12:10:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E2A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 06:27:51 GMT
css
fonts.googleapis.com/ Frame 8772 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 05:13:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 10 Dec 2022 06:27:51 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 8772 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
65842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 12:10:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 8772 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
65842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 12:10:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 8772 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 16:40:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
49646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 16:40:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 8772 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
65842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 12:10:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8772 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 06:27:51 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 8772 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 21:34:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
377591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 20:45:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 05 Mar 2023 21:34:40 GMT
truncated
/ Frame 1E2A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d628da12cb4e2cc6de167c9de0a610b24842a8c88a9afec2564d638234f33df

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 57F8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
557309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 19:39:22 GMT
expires
Sun, 03 Dec 2023 19:39:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5AC4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tsikavi-fakty.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
34618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 20:50:53 GMT
expires
Sat, 09 Dec 2023 20:50:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9185 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3192511b6c7beea02927cb9b6fc742bbfb35e31530a083db1fb924738d0c81a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iBu8Iab8h6jOZdt7VNUKPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tsikavi-fakty.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-iBu8Iab8h6jOZdt7VNUKPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 06:27:51 GMT
expires
Sat, 10 Dec 2022 06:27:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dvtp_src.js
cdn.doubleverify.com/ Frame 1E2A 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=28887302&sid=443002&plc=352921235&num=&adid=&advid=8650961&adsrv=1&btreg=544218896&btadsrv=doubleclick&crt=181723368&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee05 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 06:27:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 11:39:13 GMT
Server
Microsoft-IIS/10.0
ETag
"8065f8730ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3315
index.html
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/ Frame E791 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f33b0376b952ae01acc10dc1d4bcebbe09d0b238e99f7e6d54aa8b04e441e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
105722
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1756
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Dec 2022 01:05:49 GMT
expires
Sat, 09 Dec 2023 01:05:49 GMT
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921235;a.a=544218896;cache=707355450;
ad.atdmt.com/i/ Frame 1E2A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921235;a.a=544218896;cache=707355450;
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:f:face:b00c:0:8c Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 57F8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 12:35:43 GMT
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 5AC4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 12:35:43 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C0DE 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
1886
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 05:56:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9185 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=3123382991985673&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
style.css
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/styles/ Frame E791 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
682b54b5c9a38b017d9063f27038dbcabea5b3e2cd1e52c852514757d7e335f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 20:40:41 GMT
brand.css
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/ Frame E791 		0
0
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E791 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Dec 2022 06:27:51 GMT
easepack_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E791 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Dec 2022 06:27:51 GMT
initialLoader.min.js
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/ Frame E791 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/initialLoader.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1989
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 10:39:02 GMT
fontfaceobserver.standalone.js
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/ Frame E791 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/fontfaceobserver.standalone.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 07:13:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602043
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1674
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Dec 2023 07:13:48 GMT
custom.js
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/ Frame E791 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec4da734410948861d16c114b2b6cf5ad702c04ef2c0f5c51edf3cfc6d1461db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 03:16:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97873
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1204
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 03:16:38 GMT
logic.js
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/ Frame E791 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4971e9fc754d2504d1ea41e28651652135710c47d6a5a9388699c56ac15e0691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 03:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97078
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2263
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 03:29:53 GMT
messaging.js
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/ Frame E791 		3 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/messaging.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
941
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 10:39:02 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C0DE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 06:27:51 GMT
expires
Sat, 10 Dec 2022 06:27:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 10 Dec 2022 06:27:51 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv-measurements3317.js
cdn.doubleverify.com/ Frame 0D4A 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3317.js
Requested by
Host: tsikavi-fakty.com.ua
URL: https://tsikavi-fakty.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee05 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sat, 10 Dec 2022 06:27:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Dec 2022 09:45:11 GMT
Server
Microsoft-IIS/10.0
ETag
"80ad389920ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108147
chevron.png
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/images/ Frame E791 		190 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/images/chevron.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/styles/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 06:32:13 GMT
x-content-type-options
nosniff
age
86138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 06:32:13 GMT
aldine_light.woff2
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/fonts/ Frame E791 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/fonts/aldine_light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/styles/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 19:46:32 GMT
x-content-type-options
nosniff
age
556879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24316
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 03 Dec 2023 19:46:32 GMT
generate_204
tpc.googlesyndication.com/ Frame 5AC4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4kULNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
config.js
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/config/ Frame E791 		933 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/config/config.js?r=0.6376890526414982
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17059baa398a31c5dd904888fe4c75fa47719ee0fa2ce1a04a927876984a1474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
561
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 06:27:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 57F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BM-Gs5iaUY4GRF42QtwfTsqFAAAAAADgB4AQC&bg=!7e6l7qrNAAYgquz3AKo7ACkAdvg8WgXLq5nV25NEa34XVO0liLBDHHL7LT6c5689e2x4qn-_Fy9ltAIAAACsUgAAAAJoAQcKABOi5YKJKiikmAZciA4MXOr04F4umQLgmjd-6RAtJlctnzWbulX-drCHTezIlBgD99L_u_o_BPHlMV6MwVX5Cq4BlRpW_m_sjfJZTaFx8IblbdBZt71vpz8GIBWsk4lZAbYUZRIkxdHmYcz8ds-wJAZy82CirWnI8DZ9gLsEkUKrPhJxg2GKLGpFsdIZJ8Ui1iF6rG-ioyF83EB0FEXNOB6TBu-g7M-H01n01DibAnOoAOXJpmq2LfU6ZfzBhi7EspCZSz_YZe_Dte0CMc2RiA4VYTX85rvPnGTXcslUXxS3rariFfnYcFOxyBejeaD9h6zivTMrR3fmC84_62Jh6VcaMNKzxXV50M3ntz6hr4JHfJ1Oe4s82-MsuhK05caknixwMbjwgw_C__e_8A5QcX6o-BcFmByhIXwBNjjIrHFw-jDxUUC3_NXBz7zk5x-3iAxvyfVpYuDGymSEUSwfeOpSAKZwNPm5tesmdH2gsg8xa9y9X_X8KOv4aCkhtjZxSJrJLIFUYtns5S3R6jnuGPxwL0Qfur4dt1PAwW3JHFE2_uk6Ql6kYnnxUPXEFhfwYjmmdwIIBa4EV2SL3RyBkSRtGs3R5B1TXobhQnzlF8TTXuIos84apqDWN8HYFlftmkWw9Cv2GqvHD7Y1B-y0lYFAUq-xJBmiOA8i7DS8LewQtLOsARYC9zBRfE3LcsXJZQXCjD9fgwK1ph7iSz0Ue-ALgnTRFSiaBjGX3dYEjt82TCe-ZjbBPkPU6u1OwOSFAJqaprdsW7s91GD3zm_TUdyWPDvwhR8y6eDaZb-zPhxDASmaDmP78ztNnW1rua-3u5cCn1MZRHY5GtIDL6C4qx3Z6E2GTS4MkMZ7T-ttP3X719JQT03DisYLAtGZmDGrjdOswC7CXm3g3BC9-wRHnN9W2eUjjNoL59MwfYpWojUbmydR28Ni2JN8NhR9HSB40pj3ebwNVsrokULpLSl3nbELuQ9xjtg46O6tIpPOkWD3FJnGluht7g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 06:27:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bedroomViewSea-tier1-874x108.jpg
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/images/ Frame E791 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/images/bedroomViewSea-tier1-874x108.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602913e9f4a9e9a2debcff78a3d90cdd6d16925585478eb5bc13e1b6e534095b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:39:02 GMT
x-content-type-options
nosniff
age
71329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15353
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 10:39:02 GMT
connector.png
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/images/ Frame E791 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/images/connector.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 10:39:02 GMT
x-content-type-options
nosniff
age
71329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76141
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 10:39:02 GMT
visit.js
tps.doubleverify.com/ Frame 0D4A 		978 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=155&ttfrms=27&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauED%3A%3C2G%3A%5C72%3CEJ%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauED%3A%3C2G%3A%5C72%3CEJ%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=299&ddur=234&uid=1670653671700643&jsCallback=dvCallback_1670653671700691&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=124&winw=1005&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3317&tgjsver=3317&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221206%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D318159121%26client%3Dca-pub-6045510541183088%26fa%3D1%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26xpc%3DqFsFkSn1YX%26p%3Dhttps%253A%2F%2Ftsikavi-fakty.com.ua&fcifrms=7&brh=2&sdf=2&dvp_epl=200&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=28887302&sid=443002&plc=352921235&crt=181723368&btreg=544218896&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=17399728.269201446&dvp_tukv=1373211138020.163&dvp_uuid=1103056098072.3452&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=110820363063&jurtd=3831735677
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
bdbdf30c603f8fd4e027360fd3cf50e05b691d890d152be5c7e0894ed9b8b926

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 10 Dec 2022 06:27:51 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
close
Expires
12/09/2022 06:27:51
aldine_light_italic.woff2
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/fonts/ Frame E791 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/fonts/aldine_light_italic.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/styles/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 06:32:13 GMT
x-content-type-options
nosniff
age
86138
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26720
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 06:32:13 GMT
hotel_names.json
s0.2mdn.net/json/ Frame E791 		43 B
62 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/json/hotel_names.json
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/scripts/custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 10 Dec 2022 06:26:16 GMT
x-content-type-options
nosniff
server
sffe
age
95
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sat, 10 Dec 2022 06:41:16 GMT
logo.png
s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/images/ Frame E791 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/images/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
085bf9ca7dac86b02f69100debdf190e2a26033a81436267724f1d3de91b2a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 04:07:31 GMT
x-content-type-options
nosniff
age
94820
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1673
x-xss-protection
0
last-modified
Fri, 04 Nov 2022 04:10:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 04:07:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=3123382991985673&bg=!ysmlyY3NAAYgquz3AKo7ACkAdvg8WkBY05o_XVXTVXH8hV_wHwZoMnHl1Qdtvd8YffkdT70WtMWvGAIAAADUUgAAAAdoAQcKAIvbafnw9TtJp2TaBd3sc5Xgo3Z22ncZ4W809JlKxHUJHaC8Mwjho1ARi-9fThAQVCTSN_dDAG_SOro7gAlHTMJ6XUBJSrEO4JfVFkmEULa1HI9a5HVsLgEwAjRtd3en6_NNfz4T7NOX2B0Ppu-IvLfjgGwXI2hgmslHPaCzrE7X1IvUqSOvM2oGuOHNmQKeE0YrLDeLqwuoHDCq5DZNQYds5cxuek4Hcd107D_BErQ97-rAMqbeqIrOXf9GwSQ8VStgb_DFcSQ9z--Oi8Vcxoxs30CLe2M1CdwBrM4Mff3SyTqYl4iiJNdPM9kXsde4giqIWQ9jUzHADotHpVPy0Odj_hDyC7yEvaolRhDnMqPYFvezhawEWz-mDXaVeiZM79dp155yI77faUjlq8Pt08919EU9Ai8SJIl0lvsuvFyiUqeAJyv6qEXeSjILj-ltzfSwQnH13ASDpRb2efi46GjUYowrsCo-K9z55GCKUGMglhSEbgxm9zC5Ny31ki-mMcV-mfkaJUixDchpBjycY-ay4_gB9b0CKQftbcI9uPB3IOM43dV-lTF0ESzZN1PJX1yDqWSk6wfJzj3wbKqchLb_9EZbl9Bu-FReHnFs1jg0i7Aw4pcpadj_MyewbTI7NL8zvMyLO1saMfCy7yFli1pDThlJ2_aGd8E3TLY4WgrlcB_VVHvUj5Y1PdNqVXnXVktGlnhM_U9g55ebSmcnhDfoJ0NHs6QV8VxeMWgYO2WJX028FfsEGhZ3DwjUKaBGJ7SagaTNbgUiEywrW9dk9C-dHPGqLW0_6cO68AELLdzvPJAXnsnAhAY3QkU7g-d9uBNxKufoz_gTrczVWbaQ7M2vZFmfbus9995F5pC4ZSe_q6_AjS0arBlp3AMzmtDfvLKhHJjpk3A9mly9jLfEfdhOnA6CsLCnpxyjnw1fxVvyt0IS95I6C5hxCebRwxkp28Ka2vAJpqUL6MFf6B4ZuFaVzXQGfKZRKBjGHiFvEilqwGk5YV329x_B0K62eKWszVP0EJagXjKWNP6FseHx3MgyV4BdwHkHe4XzBwNi-IiV4pKWm43wq7ks0TeMbQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tsikavi-fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 1E2A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiBVk6qQ_zV2iL30eCX9QjYE29MpYVMmoRJ0m-Zz3WUI2wUnjFtfT_lgjgXbdXg4hVtoW1gCTwW1OBR12iXghJuBtiC6OLUiN9bsQ1j_iG2q85zjYnXwknap1DmrGVomG8NQfAItzQ_5gpEiVRrPT9SiEH6g1c5JrFudG1Odqzrb73EBcAm0yfotxv2vo1gw&sai=AMfl-YSJ94SdgmLOV9x9a7friKzFX7EMnqfJcel7zQQh5urcTO5AgkD1Jf8ZQbYiIlPrnrMDbfRW4kwe8GobWqc&sig=Cg0ArKJSzD75B6rGi_67EAE&cid=CAQSGwDq26N9UvfUwY4OH5DT5GUW-xUMbR07PsL2RxgBIBM&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,701,1000,1039,1039&tos=0,701,299,39,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=20&adk=318159121&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670653670965&rpt=340&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 10 Dec 2022 06:27:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-eu3.doubleverify.com/ Frame 0D4A 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=a4af0410bb9341aabb4933261a007240&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=284&eoid=14&msrjs=3317&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=234&tetms=10&msltms=131&vltms=284&sei=290&vetms=11&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=36&isumms=35&nvr=6&isgmmims=35&isgmv4mims=35&elmtp=1&isbxdms=2335&b0=100&b9=108&b10=2200&adhgt=125&adwdth=1005&norwdth=1000&norhgt=125&vsos=6&dvp_vsosnmr=16&lftb=2408&sftb=2408&msrdp=2&naral=640&vct=512&vphgt=1200&vpwdth=1600&chgt=124&cwdth=1005&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1035&isuiabvms=1035&iscvmvms=1035&engalms=34&engscrlms=143&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=2&metp=2&meeid=1&ttfurm=3316&cbust=1670653674992948
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 10 Dec 2022 06:27:55 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
12/09/2022 06:27:55

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/brand.css

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange object| mts_ajax_loadposts function| fnDelay undefined| $ function| jQuery object| paceOptions object| Pace object| dataLayer function| _katexRender function| katexRender object| mts_customscript object| slideropts boolean| mtsRTL function| EventEmitter object| eventie function| imagesLoaded object| katex object| wp object| $this object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| googletag object| google_image_requests

7 Cookies

Domain/Path Name / Value
.tsikavi-fakty.com.ua/ Name: _ga
Value: GA1.3.1883540078.1670653670
.tsikavi-fakty.com.ua/ Name: _gid
Value: GA1.3.786095266.1670653670
.tsikavi-fakty.com.ua/ Name: _gat_UA-153396395-1
Value: 1
.tsikavi-fakty.com.ua/ Name: __gads
Value: ID=6a9c57ba10c59ef4-22b8306ce5d80048:T=1670653670:RT=1670653670:S=ALNI_MZb-kpq37iYcVg5jrUA_7NBVYh96w
.tsikavi-fakty.com.ua/ Name: __gpi
Value: UID=00000577b6dd53ae:T=1670653670:RT=1670653670:S=ALNI_Mb-DpLDo-FCkIYmYuXaakTyAKdZTg
.doubleclick.net/ Name: IDE
Value: AHWqTUmmmn9Ofp6YQhwyKIJL5nfF06ieCXR4ZwPSwZmQfkwH0ABKqWPPLhArZkldrOg
.doubleclick.net/ Name: DSID
Value: NO_DATA

3 Console Messages

Source Level URL
Text
network error URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921235;a.a=544218896;cache=707355450;
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/index.html
Message:
Refused to apply style from 'https://s0.2mdn.net/sadbundle/5256934865788967409/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_zrBVy9/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://s0.2mdn.net/json/hotel_names.json
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
adservice.google.co.uk
adservice.google.com
cdn.doubleverify.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
tsikavi-fakty.com.ua
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
s0.2mdn.net
142.250.186.130
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2006
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a02:26f0:480:9::210:ee05
2a03:2880:f045:f:face:b00c:0:8c
2a06:98c1:3120::3
2a06:98c1:3121::3
34.149.12.213
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
01fc92b7704c3e3baaefd2ce87ce17e2ea266a1bb4244f032da25931e9c6fb92
085bf9ca7dac86b02f69100debdf190e2a26033a81436267724f1d3de91b2a1c
1029f063e38cc8d43ff9c7cac71271b3cd0c77924699b71e2074d2edc9a1b4e3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13769db2034115079afb72e27c08e569b06b6bbe412de0f87f9a9e56a9a244b1
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
17059baa398a31c5dd904888fe4c75fa47719ee0fa2ce1a04a927876984a1474
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9
1be702d24bd54ea430325573b3ae73e42f0e438b4705843384c29305e9bfdb63
1c467919d48705c63ac71127205b2592dd1926d8eb1d2c2393e1bd01d44d3c47
25435081b566fabcdbd8aefccc92d177ab36fd769be542d69ee85fdc516cb981
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
3157ff9344c461b55846d95140931765a14095b22e5264bdaba6ab8ec3e55792
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3192511b6c7beea02927cb9b6fc742bbfb35e31530a083db1fb924738d0c81a9
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3b63f2a8f59a6177de0dfd582562e28022c5ef87632f39178001f5b8c5df9860
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d628da12cb4e2cc6de167c9de0a610b24842a8c88a9afec2564d638234f33df
44c75665b9862b5a75834897dda157cb99abd4beaf03d23ffcf484336b3ccb28
45afa6fd9d72bdcbe004c40c4ab60dd04c66db3ab9ad8dae77451719cea0f1f4
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4971e9fc754d2504d1ea41e28651652135710c47d6a5a9388699c56ac15e0691
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4e1f1b4f5c87057bf15bd734cb226c426365a5ad235da96048f9e710f4df64b9
502a26b163ad0c4b0c024fff080fcacbdc20343be2aa5728db33b18fc0d4d525
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54b1357bb1e71a21b7bafb91ea89b2a5008b5c4b27518c12ab4712fc57ad5a5c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
591682a200f9e6167a454dc5f3e9f066f22ed523add013f1b9a9c120dbb1bca2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e4ba2e7674a24883e0e33ea0dff4665b17a48e951f1b28ff7e8521888aaa4a3
5e710dbaf053fae980e405b9cd3e04e2a06b70bc574e20138e4e4758c32b5e5f
602913e9f4a9e9a2debcff78a3d90cdd6d16925585478eb5bc13e1b6e534095b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6643473855f449fb42ba65e150ad33edbb25e237b4c795f82c559fc65b7e1a8b
682b54b5c9a38b017d9063f27038dbcabea5b3e2cd1e52c852514757d7e335f2
6a9627b6c165b0c48d2345ce464b2599a4826cdb7ba5c8f9fd046bcb4bfc098c
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6c992151a1f6b4f3377beeed90146b6dea77215a5e7baf0a5217c3f6345b9fbe
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543
762a2c71852a8f8daa3b52eb872e6b642d0fae95d87cdab5e4a1fd0e144a7dc4
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8b3a8dd97b766ae810b61a1ca31f7204a1b8798aca73663ac40939f7ae002f7d
8d10fa51d773ec643fa6caf9c1098a5500407cac577a01fbdb4249b22b24f2ab
8f33b0376b952ae01acc10dc1d4bcebbe09d0b238e99f7e6d54aa8b04e441e90
960ac92847369d4dc7769a0fdd8b951790a8ad116ec10d6d68764bcffa61bbd8
9a4a66a36b1450f337384ea80e6fd90719e8171ea9ab67ed1f455883aaf3e767
9a7edf750ace5c5abb39c3ea35f07225e5005f511c7292bf6bbbacd42572a99f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa2646898fdab627bdfac19e324eb1c6d52990428fb2722b3b373325de8fa653
aa4103c4901ce29243e7d25d4e4b3d727543ce45a307f72452884dfc2f1ba717
b0142d336c4b4ab29c72e071a78874f33b811c545411e2e76835237919f42df4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b417896c4b22d4728ccdb78b54b1240047d80a8b5a195a2bed0b7a6e3f20a7da
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bdbdf30c603f8fd4e027360fd3cf50e05b691d890d152be5c7e0894ed9b8b926
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5dd0e68ff4749e012c245a7d5070af5709d73366c61b367820a939851b06683
c6cf25b087c6f4c67b356828b6bbacea19dc192bce47fc0a307b757dd533dc33
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa9dfc75c750a318188f90245c9d6532bb24418ee2f3d06a7373ca28478871b
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d3a80166b9298c2fd0bb8a7becc5fc1f390315a5cc44666b241ef16fcbd34d95
d9ec89f73a589a32f7bc417810b50076b1703bb5d7214a18287c3ff6a510cc28
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4
eaf1afe9dcd35502f06ec369beade258b4bb1f77e946a0073b9bd503b9cda8ac
eb79b3952cee32bf332e840b7e4c16c638a7ba35ca332e558d6036b2b30cc98a
ec4da734410948861d16c114b2b6cf5ad702c04ef2c0f5c51edf3cfc6d1461db
edf558cbd90fe029ee6273e60b47eb6a0642a2cc1e3d953b48ce53edf6537102
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f587de8c2fd31cc618c6f0b2f8edf71b65ad90fea1bcfd9acda28fcc70ca2a79
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd7ce8efd9e8c3b36cb560bcde9d63ea3424fb5952ec8a402f0153b846e008ab