urlscan.io logo urlscan.io
SecurityTrails logo

fakty.com.ua Open in urlscan Pro
104.26.2.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fakty.com.ua/
Effective URL: https://fakty.com.ua/ua/
Submission: On October 24 via api from QA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 80 IPs in 13 countries across 62 domains to perform 346 HTTP transactions. The main IP is 104.26.2.172, located in United States and belongs to CLOUDFLARENET, US. The main domain is fakty.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.
This is the only time fakty.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 104.26.2.172 13335 (CLOUDFLAR...)
2 104.21.52.113 13335 (CLOUDFLAR...)
10 172.217.23.98 15169 (GOOGLE)
1 142.93.100.57 14061 (DIGITALOC...)
2 142.250.185.72 15169 (GOOGLE)
1 5 146.59.10.80 16276 (OVH)
5 213.174.135.1 39572 (ADVANCEDH...)
6 188.40.114.52 24940 (HETZNER-AS)
5 185.239.173.210 55081 (24SHELLS)
7 142.250.186.142 15169 (GOOGLE)
1 146.59.30.96 16276 (OVH)
10 104.16.240.21 13335 (CLOUDFLAR...)
1 142.250.186.110 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
31 142.250.186.34 15169 (GOOGLE)
5 142.250.186.97 15169 (GOOGLE)
1 142.250.185.174 15169 (GOOGLE)
4 74.125.140.154 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
1 1 162.55.6.212 24940 (HETZNER-AS)
1 2 62.149.0.72 15497 (COLOCALL ...)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 37.18.16.16 205675 (HYBRID-AS)
2 104.26.8.169 13335 (CLOUDFLAR...)
1 188.42.29.196 7979 (SERVERS-COM)
1 23.37.38.181 16625 (AKAMAI-AS)
6 213.19.162.61 3356 (LEVEL3)
1 104.16.190.66 13335 (CLOUDFLAR...)
1 104.18.2.114 13335 (CLOUDFLAR...)
1 147.75.38.124 54825 (PACKET)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 35.244.159.8 15169 (GOOGLE)
1 46.249.52.249 50673 (SERVERIUS-AS)
1 185.239.173.66 55081 (24SHELLS)
6 52.57.243.4 16509 (AMAZON-02)
3 8 185.33.220.100 29990 (ASN-APPNEX)
2 3 72.251.249.9 29791 (VOXEL-DOT...)
1 135.125.163.79 16276 (OVH)
1 178.250.2.131 44788 (ASN-CRITE...)
1 142.250.185.142 15169 (GOOGLE)
8 142.250.185.162 15169 (GOOGLE)
17 172.217.23.97 15169 (GOOGLE)
2 142.250.186.100 15169 (GOOGLE)
1 104.16.87.20 13335 (CLOUDFLAR...)
8 142.250.185.98 15169 (GOOGLE)
16 2.18.232.109 16625 (AKAMAI-AS)
10 30 172.217.18.98 15169 (GOOGLE)
6 12 2.18.234.21 16625 (AKAMAI-AS)
2 18.192.155.173 16509 (AMAZON-02)
2 143.204.98.105 16509 (AMAZON-02)
3 34.95.81.22 15169 (GOOGLE)
11 216.58.212.166 15169 (GOOGLE)
8 213.254.244.11 36062 (DOUBLE-VE...)
6 142.250.184.194 15169 (GOOGLE)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 2 35.190.0.66 15169 (GOOGLE)
5 5 3.120.169.248 16509 (AMAZON-02)
1 52.73.9.252 14618 (AMAZON-AES)
3 3 213.155.156.185 1299 (TWELVE99 ...)
1 142.250.185.170 15169 (GOOGLE)
1 4 142.250.184.198 15169 (GOOGLE)
1 82.113.101.132 6805 (TDDE-ASN1)
1 54.175.30.20 14618 (AMAZON-AES)
1 4 18.197.46.208 16509 (AMAZON-02)
1 3.123.176.85 16509 (AMAZON-02)
16 204.154.111.150 36062 (DOUBLE-VE...)
1 2 52.211.123.64 16509 (AMAZON-02)
1 185.239.174.10 55081 (24SHELLS)
1 1 46.228.164.11 56396 (AMOBEE)
1 50.116.194.21 6336 (TURN-US-ASN)
2 91.228.74.189 16509 (AMAZON-02)
2 2 37.157.2.234 198622 (ADFORM)
1 1 143.204.98.94 16509 (AMAZON-02)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 76.223.111.18 16509 (AMAZON-02)
2 2 18.184.95.242 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 108.128.194.236 16509 (AMAZON-02)
1 216.239.38.21 15169 (GOOGLE)
1 72.251.249.13 29791 (VOXEL-DOT...)
1 216.239.34.21 15169 (GOOGLE)
1 209.197.3.19 20446 (HIGHWINDS3)
3 2.18.232.99 16625 (AKAMAI-AS)
2 178.250.0.130 44788 (ASN-CRITE...)
4 178.250.2.146 44788 (ASN-CRITE...)
17 104.16.12.64 13335 (CLOUDFLAR...)
1 143.204.98.98 16509 (AMAZON-02)
5 2.18.235.40 16625 (AKAMAI-AS)
5 130.211.115.4 15169 (GOOGLE)
1 51.195.5.234 16276 (OVH)
346 80
26    104.26.2.172 (United States)

ASN13335 (CLOUDFLARENET, US)
fakty.com.ua
2    104.21.52.113 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
10    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
1    142.93.100.57 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.onthe.io
2    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
5    146.59.10.80 (Norway)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
5    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
files.adtelligent.com
6    188.40.114.52 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.52.114.40.188.clients.your-server.de
tt.onthe.io
5    185.239.173.210 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
7    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
1    146.59.30.96 (Norway)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu
ls.hit.gemius.pl
10    104.16.240.21 (United States)

ASN13335 (CLOUDFLARENET, US)
api-esp-eu.piano.io
1    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
ampcid.google.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
adservice.google.de
31    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
adservice.google.com
pagead2.googlesyndication.com
5    142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
1    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
analytics.google.com
4    74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.de
1    162.55.6.212 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
2    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    37.18.16.16 (Zvenigorod, Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    104.26.8.169 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    188.42.29.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    23.37.38.181 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
6    213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
1    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
1    104.18.2.114 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    185.184.8.65 (Poland)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
1    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adtelligent-d.openx.net
1    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
1    185.239.173.66 (United Kingdom)

ASN55081 (24SHELLS, US)
ghb1.adtelligent.com
6    52.57.243.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-243-4.eu-central-1.compute.amazonaws.com
ice.360yield.com
8    185.33.220.100 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    135.125.163.79 (United States)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
rtb.adxpremium.services
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
ampcid.google.de
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
adservice.google.de
googleads.g.doubleclick.net
ade.googlesyndication.com
17    172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f97.1e100.net
tpc.googlesyndication.com
2    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    104.16.87.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googletagservices.com
16    2.18.232.109 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-109.deploy.static.akamaitechnologies.com
cdn.doubleverify.com
cdn3.doubleverify.com
30    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
12    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    18.192.155.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-155-173.eu-central-1.compute.amazonaws.com
d.agkn.com
2    143.204.98.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-105.fra50.r.cloudfront.net
rumcdn.geoedge.be
3    34.95.81.22 (United States)

ASN15169 (GOOGLE, US)
PTR: 22.81.95.34.bc.googleusercontent.com
c.4dex.io
11    216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net
s0.2mdn.net
8    213.254.244.11 (Ireland)

ASN36062 (DOUBLE-VERIFY, US)
rtb0.doubleverify.com
tps20511.doubleverify.com
tps20522.doubleverify.com
6    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    35.190.0.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
5    3.120.169.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    52.73.9.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-9-252.compute-1.amazonaws.com
sync.adaptv.advertising.com
3    213.155.156.185 (Ascension Island)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
ajax.googleapis.com
4    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
6517501.fls.doubleclick.net
1    82.113.101.132 (Ingelheim am Rhein, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
1    54.175.30.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-30-20.compute-1.amazonaws.com
gw.geoedge.be
4    18.197.46.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-46-208.eu-central-1.compute.amazonaws.com
eu.sportradarserving.com
1    3.123.176.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-176-85.eu-central-1.compute.amazonaws.com
aws-fr.bidswitch.net
16    204.154.111.150 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb33.doubleverify.com
tps.doubleverify.com
tps10239.doubleverify.com
tps10278.doubleverify.com
tps10236.doubleverify.com
2    52.211.123.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-123-64.eu-west-1.compute.amazonaws.com
segment.prod.bidr.io
1    185.239.174.10 (United Kingdom)

ASN55081 (24SHELLS, US)
d.adtelligent.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    50.116.194.21 (United States)

ASN6336 (TURN-US-ASN, US)
PTR: presentation-atl1.turn.com
r.turn.com
2    91.228.74.189 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    143.204.98.94 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-94.fra50.r.cloudfront.net
s.ad.smaato.net
2    66.155.71.25 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    35.210.53.219 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    76.223.111.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    18.184.95.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-95-242.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    18.156.0.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    108.128.194.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-194-236.eu-west-1.compute.amazonaws.com
tracker.growthbuddy.app
1    216.239.38.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net
tags.feedad.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    216.239.34.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
api.feedad.com
1    209.197.3.19 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
3    2.18.232.99 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-99.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
secure.flashtalking.com
2    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
17    104.16.12.64 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
1    143.204.98.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-98.fra50.r.cloudfront.net
js.ad-score.com
5    2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
5    130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
1    51.195.5.234 (France)

ASN16276 (OVH, FR)
PTR: p36.id5-sync.com
id5-sync.com
Apex Domain
Subdomains		 Transfer
60 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
6517501.fls.doubleclick.net
313 KB
51 googlesyndication.com
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
270 KB
40 doubleverify.com
cdn.doubleverify.com
cdn3.doubleverify.com
rtb0.doubleverify.com
tps20511.doubleverify.com
tps20522.doubleverify.com
tps.doubleverify.com
tps10239.doubleverify.com
tps10278.doubleverify.com
tps10236.doubleverify.com
442 KB
26 fakty.com.ua
fakty.com.ua
926 KB
17 bannerflow.net
c.bannerflow.net
167 KB
14 adtelligent.com
player.adtelligent.com
ghb.adtelligent.com
files.adtelligent.com
sync.adtelligent.com
ghb1.adtelligent.com
d.adtelligent.com
22 KB
13 casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
16 KB
11 2mdn.net
s0.2mdn.net
311 KB
10 piano.io
api-esp-eu.piano.io
32 KB
8 googletagservices.com
www.googletagservices.com
189 KB
8 adnxs.com
ib.adnxs.com
21 KB
7 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
8 KB
7 google.com
ampcid.google.com
adservice.google.com
analytics.google.com
www.google.com
3 KB
7 google-analytics.com
www.google-analytics.com
20 KB
7 onthe.io
cdn.onthe.io
tt.onthe.io
20 KB
6 ad-score.com
js.ad-score.com
data.ad-score.com
108 KB
6 bidswitch.net
x.bidswitch.net
aws-fr.bidswitch.net
3 KB
6 360yield.com
ice.360yield.com
3 KB
6 4dex.io
script.4dex.io
mp.4dex.io
c.4dex.io
35 KB
6 gemius.pl
gaua.hit.gemius.pl
ls.hit.gemius.pl
15 KB
5 moatads.com
z.moatads.com
px.moatads.com
102 KB
5 criteo.com
bidder.criteo.com
gum.criteo.com
6 KB
4 flashtalking.com
servedby.flashtalking.com
cdn.flashtalking.com
secure.flashtalking.com
34 KB
4 sportradarserving.com
eu.sportradarserving.com
11 KB
4 lijit.com
ap.lijit.com
ce.lijit.com
2 KB
4 google.de
adservice.google.de
www.google.de
ampcid.google.de
2 KB
3 de17a.com
d5p.de17a.com
1 KB
3 advertising.com
sync.adaptv.advertising.com
pixel.advertising.com
955 B
3 geoedge.be
rumcdn.geoedge.be
gw.geoedge.be
89 KB
2 criteo.net
static.criteo.net
55 KB
2 feedad.com
tags.feedad.com
api.feedad.com
626 B
2 yahoo.com
ups.analytics.yahoo.com
2 KB
2 3lift.com
eb2.3lift.com
938 B
2 admedo.com
pool.admedo.com
713 B
2 sitescout.com
pixel-sync.sitescout.com
978 B
2 adform.net
c1.adform.net
1 KB
2 quantserve.com
cms.quantserve.com
927 B
2 turn.com
ad.turn.com
r.turn.com
857 B
2 bidr.io
segment.prod.bidr.io
1 KB
2 travelaudience.com
ads.travelaudience.com
720 B
2 agkn.com
d.agkn.com
1 KB
2 googletagmanager.com
www.googletagmanager.com
100 KB
2 adtcdn.com
player.adtcdn.com
155 KB
1 id5-sync.com
id5-sync.com
530 B
1 growthbuddy.app
tracker.growthbuddy.app
379 B
1 smaato.net
s.ad.smaato.net
444 B
1 o2online.de
portal.o2online.de
607 B
1 googleapis.com
ajax.googleapis.com
33 KB
1 mathtag.com
sync.mathtag.com
830 B
1 jsdelivr.net
cdn.jsdelivr.net
9 KB
1 adxpremium.services
rtb.adxpremium.services
767 B
1 e-planning.net
pbjs.e-planning.net
471 B
1 openx.net
adtelligent-d.openx.net
556 B
1 creativecdn.com
prebid-eu.creativecdn.com
174 B
1 pubmatic.com
hbopenbid.pubmatic.com
114 B
1 a-mo.net
prebid.a-mo.net
168 B
1 districtm.io
dmx.districtm.io
282 B
1 betweendigital.com
ads.betweendigital.com
908 B
1 hybrid.ai
dm.hybrid.ai
238 B
1 trafmag.com
t.trafmag.com
231 B
1 loopme.me
csync.loopme.me
209 B
0 netmng.com Failed
google2waycm.netmng.com Failed
346 62
Domain Requested by
30 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
28 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
www.googletagservices.com
26 fakty.com.ua 1 redirects fakty.com.ua
17 c.bannerflow.net cdn.flashtalking.com
c.bannerflow.net
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
14 cdn.doubleverify.com ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
cdn.doubleverify.com
fakty.com.ua
ad.doubleclick.net
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
11 s0.2mdn.net fakty.com.ua
s0.2mdn.net
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
10 api-esp-eu.piano.io fakty.com.ua
api-esp-eu.piano.io
10 securepubads.g.doubleclick.net fakty.com.ua
securepubads.g.doubleclick.net
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
www.googletagservices.com
8 www.googletagservices.com ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
8 ib.adnxs.com 3 redirects player.adtcdn.com
googleads.g.doubleclick.net
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
fakty.com.ua
6 tps10278.doubleverify.com cdn.doubleverify.com
6 googleads4.g.doubleclick.net fakty.com.ua
ad.doubleclick.net
6 googleads.g.doubleclick.net ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
fakty.com.ua
6 ice.360yield.com player.adtcdn.com
6 fastlane.rubiconproject.com player.adtcdn.com
6 tt.onthe.io cdn.onthe.io
5 data.ad-score.com js.ad-score.com
5 x.bidswitch.net 5 redirects
5 ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 ghb.adtelligent.com player.adtcdn.com
5 gaua.hit.gemius.pl 1 redirects fakty.com.ua
gaua.hit.gemius.pl
4 px.moatads.com eu.sportradarserving.com
4 gum.criteo.com static.criteo.net
gum.criteo.com
player.adtcdn.com
4 tps.doubleverify.com cdn.doubleverify.com
4 eu.sportradarserving.com 1 redirects rumcdn.geoedge.be
eu.sportradarserving.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 tps10236.doubleverify.com cdn.doubleverify.com
3 tps10239.doubleverify.com cdn.doubleverify.com
3 d5p.de17a.com 3 redirects
3 tps20522.doubleverify.com cdn.doubleverify.com
3 tps20511.doubleverify.com cdn.doubleverify.com
3 c.4dex.io cdn.jsdelivr.net
fakty.com.ua
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
3 ap.lijit.com 2 redirects player.adtcdn.com
3 adservice.google.com securepubads.g.doubleclick.net
6517501.fls.doubleclick.net
3 player.adtelligent.com fakty.com.ua
player.adtcdn.com
2 secure.flashtalking.com eu.sportradarserving.com
2 static.criteo.net player.adtcdn.com
static.criteo.net
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 eb2.3lift.com 2 redirects
2 pool.admedo.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 c1.adform.net 2 redirects
2 cms.quantserve.com ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
2 segment.prod.bidr.io 1 redirects
2 6517501.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ad.doubleclick.net www.googletagservices.com
2 ads.travelaudience.com 2 redirects
2 rtb0.doubleverify.com cdn.doubleverify.com
2 cdn3.doubleverify.com cdn.doubleverify.com
2 rumcdn.geoedge.be fakty.com.ua
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
2 d.agkn.com ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
2 www.google.com tpc.googlesyndication.com
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
2 script.4dex.io player.adtcdn.com
script.4dex.io
2 sync.adtelligent.com 1 redirects player.adtcdn.com
2 adservice.google.de securepubads.g.doubleclick.net
2 files.adtelligent.com player.adtelligent.com
2 www.googletagmanager.com fakty.com.ua
www.googletagmanager.com
2 player.adtcdn.com fakty.com.ua
1 ade.googlesyndication.com
1 id5-sync.com player.adtcdn.com
1 z.moatads.com cdn.flashtalking.com
1 js.ad-score.com cdn.flashtalking.com
1 cdn.flashtalking.com servedby.flashtalking.com
1 servedby.flashtalking.com eu.sportradarserving.com
1 api.feedad.com eu.sportradarserving.com
1 ce.lijit.com eu.sportradarserving.com
1 tags.feedad.com eu.sportradarserving.com
1 tracker.growthbuddy.app eu.sportradarserving.com
1 pixel.rubiconproject.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 r.turn.com ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 d.adtelligent.com
1 aws-fr.bidswitch.net ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
1 gw.geoedge.be rumcdn.geoedge.be
1 portal.o2online.de ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
1 ajax.googleapis.com fakty.com.ua
1 sync.adaptv.advertising.com ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 cdn.jsdelivr.net ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
1 ampcid.google.de www.google-analytics.com
1 bidder.criteo.com player.adtcdn.com
1 rtb.adxpremium.services player.adtcdn.com
1 ghb1.adtelligent.com player.adtcdn.com
1 pbjs.e-planning.net player.adtcdn.com
1 adtelligent-d.openx.net player.adtcdn.com
1 prebid-eu.creativecdn.com player.adtcdn.com
1 hbopenbid.pubmatic.com player.adtcdn.com
1 prebid.a-mo.net player.adtcdn.com
1 mp.4dex.io player.adtcdn.com
1 dmx.districtm.io player.adtcdn.com
1 htlb.casalemedia.com player.adtcdn.com
1 ads.betweendigital.com player.adtcdn.com
1 dm.hybrid.ai fakty.com.ua
1 t.trafmag.com fakty.com.ua
1 csync.loopme.me 1 redirects
1 www.google.de fakty.com.ua
1 analytics.google.com www.googletagmanager.com
1 ampcid.google.com www.google-analytics.com
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 cdn.onthe.io fakty.com.ua
0 google2waycm.netmng.com Failed ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
346 106
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2021-05-06 -
2022-06-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-01 -
2021-12-30		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-06 -
2022-02-16		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.a-mo.net
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.e-planning.net
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.360yield.com
Amazon		 2021-07-29 -
2022-08-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2022-01-17		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
gw.geoedge.be
Amazon		 2021-10-13 -
2022-11-10		 a year crt.sh
c.4dex.io
GTS CA 1D4		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
protect.geoedge.be
Sectigo ECC Domain Validation Secure Server CA		 2020-01-29 -
2022-01-28		 2 years crt.sh
*.sportradarserving.com
Entrust Certification Authority - L1K		 2021-09-29 -
2022-10-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.segment.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
d.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.growthbuddy.app
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
tags.feedad.com
GTS CA 1D4		 2021-08-29 -
2021-11-27		 3 months crt.sh
api.feedad.com
GTS CA 1D4		 2021-09-17 -
2021-12-16		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-04 -
2022-02-22		 a year crt.sh
cdn.flashtalking.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh

This page contains 38 frames:

Primary Page: https://fakty.com.ua/ua/
Frame ID: D0E45D5DB78B2BB0D88245D9270512E6
Requests: 143 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: EDC3FE80B29B8D92A2355DFD7EBF1E3C
Requests: 1 HTTP requests in this frame

Frame: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8572D58162CFF35ED6B5B3FD10AAECC6
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b781b695-60ef-40d2-b56d-d361b9dfc264
Frame ID: 29D875B7306A2D951EF126DB33750C78
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2F07C6F809B066E236DE0C503E5AC033
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BC6AC2094EA1CC21E419D6C48EC3096
Requests: 2 HTTP requests in this frame

Frame: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 50D189C697EE5633E45B8F10072AEE25
Requests: 27 HTTP requests in this frame

Frame: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8FDF1A93E26C8096A85A8E619F80C560
Requests: 7 HTTP requests in this frame

Frame: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D95C61C67D1DC9AD0749AEF5BBC8B854
Requests: 14 HTTP requests in this frame

Frame: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EFE7E0028DED5F3E698D7EDDBCBE2F4D
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj1zYScATAB&v=APEucNVbMVjTQc33u9cBODT5tlAV9D9o6i3uqHeJYwiEND_HjztCADlSvGLN5ba8d4_Zl47Xa9b7dR1M_zhy4xHNjeSQCb6zBbXth0hhDSaRK1SGwbdaiRgHTY5e6c8ahRJemPCajsxwnTQ27XNPq2WCA3wkR-t21Zy5SHfd8K2Q1F1bwkx-OT0
Frame ID: 5AF4735C3ED44277B0A8F44AA102B895
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNX2O5o6BdZdXmnBJhrdIdv6uWrwNdarlDgq-AfLQoBjZ7Xq3NIqk6pRYBBKH-z8E-mqQY1wlFOjJukoW0EbRakXogahPKUltTImZ7NVBMO6d9X_lwyH4XlmMKEwUrByLVvrBI3xsvv0LqPiTv5pm4JE0gNd_rXr9XsAB6S3xKYLmCZttvk
Frame ID: 1D377D79E0CFF95C4BBBD16FF6AC0772
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj40IScATAB&v=APEucNXguwH06w1h98HRk-CBVS97XIGZXT7uyle_P42oc-QAd4GTdR_Uj14AoKxWMWLtRbDE2HWqMN04OK9etS96y8XS8bakErpjlcXw7XutgpoyFDw-RVobFjRXP_eMVViZ-h0iAoy_wdaJZ-PVgbN-MpzYhL7DSZrbCnSm6hbsG0v18ndLrCg
Frame ID: 36401F2E8F933296ABEE7236829F8798
Requests: 5 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e7e53b81-adf0-4ad4-97e3-d9b2b97276a/grumi.js
Frame ID: 6E53E0437960D4EC817368F69E875F41
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0E0BAE0CB0E4EF759ED39EDCA0B0DF30
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 848F8F6CD4769E40BA445C85C1611BB6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 78A078210D901A41B97A700065FF45CC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 686F3697D17A84F11C13351EAEDB4494
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A0273FAB94ACA4AB8849E760DD262F13
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 1A29A151C409DF0D01D65A4CC091B6C5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 6C0327E69EABEF25AEE1F9BD70E31A22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 10AE961DCEB0FCC246B1DE1D8CE067F3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
Frame ID: 1DDA0ED16E0A7E2B1E91988ED0D778E9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 045C09A43FEF4D460CA5F8F6148360F7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6A25852A9785C90564642EA19CE67CE7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: FCE79CE780036637B667C9A6C341A64F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 875D13C405E1E057D82AD32625E161DF
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: F40C8302AD61EBADAE5B808177F292B8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1649318AC1EAD1E7B988D00F5F6CCFE8
Requests: 9 HTTP requests in this frame

Frame: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Frame ID: 7310688691409803463BB17DBA951DD1
Requests: 25 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: 675537982393210614571E7BA9440479
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1800.js
Frame ID: 9C139DE685C4EF943E1DCC487DDEA75A
Requests: 5 HTTP requests in this frame

Frame: https://6517501.fls.doubleclick.net/activityi;dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F
Frame ID: 46C425F50A761C49EA7FD8A894929DAF
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=fakty.com.ua
Frame ID: 0615C3371FF77723AFCBCDEA7AC53D27
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Frame ID: 90EA0DCEE31E9131A581BD58DD8B560D
Requests: 13 HTTP requests in this frame

Frame: data://truncated
Frame ID: CB8817513E79623B1412CA726897E19F
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F20cab9ff-0a31-4bdd-aa36-158bf65b11e2.png&w=265&h=244&q=90&f=webp&rt=contain
Frame ID: C1D790B81CFFD952C3B5FC9F729AA4DD
Requests: 3 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F66c5215e-3391-40f5-b752-172bd9c82d61.png&w=346&h=314&q=90&f=webp&rt=contain
Frame ID: F77D6A2967FADC2688B6949A7239219D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Новини України - Факти ICTV. Останні новини України та світу на Факти ICTV | Факти ICTV

Page URL History Show full URLs

  1. http://fakty.com.ua/ HTTP 301
    https://fakty.com.ua/ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

346
Requests

99 %
HTTPS

0 %
IPv6

62
Domains

106
Subdomains

80
IPs

13
Countries

3513 kB
Transfer

9547 kB
Size

92
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fakty.com.ua/ HTTP 301
    https://fakty.com.ua/ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b781b695-60ef-40d2-b56d-d361b9dfc264
Request Chain 80
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=88ccb92d6f15dcb4
Request Chain 115
  • https://gaua.hit.gemius.pl/_1635041865034/rexdot.js?l=100&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=.YvLNtmaJHY3J5oSfbkdx5CVfFUpuiaNRfGyjVjpdx7.f7cj5MuQgY9i0bYguaa_umSlE3hIqONIBAZ6fpScmSNYaiTR/EoFuU15rr3ltr/&fpdata=ekG66y9CCcdhcJgqrbpre9l2lLdQ5LyFQxmX4b7u5IP.k7&vis=1&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1635041865034/rexdot.js?l=100&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=.YvLNtmaJHY3J5oSfbkdx5CVfFUpuiaNRfGyjVjpdx7.f7cj5MuQgY9i0bYguaa_umSlE3hIqONIBAZ6fpScmSNYaiTR/EoFuU15rr3ltr/&fpdata=ekG66y9CCcdhcJgqrbpre9l2lLdQ5LyFQxmX4b7u5IP.k7&vis=1&fpcap=
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Request Chain 174
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXTCSlDhKJoRMEtkWzkrlgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
Request Chain 176
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Request Chain 178
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXTCSlDhKJoRMEtkWzkrlgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
Request Chain 180
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Request Chain 182
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXTCSlDhKJoRMEtkWzkrlgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
Request Chain 184
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Request Chain 220
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKOJ8YQtvWskdtqpQzqDsLA&google_cver=1&google_push=AYg5qPIfsTcnzJLAJ--NYcpkP1NEltzzf8x3jhczF9wSUhN-OawjAuNHjSJqE-TF9xlmW9-CziCa7B6h4aepDG6i_Sa_vm3TiWTH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIfsTcnzJLAJ--NYcpkP1NEltzzf8x3jhczF9wSUhN-OawjAuNHjSJqE-TF9xlmW9-CziCa7B6h4aepDG6i_Sa_vm3TiWTH
Request Chain 221
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGk7iFPV2t4KwqoqH-ayuIA&google_cver=1&google_push=AYg5qPIC0siQBW7DNYpr7rro9p99cB4TVaT3NEap5Qu3Orhn7dI8fI0_mX6HLeen81-gp5uI_i73FB2Tc3hMghZSN4RTwFX7ua8Tuw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AUgkwoS5RoilertJR_3LZg2&google_push=AYg5qPIC0siQBW7DNYpr7rro9p99cB4TVaT3NEap5Qu3Orhn7dI8fI0_mX6HLeen81-gp5uI_i73FB2Tc3hMghZSN4RTwFX7ua8Tuw
Request Chain 222
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAcV47Nw0We1HN1D8IzOBHM&google_cver=1&google_push=AYg5qPLglljF6XhD9HnszNnqcMea9PcKQHUvOBOGMqfUBfoc9JW_iKGNZEwP8eCNbLn12XOSLWE1wbbTTBvNBIDJ2lEFiXYGZPCPTg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAcV47Nw0We1HN1D8IzOBHM&google_cver=1&google_push=AYg5qPLglljF6XhD9HnszNnqcMea9PcKQHUvOBOGMqfUBfoc9JW_iKGNZEwP8eCNbLn12XOSLWE1wbbTTBvNBIDJ2lEFiXYGZPCPTg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLglljF6XhD9HnszNnqcMea9PcKQHUvOBOGMqfUBfoc9JW_iKGNZEwP8eCNbLn12XOSLWE1wbbTTBvNBIDJ2lEFiXYGZPCPTg&google_hm=oPS0nt_IQl-HA923M1DiZQ==
Request Chain 224
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENQ_14Tk2xAGoTdyPGWKXUQ&google_cver=1&google_push=AYg5qPJ-w5CV0ytvhpJgbaXDYvL-LRPOsMqqvkdTk0bDR-766HgKFVVEOpNuZa5YPsXLVB5QeMT1jRJeTTk-NX81z5PKn3DlwITnjQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESENQ_14Tk2xAGoTdyPGWKXUQ&google_cver=1&google_push=AYg5qPJ-w5CV0ytvhpJgbaXDYvL-LRPOsMqqvkdTk0bDR-766HgKFVVEOpNuZa5YPsXLVB5QeMT1jRJeTTk-NX81z5PKn3DlwITnjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ-w5CV0ytvhpJgbaXDYvL-LRPOsMqqvkdTk0bDR-766HgKFVVEOpNuZa5YPsXLVB5QeMT1jRJeTTk-NX81z5PKn3DlwITnjQ
Request Chain 262
  • https://eu.sportradarserving.com/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D HTTP 302
  • https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Request Chain 272
  • https://6517501.fls.doubleclick.net/activityi;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F HTTP 302
  • https://6517501.fls.doubleclick.net/activityi;dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F
Request Chain 273
  • https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value= HTTP 303
  • https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=&_bee_ppp=1
Request Chain 277
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKyXusVlXPcRqRUmQb4GSLI&google_cver=1&google_push=AYg5qPLh-riKwnF3-DMLFztt9ygJsOOPQQrp4cPoGYfwavN3CCJXZjH-2x7E5VbVP0n88o8pDwCpi3-RdmDYs7iKd3KRGlvGAO_o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5OTY1MTI4Njk1MzQ3ODQ0NQ== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEKyXusVlXPcRqRUmQb4GSLI&google_cver=1
Request Chain 279
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGk7iFPV2t4KwqoqH-ayuIA&google_cver=1&google_push=AYg5qPKtXAxy1nvl2EPC5BOalftPuloKMv_QIHaNU0-Oq7CZZE1FQo8Q_a_0TEJygOqTXJbIcBT6gT2A674t8Im8lt48hGXSygBq HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AUgkwoS5RoilertJR_3LZg2&google_push=AYg5qPKtXAxy1nvl2EPC5BOalftPuloKMv_QIHaNU0-Oq7CZZE1FQo8Q_a_0TEJygOqTXJbIcBT6gT2A674t8Im8lt48hGXSygBq
Request Chain 280
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENQ_14Tk2xAGoTdyPGWKXUQ&google_cver=1&google_push=AYg5qPKjC1Yqkl-xedtE7yG32rH_rwRSOzjUv_jHvdaWNENnsTnNlS1j5WHO6v--oSLmxVHnNeEw9hPvFUFDfO0OzG8Q7Kc6JKg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKjC1Yqkl-xedtE7yG32rH_rwRSOzjUv_jHvdaWNENnsTnNlS1j5WHO6v--oSLmxVHnNeEw9hPvFUFDfO0OzG8Q7Kc6JKg
Request Chain 281
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEu0zTT7tBAFGkfh2gjZR04&google_cver=1&google_push=AYg5qPJembF33R7K-rzJ1vCipuPRK9ktn6dLsEw9wI34JdHHryferm1gU7tt7xRaDweUIThX7nRh2ZAx-jbSekDvnnHW6itTmLTm HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEu0zTT7tBAFGkfh2gjZR04&google_cver=1&google_push=AYg5qPJembF33R7K-rzJ1vCipuPRK9ktn6dLsEw9wI34JdHHryferm1gU7tt7xRaDweUIThX7nRh2ZAx-jbSekDvnnHW6itTmLTm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4NDY1MzU0MDc1MjU4MTUyNA&google_push=AYg5qPJembF33R7K-rzJ1vCipuPRK9ktn6dLsEw9wI34JdHHryferm1gU7tt7xRaDweUIThX7nRh2ZAx-jbSekDvnnHW6itTmLTm
Request Chain 282
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIiAhjbkJnDDpmkwkwCOFws&google_cver=1&google_push=AYg5qPJ-44uHCRkPl3EE3frE__giZb451y75RTvRWX8suoIEMjSk74JH5snd_8_qPrs56PvTr42CfjMqSNdxb4NOHRDygv4d1PI HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIiAhjbkJnDDpmkwkwCOFws&google_cver=1&google_push=AYg5qPJ-44uHCRkPl3EE3frE__giZb451y75RTvRWX8suoIEMjSk74JH5snd_8_qPrs56PvTr42CfjMqSNdxb4NOHRDygv4d1PI&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJ-44uHCRkPl3EE3frE__giZb451y75RTvRWX8suoIEMjSk74JH5snd_8_qPrs56PvTr42CfjMqSNdxb4NOHRDygv4d1PI&google_hm=78a57c49479095fe504ac53e
Request Chain 283
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEADkKwSsukd4Bn6-YIl8inI&google_cver=1&google_push=AYg5qPLUU_nVKry-SOZxqEXJwg-TicFR7Nz4OxDh9_DO_pLP1QvYILy_N59JzXdZyXDGwF_D3Pj-ToR_mDHmjmghHrN3ozOxRYw9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLUU_nVKry-SOZxqEXJwg-TicFR7Nz4OxDh9_DO_pLP1QvYILy_N59JzXdZyXDGwF_D3Pj-ToR_mDHmjmghHrN3ozOxRYw9
Request Chain 291
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHA7bFYUHnT5MP9EvUnABcM&google_cver=1&google_push=AYg5qPJBcSBCrKSCIdhjOLYDEwLkFMYIn3kWOp_BTZ3CyClbYFO30GS0Xeun1_6eNIYvFZpm_ZL6OguMuAIHTKl3ETh8Yseuzrtz HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHA7bFYUHnT5MP9EvUnABcM&google_cver=1&google_push=AYg5qPJBcSBCrKSCIdhjOLYDEwLkFMYIn3kWOp_BTZ3CyClbYFO30GS0Xeun1_6eNIYvFZpm_ZL6OguMuAIHTKl3ETh8Yseuzrtz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=CARd_jwATCayprZT_6CHUGF0wko
Request Chain 292
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAcV47Nw0We1HN1D8IzOBHM&google_cver=1&google_push=AYg5qPK5kkeRtpXryyMZZvPGBubDDEvRSDxw2-sqmJQgKAAwVFTUTjlLTnR4I_G2ahsWZHgzoGU_uX2KV_o-ES11wjkFeKk0weiZqQ HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a0f4b49e-dfc8-425f-8703-ddb73350e265 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a0f4b49e-dfc8-425f-8703-ddb73350e265 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=590374f9-b6f8-48ec-a2ca-e6cef7a052e2&user_group=1&ssp=google&bsw_param=a0f4b49e-dfc8-425f-8703-ddb73350e265 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK5kkeRtpXryyMZZvPGBubDDEvRSDxw2-sqmJQgKAAwVFTUTjlLTnR4I_G2ahsWZHgzoGU_uX2KV_o-ES11wjkFeKk0weiZqQ&google_hm=oPS0nt_IQl-HA923M1DiZQ==
Request Chain 293
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEES6AvOtu5SYkfRTB0rDIFI&google_cver=1&google_push=AYg5qPIltcjuf-Wiz4kP_uCx0IyLzLjCwShNNEaDzaYQRa2ajQ9YzFi7TNJiLm3TzR2JrFFmOYm_IZXSmuYpa9eCdS8WG1NnvxzimA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TFBMRDktSC1FSUVL&google_push=AYg5qPIltcjuf-Wiz4kP_uCx0IyLzLjCwShNNEaDzaYQRa2ajQ9YzFi7TNJiLm3TzR2JrFFmOYm_IZXSmuYpa9eCdS8WG1NnvxzimA
Request Chain 294
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH8n3RdvmFYgx7sMZoGvZ0c&google_cver=1&google_push=AYg5qPJacvMJGBvlUtPUKHFjUc4H1t1e1Jvke3RMiWXKtROS3Rdvgwc_izSylUNVsXn4aCe_hCZ2e2Beg2KrDyv2dUcsb-pPHp2c HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJacvMJGBvlUtPUKHFjUc4H1t1e1Jvke3RMiWXKtROS3Rdvgwc_izSylUNVsXn4aCe_hCZ2e2Beg2KrDyv2dUcsb-pPHp2c&google_gid=CAESEH8n3RdvmFYgx7sMZoGvZ0c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYxMjgwMjc0NDc3ODIyMjg0NDA%3D&google_push=AYg5qPJacvMJGBvlUtPUKHFjUc4H1t1e1Jvke3RMiWXKtROS3Rdvgwc_izSylUNVsXn4aCe_hCZ2e2Beg2KrDyv2dUcsb-pPHp2c
Request Chain 295
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGV8-vluJuGjDPbJ6sssc-I&google_cver=1&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7ECjy7HP-1xR1t6Lf_hQncW_vlzMayi6i3RZgvHWPjtTwmD8 HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGV8-vluJuGjDPbJ6sssc-I&google_cver=1&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7ECjy7HP-1xR1t6Lf_hQncW_vlzMayi6i3RZgvHWPjtTwmD8&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGV8-vluJuGjDPbJ6sssc-I&google_cver=1&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7ECjy7HP-1xR1t6Lf_hQncW_vlzMayi6i3RZgvHWPjtTwmD8&apid=UP9433b180-3470-11ec-92ef-063c950cd156 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGV8-vluJuGjDPbJ6sssc-I&google_cver=1&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7ECjy7HP-1xR1t6Lf_hQncW_vlzMayi6i3RZgvHWPjtTwmD8&apid=UP9433b180-3470-11ec-92ef-063c950cd156&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDMzYjE4MC0zNDcwLTExZWMtOTJlZi0wNjNjOTUwY2QxNTY%3D&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7ECjy7HP-1xR1t6Lf_hQncW_vlzMayi6i3RZgvHWPjtTwmD8
Request Chain 300
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=58a8e0ca-af7d-4a65-8ec1-df7b59093f72 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=a0f4b49e-dfc8-425f-8703-ddb73350e265

346 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fakty.com.ua/ua/
Redirect Chain
  • http://fakty.com.ua/
  • https://fakty.com.ua/ua/
473 KB
108 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccac2f702c1e526c20d5b46c2e1da43108e259972fdae17f6f14d247174af9fd

Request headers

:method
GET
:authority
fakty.com.ua
:scheme
https
:path
/ua/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
link
<https://fakty.com.ua/ua/wp-json/>; rel="https://api.w.org/" <https://fakty.com.ua/ua/wp-json/wp/v2/pages/460403>; rel="alternate"; type="application/json"
x-n
ua
x-s
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ech69334JAINK5UkcnE2yxK1Ehprx%2FlvSEyeiKV9w7PEAlJPIwaLdJygFU5%2BaV3m7QoLxWKd5DRHmjPxmFD26%2B9xD%2BgnGJgiy2KnT3oNRczCrPOy6A1%2FdpMONQ9kjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; SameSite=Lax; path=/; expires=Mon, 25-Oct-21 01:17:44 GMT; HttpOnly
server
cloudflare
cf-ray
6a2fb5e3f8594114-PRG
content-encoding
br

Redirect headers

Date
Sun, 24 Oct 2021 02:17:44 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 24 Oct 2021 03:17:44 GMT
Location
https://fakty.com.ua/ua/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoFUdYEW7LyJ%2BdXNh%2FAuMivPazpaNiraivPEVVrnYWA9PT09m72jxLyWrey4lhcNAD7ymV%2FCom7RXGardKOpCnmQC%2FAVm%2FFbGnvrj%2BMhigR6oRmNkRhxip8vTQn7ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6a2fb5e3989d2790-PRG
wp-emoji-release.min.js
fakty.com.ua/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 08:03:48 GMT
server
cloudflare
age
2917120
etag
W/"61444be4-3795"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxRXqOsrIrxFQc3pw8uK67Zm8gppnqUqSKPOxVs0GwxmeLjDR8yVXZdmYvRUXz5Xj6OgKUKvRUXxZs2eXnwSxaTfrtLXjxOVMhZxwRonWbMjdQdgcmoZUuRw%2BkTiiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fb5e508c04114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
hb_266844_811.js
player.adtcdn.com/prebidlink/454178/ 		433 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0626da885721442f9dad50e5336a6a6745e91c782f389757231726144be20e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 16:44:16 GMT
server
cloudflare
etag
W/"61704760-6c36c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLzSvDV37y%2BKicbCISScNvHjIaFWl03OO5V1fH4uZxQv%2Bz083UoHw%2BOlb4QEx68nC%2F%2Bcfym3i9ifDxgeAKZ2Ioipl%2BfdnesJOMfjhvDUootfDAIzJKHuZWeqfTPv3wtoD8xOwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
6a2fb5e56fdc97e4-FRA
expires
Sun, 24 Oct 2021 02:32:02 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
b0d247d4ae74ae4879a66a19d19b8dee5f564da1dc7fd58dacf3b9d4acb7ee65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1023 / 499 of 1000 / last-modified: 1634854038"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27203
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:17:44 GMT
wrapper_hb_266844_811.js
player.adtcdn.com/prebidlink/454178/ 		197 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/454178/wrapper_hb_266844_811.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cefa46043c384463da822f5ebc6994cc57a7c93912e51df3f462d21de4664a1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
153
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 20 Oct 2021 16:42:44 GMT
server
cloudflare
etag
W/"61704704-31488"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JotV88ocl4O2AglvQiiT9MFP%2FXm%2F8GPOYZVLyBnPZCxRihEa9pL0nJxeEtfH1Y5peh5ozRDh6%2FmtxNyGtFMc%2Bhd2DEOybcvUt%2BwMOPOEzKtx%2BZllxBOVLNpfgl1M9ejYTfuGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
6a2fb5e56fdd97e4-FRA
expires
Sun, 24 Oct 2021 02:30:11 GMT
OpenSans-Regular.woff
fakty.com.ua/wp-content/themes/fakty/includes/fonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/fonts/OpenSans-Regular.woff
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c57ed6b58e45d0f7b6ad13cbfc538e33cd4d877816264f53267edb8a376fbaf7

Request headers

sec-fetch-mode
cors
origin
https://fakty.com.ua
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
:path
/wp-content/themes/fakty/includes/fonts/OpenSans-Regular.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fakty.com.ua/ua/
Origin
https://fakty.com.ua
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
age
2917119
etag
W/"61444bdc-107c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYJ9fFzVgoTZwByIioEF6A746fXN2Wu2FWytfYc0gSWmcFlwN0qm8QdR0jMM8Z1%2FuKmg47hTKqFgVMKmyAA5o0Nzs18cFjk7Inu5DiTtVLYJ5sgdb33MNt%2BOs%2BvtfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fb5e548d94114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
OpenSans-Bold.woff
fakty.com.ua/wp-content/themes/fakty/includes/fonts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/fonts/OpenSans-Bold.woff
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fc105d78069718d9d068382258ad0c3d44601b57e0446b2d4a69153c10f95a

Request headers

sec-fetch-mode
cors
origin
https://fakty.com.ua
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
:path
/wp-content/themes/fakty/includes/fonts/OpenSans-Bold.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fakty.com.ua/ua/
Origin
https://fakty.com.ua
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
age
2917119
etag
W/"61444bdc-1122c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIn6JZLT1nOen58AfdDGFE97JtU%2FqK43C1xUmmi2qnhdtY60HlkBF%2BXmcuH%2BUoekEgQnaRrETD03CVv2M5TOOp%2Beh%2BV9OS%2FqCw2N4%2B7VUIc7YMDS9Uit49Zl8IUltw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fb5e548da4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
OpenSans-Italic.woff
fakty.com.ua/wp-content/themes/fakty/includes/fonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/fonts/OpenSans-Italic.woff
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
175b36257911c358180606dd88c49ec593dcf1e338b02e4bcc7447324c462287

Request headers

sec-fetch-mode
cors
origin
https://fakty.com.ua
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
:path
/wp-content/themes/fakty/includes/fonts/OpenSans-Italic.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fakty.com.ua/ua/
Origin
https://fakty.com.ua
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
age
2917119
etag
W/"61444bdc-12948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFM7kuzQigok0aNmE2MxIjvnTvaWOta7VG7PIKyqJHxRzfy5jyU%2Fm0W5PkfIhbCGzok5GD899rxMRDU%2BCyf0L0JDTUWBTOQ3g7zO9mIp6w29U4x1DZ%2BgoPkHdErYAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fb5e548db4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
fakty_font.woff
fakty.com.ua/wp-content/themes/fakty/includes/fonts/ 		5 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/fonts/fakty_font.woff
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925d8e4829911802e13411398ed6334e03ca9924f4158b3fee50f22ada2435a9

Request headers

sec-fetch-mode
cors
origin
https://fakty.com.ua
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
:path
/wp-content/themes/fakty/includes/fonts/fakty_font.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://fakty.com.ua/ua/
Origin
https://fakty.com.ua
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
age
2917119
etag
W/"61444bdc-1520"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBLnK1uaO6EH%2FStnIroqj6t%2FIJLJjjKgspUFiEACtIwdp%2BTc3og6MKiZTpDTPRkHOf5cYdzwEttqOld%2FqyxKHQquz%2B7LG5dB7zoL6EtFdxnMlc%2FiBExcp5c508EvpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fb5e548dc4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
VQQFD6QvyvUn
cdn.onthe.io/io.js/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/VQQFD6QvyvUn
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.100.57 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
48612cad75fed1f907a2bccdb83d59143fb4cdcc0573ab9cb13794ee75ed3b1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 06:59:52 GMT
Server
nginx
ETag
W/"60ebe868-dd31"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Mon, 25 Oct 2021 02:17:44 GMT
gtm.js
www.googletagmanager.com/ 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KMS7G77
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
24fb2979cfc748bb773811ebee27a58179c6545ca5d8dc0c910012aa6b2dd4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
52681
x-xss-protection
0
last-modified
Sun, 24 Oct 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Oct 2021 02:17:44 GMT
truncated
/ 		569 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e17c7231cf6dcf47374f5e5cb6c55e0025515edfbbf56bb6be0ccab2ac10195d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
xgemius.js
gaua.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 18:01:32 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Sun, 24 Oct 2021 14:17:44 GMT
truncated
/ 		429 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
137eab86e81c1a847b267ccf9cc5d494b5509ac2b7280a37fad2c2344d6ed4e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
940abe56741c1ecbbb678058b3eec65c46a1af7eb521d60ab4f442f667f770a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		429 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b8670df66d3b6f56eaa065c5b0c6a6feb3de324603390466e578b952f9694c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		429 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cb1bc5422b1cedef4c3e85ee5fd579d2158aa4e7d80408a71478a1bde500495

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		428 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93c01253619df4239803acb12fac8222cbae300a3ea448824f71ed6ffa2153cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
socicons.png
fakty.com.ua/wp-content/themes/fakty/includes/css/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/css/images/socicons.png
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6de4b9d9a3597e46d4f45e97bc642870c22c58fbb93bf8113061e294c2d3281

Request headers

:path
/wp-content/themes/fakty/includes/css/images/socicons.png
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2103190
cf-polished
origFmt=png, origSize=6942
content-disposition
inline; filename="socicons.webp"
content-length
4586
last-modified
Tue, 28 Sep 2021 07:12:35 GMT
server
cloudflare
etag
"6152c063-1b1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMkulbn2T%2BZL18ccD0sX%2Br1dGl0elfTr0Hd9HWK2XEQMUZXQE43seZjWavJvJCU1x%2B6yHSsYQSLUCCrY7yNHD%2BRibTBntgXa76Nin%2BFSQ42sSiN2nTI8apGB%2F735xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e578eb4114-PRG
cf-bgj
imgq:85,h2pri
truncated
/ 		745 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43aa2768d2495c513fb28d9158d9c5ab43bc76ebcf6fbb632ffa0db5d44d52e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afdcffb3e87480247681350cc3bd1508855fe6b93b258d08c661ce859dba19e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c3a161446058805a30cfb13f01db1ea804e2ab2fe686fe210a8dd288f172b33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f66b3508cf085755fa51cda4a81d51b46fe3a9263373a373eae1f7f1d874265f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35587e58d0250f998de657484b0d62897ffbd79180a540b28b4cf55f8952b384

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccacbfe53d43c2c184aff80396600f362d4ec11d5bb01793454528e20abb3dfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		429 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae66afab10a5bc2275f2a4539d9d18a8e6be500eb144395542f8ea4dfd5ac717

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
quote.svg
fakty.com.ua/wp-content/themes/fakty/includes/css/images/svg/ 		685 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/css/images/svg/quote.svg
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a4949a825ceaed406ce169a352e2094693d08af30a1c70d0831f6ddd234144

Request headers

:path
/wp-content/themes/fakty/includes/css/images/svg/quote.svg
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
age
2914864
etag
W/"61444bdc-2ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dyt2EWlWr2EBxVCoWvqOpB2NWrLYejDdtp0pjbLOPqYVbtasyYOJwslm1%2B1iRDyjGTm75TID%2B0Gbd0WwYnyB43qfHY%2BB4765D1Jb8WdZ80NzL2FZAuYzisTchRLYZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fb5e5b8fe4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
fakty.com.ua/wp-content/plugins/error-content/assets/css/ 		26 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/plugins/error-content/assets/css/main.css?ver=1.0.4
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40ff0a02cd9444f106d1e169af6bbfe22a809265e884c4b5b4333598fa4a35a

Request headers

:path
/wp-content/plugins/error-content/assets/css/main.css?ver=1.0.4
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2227761
cf-bgj
minify
last-modified
Tue, 28 Sep 2021 07:11:32 GMT
server
cloudflare
etag
W/"6152c024-547b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0ydqxZ7J3GD%2BAFreGPnXe%2Fk1I912JXw0fLsHJRbpUCb7SwEj2C7R04Xp2NjXafCKMBkKbMAhQyMEPOrfVqcpCsChhdl8doxNoZpfUATJo2bbFYQUsrJShe6j1wtow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6a2fb5e5d9084114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
fakty.com.ua/wp-content/themes/fakty/includes/css/ 		70 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/css/style.css?ver=1.8
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ef079c94a840d6e100bd22232ded59896fb886466cce136fe70dac22218e56

Request headers

:path
/wp-content/themes/fakty/includes/css/style.css?ver=1.8
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2917117
cf-polished
origSize=91274
cf-bgj
minify
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
etag
W/"61444bdc-1648a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bbKVVrCTAEgPncdUGp8n7ErAhEadaHm9nvefQ03wk0lWOUJl%2BCZw4x0dXznfEGOQQwsdbjECvnQdojwIurqs8f88uHGcAxnFwB3DXzZKbOL0aIF7cDERzgZnPiqiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6a2fb5e5d90a4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
mobile-style.css
fakty.com.ua/wp-content/themes/fakty/includes/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/css/mobile-style.css?ver=1.1.1
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c53129e26a81aafcc2c745c314f0ab43431110abe73bb583a1023d9c7d97ee

Request headers

:path
/wp-content/themes/fakty/includes/css/mobile-style.css?ver=1.1.1
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2917117
cf-polished
origSize=7880
cf-bgj
minify
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
etag
W/"61444bdc-1ec8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVw6AoWOcPsfPrmQ7O3KhssmE3Fej3Bj7counswF%2Bi0lDgh5LDhduVnVsBCZzx8d9e1oYOU6Ituohmz7A2s6X0WoDqMmgZ1oFBskiZBPjBHdsM5pdyBINef6%2FybByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6a2fb5e5d90c4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.js
fakty.com.ua/wp-content/themes/fakty/dist/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/themes/fakty/dist/js/index.js?ver=1.0.5
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11dd5b4a7a0d93c9a1611f1477670754410a8301ff16ca4c7ce0c6931062d739

Request headers

:path
/wp-content/themes/fakty/dist/js/index.js?ver=1.0.5
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2917114
cf-bgj
minify
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
etag
W/"61444bdc-4211"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPbO5kpvF7bUdnDM0DNFRwLSjLKZKUHfjXjp%2FwWo5PNTFa1%2Fp7RPQNs70jVCUDCQmvUTqyA60Jd7u%2BVoMQII21xr98FgIkDGmC2D06Xr9UrItRrRJM012Y2%2FJ3I%2B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6a2fb5e5d90d4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
fakty.com.ua/wp-includes/js/ 		1 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.6.2
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 17 Sep 2021 08:03:48 GMT
server
cloudflare
age
2917113
etag
W/"61444be4-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LQDfpwvcCSi%2B2gfuEVwTk0hRvp2jZ%2FtSbJFFSey7dT0xxsjuq4g%2BZmDeatWRqrwpGoEND9aKfAM8bN3P%2BmS6ZX4sAdePgLgcb6yzg2K32H5kQgHEvn9fIbRRMPVGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a2fb5e5d90e4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
democracy.js
fakty.com.ua/wp-content/plugins/democracy-poll/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/plugins/democracy-poll/js/democracy.js?ver=5.6.0
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cca61a27e34b923a685d1b6f4ebef8aa335dc818810ead3b06241c55019dc

Request headers

:path
/wp-content/plugins/democracy-poll/js/democracy.js?ver=5.6.0
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2712993
cf-polished
origSize=19811
cf-bgj
minify
last-modified
Wed, 22 Sep 2021 09:20:53 GMT
server
cloudflare
etag
W/"614af575-4d63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SINB8d2SD5dV9NE2EH0hhzz6I%2FIwrX%2BgKZQucH326fA4HtiE8EEgtMTNhYPzkwatnRas5q7467GG%2BXOOs8Gigr3qP2d%2FXyTkUiSCMSMp5SMCToS%2B3v0VMtr4elz0zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6a2fb5e5d90f4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
fakty.com.ua/wp-content/plugins/error-content/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-content/plugins/error-content/assets/js/main.js?ver=1.0.2
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a9957b32061f7444e7f79aa46c9ea6340a24ee75a2e1394b711243342a3a341

Request headers

:path
/wp-content/plugins/error-content/assets/js/main.js?ver=1.0.2
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2915202
cf-polished
origSize=3508
cf-bgj
minify
last-modified
Fri, 17 Sep 2021 08:02:33 GMT
server
cloudflare
etag
W/"61444b99-db4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22pqF2%2B97%2FRfyN%2F2%2BxjXy37ULqpSh9IIXfg49N0uckcDP6OSWngLWCQAIIVTo5h2ridme9CAUubUlRWxeNanqu46r3uYMGfBq2Zl1dyZ12dLwKTf6qkScvfiIPm0SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6a2fb5e5d9104114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
atpns.core.js
player.adtelligent.com/atpns/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/atpns/atpns.core.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e2141eb0bb1516ca29f17d5e3876bafa9290fcabd9ecd78fd37e6f3e30cf640

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
last-modified
Thu, 18 Feb 2021 13:48:06 GMT
server
nginx
etag
W/"602e7016-5333"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 24 Oct 2021 03:17:44 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
dfpload.js
fakty.com.ua/ 		17 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/dfpload.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee953041ca087b42d712c72f6895e177c950b55f49696d2e487fab4dcb2bc1f9

Request headers

:path
/dfpload.js
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2917117
cf-polished
origSize=19
content-length
17
last-modified
Fri, 17 Sep 2021 08:03:22 GMT
server
cloudflare
etag
"61444bca-13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZq51dO9OYisXRoMqMelRaG9pWXxeF2oyHYpJRoqDloG9ws1UnkQeHoYUW9KMxLZhTmx7SO3kUslQl5zwlv1RiMg%2BcyqRVfAbiXfcrga%2BJOwV%2F8J3wFPnBb0oCgJdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e5d9114114-PRG
cf-bgj
minify
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9887fe8b9ac67af8b71caa06db396f1f1caae9c6f98232e2086706845049ca92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccfa34fd29bea66df46e991f74e4a9953a98217d43e1d123daf9b56b86a440fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37a1b3c43465df241f9064360000fe9ef4d1f9541e1e669f021fcfc21a910731

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8cec3103446c6f06e3d6085d196e626357a40bd3df47ef7cbb20c158d71b940

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7f40891c6cbf0816c7e00d412cdce2a0fd8c0fdd4cfbbd230289d8f04f4449f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c84c4aad06938ac68ac600fd49f8aabab04dd2d01c709ce5a60e1c6032dfa709

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42093:uniques_instantly[language:uk,page_type:default,domain:fakty.com.ua,url:%2F,page:%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%81%D0%B2%D1%96%D1%82%D1%83,url_real:%2Fua%2F,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36,device:desktop,browser_version:Chrome%2093,browser:Chrome,depth:1,user_type:new,user_id:3d9660d91.124e71932_1635041864650,session_id:a02d811fe.f742d88a4_1635041864652,cdn_version:24]&s=49834b49912a3e9ce336c729aff3d229&1635041864657
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/VQQFD6QvyvUn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:44 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/uniques/ 		33 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/uniques/?current=24&holding=d51792b4d5f7e5523e2fa6df873e8051&hash_user=3d9660d91.124e71932_1635041864650&1635041864658
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/VQQFD6QvyvUn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:44 GMT
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
33
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42093:visits_instantly[language:uk,page_type:default,domain:fakty.com.ua,url:%2F,page:%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%81%D0%B2%D1%96%D1%82%D1%83,url_real:%2Fua%2F,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36,device:desktop,browser_version:Chrome%2093,browser:Chrome,depth:1,user_type:new,user_id:3d9660d91.124e71932_1635041864650,session_id:a02d811fe.f742d88a4_1635041864652,cdn_version:24]&s=49834b49912a3e9ce336c729aff3d229&__io=3d9660d91.124e71932_1635041864650&1635041864661
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/VQQFD6QvyvUn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:44 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42093:pageviews[language:uk,page_type:default,domain:fakty.com.ua,url:%2F,page:%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%81%D0%B2%D1%96%D1%82%D1%83,url_real:%2Fua%2F,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36,device:desktop,browser_version:Chrome%2093,browser:Chrome,depth:1,user_type:new,user_id:3d9660d91.124e71932_1635041864650,session_id:a02d811fe.f742d88a4_1635041864652,cdn_version:24]&s=49834b49912a3e9ce336c729aff3d229&1635041864664
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/VQQFD6QvyvUn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:44 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pubads_impl_2021101901.js
securepubads.g.doubleclick.net/gpt/ 		362 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
125444
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:17:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		65 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fakty.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
3b52c9db89bb8a1b78a56df8f5eba21c9bea0c014413438838e633d096e7cdf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
68
x-xss-protection
0
expires
Sun, 24 Oct 2021 02:17:44 GMT
/
ghb.adtelligent.com/geo/ 		134 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
dc4a12ed222a82c9d2b9e9e401100fec3a670f5cca303a719e59715717a349b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://fakty.com.ua
Date
Sun, 24 Oct 2021 02:17:44 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
134
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ 		43 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=266844&site_id=811&full_page_url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&adid=4lpl2p.cq&vpbv=0859&lifecycle_tte=523
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://fakty.com.ua
Date
Sun, 24 Oct 2021 02:17:44 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
js
www.googletagmanager.com/gtag/ 		124 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-57RZ078QNH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMS7G77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
89b61f2b45421e297191f5ad8b81f24734f48f4567f18ea803932377dc79e880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
49480
x-xss-protection
0
expires
Sun, 24 Oct 2021 02:17:44 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMS7G77
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
998
date
Sun, 24 Oct 2021 02:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sun, 24 Oct 2021 04:01:06 GMT
fpdata.js
gaua.hit.gemius.pl/ 		281 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=fakty.com.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
47259a5cc6573ccaa3b8de3661b0d208d3b97f84df65181d1d7315059ff2dcc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
281
expires
Tue, 23 Nov 2021 02:17:44 GMT
loader.gif
fakty.com.ua/wp-content/themes/fakty/includes/img/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/themes/fakty/includes/img/loader.gif
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/wp-content/themes/fakty/includes/css/style.css?ver=1.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb7d6ebb3fb3d20844a664ea7b23d15d735c4ef47986411b2b41b0bb062d970

Request headers

:path
/wp-content/themes/fakty/includes/img/loader.gif
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/wp-content/themes/fakty/includes/css/style.css?ver=1.8
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/wp-content/themes/fakty/includes/css/style.css?ver=1.8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2914864
cf-polished
origFmt=gif, origSize=45668
content-disposition
inline; filename="loader.webp"
content-length
31064
last-modified
Fri, 17 Sep 2021 08:03:40 GMT
server
cloudflare
etag
"61444bdc-b264"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P00R%2FNHHH6AUsHZHQzqUeoFU%2FfboavNG6NLUsn9DpfU5ZZCm64x8LERvZIxtXt2C3%2Bt5HGKUyk6S42rEqQ%2FeNXb3QqiCelUzXv8Yy8XPhEE%2BHgmMudVrw1I1G2QM5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e6f9734114-PRG
cf-bgj
imgq:85,h2pri
lsget.html
ls.hit.gemius.pl/ Frame EDC3 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash
67aa91bbd25022bf061faeb2b19c3329319d4507d0e194cfdac422834326ba0b

Request headers

:method
GET
:authority
ls.hit.gemius.pl
:scheme
https
:path
/lsget.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
expires
Tue, 23 Nov 2021 02:17:44 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2710
content-encoding
gzip
gsconf.js
gaua.hit.gemius.pl/ 		67 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/gsconf.js?gst=parent&href=fakty.com.ua&gsver=323&v=454180
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
last-modified
Thu, 21 Oct 2021 18:01:32 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
67
expires
Sun, 24 Oct 2021 06:17:44 GMT
config.json
files.adtelligent.com/push/46/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://files.adtelligent.com/push/46/config.json?d=https://fakty.com.ua&t=454179
Protocol
H2
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin
Origin
https://fakty.com.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-type
application/json; charset=UTF-8
server
nginx/1.18.0
access-control-allow-headers
Access-Control-Allow-Origin
access-control-allow-methods
POST, DELETE, GET, HEAD, PUT, PATCH, OPTIONS
access-control-allow-credentials
true
access-control-max-age
86400
access-control-expose-headers
X-Pagination-Current-Page, X-Pagination-Page-Count, X-Pagination-Per-Page, X-Pagination-Total-Count, Rl-Message-Link, X-Entity-Hash-Header, X-Job-Code
allow
GET, POST, HEAD, DELETE, PUT, OPTIONS, PATCH
content-encoding
gzip
expires
Tue, 26 Oct 2021 02:17:44 GMT
cache-control
max-age=172800
access-control-allow-origin
https://fakty.com.ua
sdk.js
api-esp-eu.piano.io/public/sdk/v04/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
142007
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 26 Aug 2021 14:26:57 GMT
server
cloudflare
etag
W/"1bbec-17b82db5368"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api-esp-eu.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6a2fb5e77b0b411a-PRG
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Mon, 24 Oct 2022 02:17:44 GMT
config.json
files.adtelligent.com/push/46/ 		297 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://files.adtelligent.com/push/46/config.json?d=https://fakty.com.ua&t=454179
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/atpns/atpns.core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c62b5a0536bfb81b392290d8372aae6ae5ab46a82523fb4f5af3f080ed4a3042

Request headers

Access-Control-Allow-Origin
https://fakty.com.ua
Accept
application/json
Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
last-modified
Wed, 04 Mar 2020 14:25:57 GMT
server
nginx/1.18.0
etag
W/"5e5fba75-129"
content-type
application/json
access-control-allow-origin
https://fakty.com.ua
expires
Tue, 26 Oct 2021 02:17:44 GMT
cache-control
max-age=172800
access-control-allow-credentials
true
content-disposition
inline; filename="config.json"
x-proxy-cache
HIT
jquery.js
fakty.com.ua/wp-includes/js/jquery/ 		141 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fakty.com.ua/wp-includes/js/jquery/jquery.js?ver=3.5.1
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/wp-content/plugins/democracy-poll/js/democracy.js?ver=5.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05fa972f5c0bd604a872f2e743efd5b7a0b4572f992db1f36fcb66ee91f674d

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=3.5.1
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2914423
cf-polished
origSize=287650
cf-bgj
minify
last-modified
Fri, 17 Sep 2021 08:03:14 GMT
server
cloudflare
etag
W/"61444bc2-463a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wy9z1DeNlG%2BiUF9ydixOE1HglmGyCCOaPolvHI1DkGT%2Bs24wKf8Pej89sKvlaCKRdyG5HBdAeq0JNoHzfIGE%2FMBzoPjh1FNd1k%2F4YyFuxeugJhJna0YQTf7U%2B0mpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6a2fb5e7197f4114-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
Bez-ymeny-1-640x360.jpg
fakty.com.ua/wp-content/uploads/2021/03/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/uploads/2021/03/02/Bez-ymeny-1-640x360.jpg
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4d457f1a450b38779b8e2e0f6609e61187e82a59d12b37e059da129b2e9a11

Request headers

:path
/wp-content/uploads/2021/03/02/Bez-ymeny-1-640x360.jpg
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25346
cf-polished
qual=85, origFmt=jpeg, origSize=42981
content-disposition
inline; filename="Bez-ymeny-1-640x360.webp"
content-length
18282
last-modified
Tue, 02 Mar 2021 10:11:58 GMT
server
cloudflare
etag
"603e0f6e-a7e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2V220JqbO4ygCdhyvoWedGR4wQlrB1M27jcgaDAYCQqIeETqzoDlBefKT8bLdmwy2hi5gaqkCtfJuP%2B0%2Bj%2F%2B2qGL%2BBUxIbqhBukQxhgEoXH7NVMO15qdtMybyVj3lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e729874114-PRG
cf-bgj
imgq:85,h2pri
Novyi-proekt-1-22.png
fakty.com.ua/wp-content/uploads/sites/3/2021/10/ 		221 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/uploads/sites/3/2021/10/Novyi-proekt-1-22.png
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
626705ba798b4ae6d7d952af7fd1152d31e199831419725a06f7cec28bd9bcc6

Request headers

:path
/wp-content/uploads/sites/3/2021/10/Novyi-proekt-1-22.png
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22880
cf-polished
origFmt=png, origSize=412687
content-disposition
inline; filename="Novyi-proekt-1-22.webp"
content-length
226522
last-modified
Sat, 23 Oct 2021 18:40:53 GMT
server
cloudflare
etag
"61745735-64c0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xO4IMQfpWf%2F5dNSasLm3xHPcMmDwn2oCQeME8dZAL%2BXJbx6DY%2B%2B%2B9SOiZXooBQmDEAj8GisfAmKO%2F55gbagmZnLA3WviaBUKD3VbB5pFKzGNtpLvrq8PIWs2pImsNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e729884114-PRG
cf-bgj
imgq:85,h2pri
likari-200x113.jpg
fakty.com.ua/wp-content/uploads/2021/10/23/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/uploads/2021/10/23/likari-200x113.jpg
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbebae5dc212002d898f50978953845ffb983669b5b5907a82bef9b941dd2e2b

Request headers

:path
/wp-content/uploads/2021/10/23/likari-200x113.jpg
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30798
cf-polished
qual=85, origFmt=jpeg, origSize=6269
content-disposition
inline; filename="likari-200x113.webp"
content-length
5488
last-modified
Sat, 23 Oct 2021 17:19:12 GMT
server
cloudflare
etag
"61744410-187d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofM39vRe9MKjmKqFOOYIWgXnzVOE1tSWIU3T%2BQUG2oXuCkxECVvj%2BbSgDft6OJf7iV8sSWn%2BlNVGCPoGpU1pIf9c6CmjokoYDb1szXsflxsUXrvz05mw7GwQbG5GZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e729894114-PRG
cf-bgj
imgq:85,h2pri
dety-200x113.jpg
fakty.com.ua/wp-content/uploads/2021/10/23/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/uploads/2021/10/23/dety-200x113.jpg
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
096fa4d45463023260fe61bceffa036948e6ebba3977796f8839cc7c2b832119

Request headers

:path
/wp-content/uploads/2021/10/23/dety-200x113.jpg
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56222
cf-polished
qual=85, origFmt=jpeg, origSize=5855
content-disposition
inline; filename="dety-200x113.webp"
content-length
5080
last-modified
Sat, 23 Oct 2021 10:37:20 GMT
server
cloudflare
etag
"6173e5e0-16df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opqBXiGEo9hN%2BO4jMeIcKo7FfsQtXNBXupx%2F6Qvxx%2Bj76JpRW%2BriCHqg1k%2FRwskF07rKqlWW3YWQR7zNVOinjqWrY14f1Aib5W6GHjNcMrWdaEOo%2Fry13lqUS1%2Bbgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e7298a4114-PRG
cf-bgj
imgq:85,h2pri
Screenshot_1-142x80.png
fakty.com.ua/wp-content/uploads/2021/10/21/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/uploads/2021/10/21/Screenshot_1-142x80.png
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d414a1ce754144604835daa39953420e2b4e3505c15d04421987c9150c4b1b7

Request headers

:path
/wp-content/uploads/2021/10/21/Screenshot_1-142x80.png
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
218843
cf-polished
origFmt=png, origSize=21329
content-disposition
inline; filename="Screenshot_1-142x80.webp"
content-length
15070
last-modified
Thu, 21 Oct 2021 12:57:48 GMT
server
cloudflare
etag
"617163cc-5351"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIwn%2B9EUOXZRrnPqG1aUp5%2B2W%2B4hUNSu5bW7JeNflsJj437yPc9euKe%2FvZNdzkTVeHarHEGqz5wFIJ704a%2BjCtlpvjtySuXDMFu2x5vpaI%2F%2F3ETvYSEdKyq%2FKUaNTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e7298b4114-PRG
cf-bgj
imgq:85,h2pri
Dmytro-Medvedyev.png
fakty.com.ua/wp-content/uploads/2019/07/28/ 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/uploads/2019/07/28/Dmytro-Medvedyev.png
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e08d9b65a63560af55ec12fbaa42b45edcb394ef34728e8d7a120410ca49f5

Request headers

:path
/wp-content/uploads/2019/07/28/Dmytro-Medvedyev.png
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289679
cf-polished
origFmt=png, origSize=455100
content-disposition
inline; filename="Dmytro-Medvedyev.webp"
content-length
207040
last-modified
Sun, 28 Jul 2019 13:51:55 GMT
server
cloudflare
etag
"5d3da87b-6f1bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aG%2FVsij1wW9GcpsAwRzcKbwuum6%2BUfzB4PUlHQk8xdM7L38C3mTJKWxIcY%2B0GjDHb9TIeAY1CfZyaguJqA1YO6E7bRpjbWY67YXsmzaA7o5d%2BZ9n9vBjT1qii5ZyrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e7298c4114-PRG
cf-bgj
imgq:85,h2pri
640-1-142x80.jpg
fakty.com.ua/wp-content/uploads/2021/10/19/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakty.com.ua/wp-content/uploads/2021/10/19/640-1-142x80.jpg
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32984b7f223018118636c9e716d5bf8dda69321efbd8f7fe82a5d3b71e018659

Request headers

:path
/wp-content/uploads/2021/10/19/640-1-142x80.jpg
pragma
no-cache
cookie
__cflb=02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG; __io_d=1_3813806733; __io_lv=1635041864650; __io=3d9660d91.124e71932_1635041864650; __io_session_id=a02d811fe.f742d88a4_1635041864652; __io_nav_state42093=%7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D; __io_unique_42093=24; __io_uh=1; __io_visit_42093=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fakty.com.ua
referer
https://fakty.com.ua/ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
319384
cf-polished
degrade=85, origSize=5175, status=webp_bigger
content-length
4147
last-modified
Tue, 19 Oct 2021 09:08:46 GMT
server
cloudflare
etag
"616e8b1e-1437"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EL2VD%2BsrM37JDeaWWqCQ6WK5i%2FKSO7Tui7v4iTYbUZbYdjJyd0YtFeLsu6BX5nTHzNdi2ecre3TeD7xyHLovcrB%2BUJI%2FOoiJSXgPNs56YgcKdHeIppsRVJ14sV1iSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6a2fb5e7298d4114-PRG
cf-bgj
imgq:85,h2pri
config.json
player.adtelligent.com/exchange_rates/279944/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279944/config.json?cb=https%3A%2F%2Ffakty.com.ua%2Fua%2F
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
aa0dd773a849e0fc56e929a2a62fb8803a6f1d8188cdc120dc5a31577545c239

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
last-modified
Sun, 24 Oct 2021 00:02:06 GMT
server
nginx/1.18.0
etag
W/"6174a27e-8fb"
content-type
application/json
access-control-allow-origin
https://fakty.com.ua
expires
Sun, 24 Oct 2021 03:17:44 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
csyncs
ghb.adtelligent.com/ 		730 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/csyncs?aid1=378200&aid2=378201&aid3=443025&aid4=467848&aid5=587777&aid6=607661&aid7=undefined
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e17748d26dabd3324d4ed2895bfb03a963b3e20bbc5e9517848b927b08703dab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:44 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://fakty.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
350
publisher:getClientId
ampcid.google.com/v1/ 		74 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://fakty.com.ua
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fakty.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fakty.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		981 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3999302759092812&correlator=387273605049857&output=ldjh&impl=fifs&eid=31063267&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=58302844%2CSLDS_Fakty_Interstitials&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cust_params=fakty41803%3Dfe91274d1fdece52f27b20eb85550936%26fakty_com_ua%3Dfakty.com.ua%26url%3Dfe91274d1fdece52f27b20eb85550936&cookie_enabled=1&bc=31&abxe=1&lmt=1635041864&dt=1635041864873&dlt=1635041864441&idt=387&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3691027390&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=437685793.1635041865&ga_sid=1635041865&ga_hid=822090561&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
8a846ba3e7530759c31b4c592a64289dcb316ac08356c642351ff5260aab980f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
539
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3999302759092812&correlator=184924769605762&output=ldjh&impl=fifs&eid=31063267&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=58302844%2CSLDS_FakTy_Paragraph_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=fakty41803%3Dfe91274d1fdece52f27b20eb85550936%26fakty_com_ua%3Dfakty.com.ua%26url%3Dfe91274d1fdece52f27b20eb85550936&cookie_enabled=1&bc=31&abxe=1&lmt=1635041864&dt=1635041864877&dlt=1635041864441&idt=387&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3870140379&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=437685793.1635041865&ga_sid=1635041865&ga_hid=822090561&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
13e384a6942116c7a801b79705c199a05bf9b2bd3cae60eb5c8381fe3d5f9952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10572
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fakty.com.ua
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		439 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3999302759092812&correlator=181617034940368&output=ldjh&impl=fifs&eid=31063267&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=58302844%2CSLDS_FakTy_Background&enc_prev_ius=%2F0%2F1&prev_iu_szs=2000x1300&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=fakty41803%3Dfe91274d1fdece52f27b20eb85550936%26fakty_com_ua%3Dfakty.com.ua%26url%3Dfe91274d1fdece52f27b20eb85550936&cookie_enabled=1&bc=31&abxe=1&lmt=1635041864&dt=1635041864879&dlt=1635041864441&idt=387&frm=20&biw=1600&bih=1200&oid=2&adxs=-200&adys=48&adks=781934029&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x8365&msz=2000x-1&ga_vid=437685793.1635041865&ga_sid=1635041865&ga_hid=822090561&ga_fc=false&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
87bdcffbd289226bb4f47d403ed04d13a622f9b78381ee7dfcff9860c5d96c82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8572 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 02:17:44 GMT
expires
Mon, 24 Oct 2022 02:17:44 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
pubads_impl_page_level_ads_2021101901.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021101901.js?cb=31063267
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
2b5904a7e5230fbe1aa1b0e41f533d6f370377bfdb413bbbd903084d20446d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13557
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Oct 2021 02:17:44 GMT
collect
analytics.google.com/g/ 		0
316 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-57RZ078QNH&gtm=2oeak0&_p=822090561&sr=1600x1200&_gaz=1&ul=en-us&cid=437685793.1635041865&_s=1&dl=https%3A%2F%2Ffakty.com.ua%2Fua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D0%BD%D0%B0%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20%7C%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV&sid=1635041864&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57RZ078QNH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
316 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-57RZ078QNH&cid=437685793.1635041865&gtm=2oeak0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-57RZ078QNH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-57RZ078QNH&cid=437685793.1635041865&gtm=2oeak0&aip=1&z=2003129466
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set csync
sync.adtelligent.com/ Frame 29D8
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b781b695-60ef-40d2-b56d-d361b9dfc264
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b781b695-60ef-40d2-b56d-d361b9dfc264
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
sync.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fakty.com.ua/
Accept-Encoding
gzip, deflate, br
Cookie
vmuid=88ccb92d6f15dcb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

Server
VertaMedia 1.0
Date
Sun, 24 Oct 2021 02:17:44 GMT
Content-Length
0
Etag
88ccb92d6f15dcb4
Set-Cookie
vmuid=88ccb92d6f15dcb4; expires=Sat, 25 Dec 2021 02:17:45 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a319130=b781b695-60ef-40d2-b56d-d361b9dfc264; expires=Sat, 25 Dec 2021 02:17:45 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

set-cookie
viewer_token=b781b695-60ef-40d2-b56d-d361b9dfc264; path=/; domain=csync.loopme.me; Expires=Wed, 24-Nov-2021 02:17:44 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=b781b695-60ef-40d2-b56d-d361b9dfc264
content-length
0
date
Sun, 24 Oct 2021 02:17:44 GMT
server
_
1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain
  • https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
  • https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=88ccb92d6f15dcb4
35 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=88ccb92d6f15dcb4
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
server
nginx
content-type
image/gif
content-length
35
p3p
CP="NON DSP COR CURa TIA"

Redirect headers

Location
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=88ccb92d6f15dcb4
Date
Sun, 24 Oct 2021 02:17:44 GMT
Server
VertaMedia 1.0
Etag
88ccb92d6f15dcb4
Content-Length
0
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.16 Zvenigorod, Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
110
x-xss-protection
1; mode=block
expires
-1
localstore.js
script.4dex.io/ 		483 B
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
497718
x-amz-request-id
txa9f7a43a20cf4c4c9390f-00616d2a11
x-amz-id-2
txa9f7a43a20cf4c4c9390f-00616d2a11
last-modified
Mon, 18 Oct 2021 08:01:51 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPG%2FM2v%2Bmu3sTjvUXcszcjDzBOdXCQKnjj0FAC0uR0DItQ4aSS%2FdP2LLOH%2FspJeLRSzc1SY69gYknPJTZnS18FQfu5cT73e1JxcEZYa6v4y8YBmMiQ2%2FDMdGku4iDCLe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1634544111259554
cf-ray
6a2fb5e7f80d4125-PRG
adjson
ads.betweendigital.com/ 		2 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cygnus
htlb.casalemedia.com/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2214a1c2d4d04bc45%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ffakty.com.ua%2Fua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%225.18.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221500805d1627c1e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2217d7c1d939d7d0f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22240x400%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%222052443eaaf1c16%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22212c1325c87d098%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85d66463d4ed9c67e5bef34b2c3f376e6f1bc8a139d5ba0c1dc28380d58efc45

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.84], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://fakty.com.ua
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4345
x-ak-client-geo
12
expires
Sun, 24 Oct 2021 02:17:45 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767316&size_id=15&alt_size_ids=10&rp_schain=1.0,1!adtelligent.com,266844,1,,,&eid_pubcid.org=7ac91499-c646-473b-a46d-4b5bd8dfe319%5E1&rf=https%3A%2F%2Ffakty.com.ua%2Fua%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=3f141555-ee0f-488f-a485-347922a75221&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8707221763399922
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
943a3f4e9fd8c30a6934f50ac24d6d0f69b5e8abee523e7e289007e8cbb04617

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fakty.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767316&size_id=15&alt_size_ids=10%2C17&rp_schain=1.0,1!adtelligent.com,266844,1,,,&eid_pubcid.org=7ac91499-c646-473b-a46d-4b5bd8dfe319%5E1&rf=https%3A%2F%2Ffakty.com.ua%2Fua%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=3c7e7122-555f-481a-8355-07d374ac1bfa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21190025622796682
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
dc7ecaf83ccc6c1ebe365230c3b8b0fc5ef4890d3f1257fbe3e2508f8176e6f0

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fakty.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767316&size_id=15&alt_size_ids=10%2C17&rp_schain=1.0,1!adtelligent.com,266844,1,,,&eid_pubcid.org=7ac91499-c646-473b-a46d-4b5bd8dfe319%5E1&rf=https%3A%2F%2Ffakty.com.ua%2Fua%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=9e6ab64b-890c-4264-80a0-60d32ced1b6f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9667447952749342
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
afcc0ff8eaabe3ed345b299d2dce33ad3e80ab424fa7f9d85f66805aceb44295

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fakty.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767316&size_id=15&rp_schain=1.0,1!adtelligent.com,266844,1,,,&eid_pubcid.org=7ac91499-c646-473b-a46d-4b5bd8dfe319%5E1&rf=https%3A%2F%2Ffakty.com.ua%2Fua%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=8f2cc96d-a2bc-4617-8c09-e23d73cf0180&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13358222108512918
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
88dfabf2b422562f5dcf638853e845fbd93986987801f306ebc77b5b3039a43d

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fakty.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767316&size_id=2&rp_schain=1.0,1!adtelligent.com,266844,1,,,&eid_pubcid.org=7ac91499-c646-473b-a46d-4b5bd8dfe319%5E1&rf=https%3A%2F%2Ffakty.com.ua%2Fua%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=f1eaa428-0f83-4d46-9905-6e56615a7d0c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18778358649450833
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5605fccff2c5ff900748d0cc33f71e5c26f94073c4a3bb1bf0e3f93a91341054

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fakty.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767316&size_id=43&rp_schain=1.0,1!adtelligent.com,266844,1,,,&eid_pubcid.org=7ac91499-c646-473b-a46d-4b5bd8dfe319%5E1&rf=https%3A%2F%2Ffakty.com.ua%2Fua%2F&tk_flint=pbjs_lite_v5.18.0-pre&x_source.tid=e4946fde-49ba-4f93-b920-25dbc1514f65&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7010757059954147
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6b94a938052d44e3567da9deb8373178db02476071be416ca6ff6c9ad116a739

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://fakty.com.ua
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
dmx.districtm.io/b/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://fakty.com.ua
access-control-allow-credentials
true
cf-ray
6a2fb5e86bf1410d-PRG
access-control-allow-headers
Content-Type, Origin
prebid
mp.4dex.io/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
605e87af7a2de7c026d0ddbab42bcfc856e3602a7e92b6455c4aeaa2646e1a9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-warn
Validating the Prebid Request adunit sizes. 3 unsupported banner sizes for adUnit: div-gpt-ad-1472565425637-2, Validating the Prebid Request adunit sizes. 3 unsupported banner sizes for adUnit: div-gpt-ad-1588771284780-0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
strict-transport-security
max-age=63072000
cf-ray
6a2fb5e83a384120-PRG
server
cloudflare
expires
0
c
prebid.a-mo.net/a/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Sun, 24 Oct 2021 02:17:44 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://fakty.com.ua
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ghb.adtelligent.com/v2/auction/ 		523 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
3da74baac32c7503f8a14a42065a7668189032e3bc71bc508e75174b2f5d603d

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Oct 2021 02:17:44 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://fakty.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
233
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:44 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
arj
adtelligent-d.openx.net/w/1.0/ 		172 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3f141555-ee0f-488f-a485-347922a75221%2C3c7e7122-555f-481a-8355-07d374ac1bfa%2C9e6ab64b-890c-4264-80a0-60d32ced1b6f%2C8f2cc96d-a2bc-4617-8c09-e23d73cf0180%2Cf1eaa428-0f83-4d46-9905-6e56615a7d0c%2Ce4946fde-49ba-4f93-b920-25dbc1514f65&nocache=1635041864961&pubcid=7ac91499-c646-473b-a46d-4b5bd8dfe319&schain=1.0%2C1!adtelligent.com%2C266844%2C1%2C%2C%2C&aus=300x250%2C300x600%7C300x250%2C240x600%2C300x600%2C240x400%2C240x350%7C300x250%2C240x400%2C240x350%2C300x600%2C240x600%7C300x250%7C728x90%7C320x50&divids=div-gpt-ad-1472565425637-1%2Cdiv-gpt-ad-1472565425637-2%2Cdiv-gpt-ad-1588771284780-0%2Cdiv-gpt-ad-1576063607518-0%2Cdiv-gpt-ad-1504525694340-0%2Cdiv-gpt-ad-1577092637085-0&aucs=%2C%2C%2C%2C%2C&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.1 /
Resource Hash
a0d68aa42ed93e16665a654e7ab074be67b6def905410670feafef51ac31b771

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
server
OXGW/16.217.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://fakty.com.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
ROS
pbjs.e-planning.net/pbjs/1/2e43c/1/fakty.com.ua/ 		151 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2e43c/1/fakty.com.ua/ROS?rnd=0.16390295386082632&e=300x250_0%3A300x250%2C300x600%2B300x250_1%3A300x250%2C300x600%2C240x600%2C240x400%2C240x350%2B300x250_2%3A300x250%2C300x600%2C240x400%2C240x350%2C240x600%2B300x250_3%3A300x250%2B728x90_0%3A728x90%2B320x50_0%3A320x50&ur=https%3A%2F%2Ffakty.com.ua%2Fua%2F&pbv=5.18.0-pre&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Ffakty.com.ua%2Fua%2F&e_pubcid=7ac91499-c646-473b-a46d-4b5bd8dfe319
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
062c86af8daafa3c708af8528e02d3c7f7365868e92ff936aeefc42e0bbf91a9

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://fakty.com.ua
expires
Sun, 24 Oct 2021 02:17:45 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
151
x-sid
AMS-740
/
ghb1.adtelligent.com/v2/auction/ 		721 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
6d1e5e2ff7dbcea59a65aab6732de54e489ae0ca8c9e1bf1c930aaa4d2fe4953

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Oct 2021 02:17:44 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://fakty.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
193
hb
ice.360yield.com/ 		100 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22138bff945f3f8108%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ffakty.com.ua%2Fua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22266844%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227ac91499-c646-473b-a46d-4b5bd8dfe319%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2286ad6e3a631157d%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22254504%2C%22tid%22%3A%223f141555-ee0f-488f-a485-347922a75221%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.243.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-243-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
89fa0f3ce9b79297603de187422940e9ed29e91470889c598ad8c91e83d25d4b

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:45 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
100
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		96 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22139585988a9b2f37%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ffakty.com.ua%2Fua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22266844%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227ac91499-c646-473b-a46d-4b5bd8dfe319%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22877cbad0dfe4a56%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22254505%2C%22tid%22%3A%223f141555-ee0f-488f-a485-347922a75221%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.243.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-243-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e087da78f9b491fc04dbbc7cf46007144c22004e551cd29cc1eaf34321826682

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:45 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
96
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		96 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221405ce2597685cfd%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ffakty.com.ua%2Fua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22266844%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227ac91499-c646-473b-a46d-4b5bd8dfe319%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228866f1f36e4ae24%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22254504%2C%22tid%22%3A%223c7e7122-555f-481a-8355-07d374ac1bfa%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.243.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-243-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c8d01d5a6c345f8ce06301b6dfa0f951d99730f588b5bc534c247610320e0cc0

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:45 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
96
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		94 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22141cceb2390a1e%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ffakty.com.ua%2Fua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22266844%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227ac91499-c646-473b-a46d-4b5bd8dfe319%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2289114b1016007d3%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22254505%2C%22tid%22%3A%223c7e7122-555f-481a-8355-07d374ac1bfa%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.243.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-243-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d374b36b1dbdafa60f6fd3f1446b8346126c3e3a4e9abcb915c768a01e934e7f

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:45 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
94
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		96 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214206d1f52db18ff%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ffakty.com.ua%2Fua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22266844%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227ac91499-c646-473b-a46d-4b5bd8dfe319%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2290d6cb5d42e30bc%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22254504%2C%22tid%22%3A%228f2cc96d-a2bc-4617-8c09-e23d73cf0180%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.243.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-243-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
049421476187ff482e9322db3224d5b541f5f718a9c416cf0a83f5d7c347081f

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:45 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
96
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		95 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221438b1fd2824ac24%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ffakty.com.ua%2Fua%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22266844%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227ac91499-c646-473b-a46d-4b5bd8dfe319%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2291d7da5620b4f1%22%2C%22currency%22%3A%22UAH%22%2C%22pid%22%3A22254506%2C%22tid%22%3A%22f1eaa428-0f83-4d46-9905-6e56615a7d0c%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.243.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-243-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3eb5ce0d0ae9e1342a8ce4e0b58b90c6ad1ffd4b0d7a30861da9b8b360cd3913

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:45 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
95
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		92 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef96ca301ea641523081e68e63f2f560638ddced51273eb16d199198d419755d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.84; 216.131.114.84; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
181ecac1-4358-439a-a3db-1032ead66c0d
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fakty.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		736 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c4eda54ce596f32832618b470b39b267c439b64ee51808b77ba2dfe58c6b10ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.84; 216.131.114.84; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8c847991-bd38-41e8-ac91-89f607183f34
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fakty.com.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		25 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0-pre
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
966c00c1dec441732004958b74ba7598ca43cf0756942de041bee9ad4e32a243

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Oct 2021 02:17:45 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://fakty.com.ua
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
rtb.adxpremium.services/openrtb2/ 		471 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
ecacf404c411c8b49a4a5cd6082e9f210daeee80ce8aa90f507b781fcb2cf543

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
471
expires
0
cdb
bidder.criteo.com/ 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0-pre&cb=38419018114
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://fakty.com.ua
date
Sun, 24 Oct 2021 02:17:44 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42094:uniques_holding&s=49834b49912a3e9ce336c729aff3d229&__io=3d9660d91.124e71932_1635041864650&1635041864988
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/VQQFD6QvyvUn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:44 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://fakty.com.ua
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
29
api-esp-eu.piano.io/publisher/fusion/lucid/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/publisher/fusion/lucid/data/29?email=&visitor=&stored_visitor=&pnespid=
Protocol
H3
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://fakty.com.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://fakty.com.ua
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age
36000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a2fb5e88e6c4132-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
29
api-esp-eu.piano.io/publisher/fusion/lucid/data/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/publisher/fusion/lucid/data/29?email=&visitor=&stored_visitor=&pnespid=
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/wp-includes/js/jquery/jquery.js?ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e78db37bf41f76bc3b79ef0041f62dd0c6204d2911c13342ef1daed7583b6be
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
etag
W/"13b2-dH0dlXbeQ0FzvwmM8XjGE6Gns8I"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fakty.com.ua
access-control-allow-credentials
true
cf-ray
6a2fb5e8ebe72798-PRG
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
rexdot.js
gaua.hit.gemius.pl/__/_1635041865034/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1635041865034/rexdot.js?l=100&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffakty.com.u...
  • https://gaua.hit.gemius.pl/__/_1635041865034/rexdot.js?l=100&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffakty.co...
169 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1635041865034/rexdot.js?l=100&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=.YvLNtmaJHY3J5oSfbkdx5CVfFUpuiaNRfGyjVjpdx7.f7cj5MuQgY9i0bYguaa_umSlE3hIqONIBAZ6fpScmSNYaiTR/EoFuU15rr3ltr/&fpdata=ekG66y9CCcdhcJgqrbpre9l2lLdQ5LyFQxmX4b7u5IP.k7&vis=1&fpcap=
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , Norway, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
02d2574ce573a66166f56e18dafee9db53ceade8d4400d0c1bb5b74d618f15d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Sat, 23 Oct 2021 02:17:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1635041865034/rexdot.js?l=100&id=zao6P2d9U3r6qXvmrhZChJchzSugagLmNCDiR6Vr42..q7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=250&lsdata=.YvLNtmaJHY3J5oSfbkdx5CVfFUpuiaNRfGyjVjpdx7.f7cj5MuQgY9i0bYguaa_umSlE3hIqONIBAZ6fpScmSNYaiTR/EoFuU15rr3ltr/&fpdata=ekG66y9CCcdhcJgqrbpre9l2lLdQ5LyFQxmX4b7u5IP.k7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sat, 23 Oct 2021 02:17:45 GMT
adagio.js
script.4dex.io/ 		71 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
497663
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx0478deb75d8045718b7d7-00616d2a18
x-amz-id-2
tx0478deb75d8045718b7d7-00616d2a18
last-modified
Mon, 18 Oct 2021 08:01:50 GMT
server
cloudflare
etag
W/"cae476c264f28e37aca638d685ba55b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJElGeziePmOgsKd2te5k6hA3r4hVjjVAzkyVzA76V%2Br261gfJTNjh5CbvglJXGXfgRmMLYdh115S4svSDNOaAqSoL3fkNDMObYVpi00HeuTy09xtylPATaJDy81GNUL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1634544110326910
cf-ray
6a2fb5e8bcd527a0-PRG
access-control-allow-headers
Authorization
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-126238864-1&cid=437685793.1635041865&jid=1305154131&gjid=95933798&_gid=2121756954.1635041865&_u=YCDAgAABAAQCAE~&z=1137550103
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 Oct 2021 02:17:45 GMT
content-type
text/plain
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=822090561&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D0%BD%D0%B0%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20%7C%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Pageview&ea=News_List&_u=YCDAAEABAAQCAG~&jid=485176435&gjid=1811004194&cid=437685793.1635041865&tid=UA-126238864-1&_gid=2121756954.1635041865&_r=1&gtm=2wgak0KMS7G77&z=730339331
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=822090561&t=pageview&_s=1&dl=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D0%BD%D0%B0%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20%7C%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAQC~&jid=1305154131&gjid=95933798&cid=437685793.1635041865&tid=UA-126238864-1&_gid=2121756954.1635041865&gtm=2wgak0KMS7G77&cd8=function(a)%7Btracker.set(%22dimension8%22%2Ctracker.get(%22clientId%22))%7D&z=1649747512
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 07:15:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68548
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=822090561&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D0%BD%D0%B0%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20%7C%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20info&ea=undefined&_u=YCDAAEABAAQCAG~&jid=&gjid=&cid=437685793.1635041865&tid=UA-126238864-1&_gid=2121756954.1635041865&gtm=2wgak0KMS7G77&z=1956534637
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 07:15:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68548
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=822090561&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D0%BD%D0%B0%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20%7C%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page%20time&ea=undefined&_u=YCDAAEABAAQCAG~&jid=&gjid=&cid=437685793.1635041865&tid=UA-126238864-1&_gid=2121756954.1635041865&gtm=2wgak0KMS7G77&z=1612796205
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 07:15:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68548
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-126238864-1&cid=437685793.1635041865&jid=485176435&gjid=1811004194&_gid=2121756954.1635041865&_u=YCDAAEABAAQCAG~&z=30631406
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 Oct 2021 02:17:45 GMT
content-type
text/plain
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
36
api-esp-eu.piano.io/tracker/lucid/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/tracker/lucid/visit/36?story_url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&visitor=6b7khhp80on5g10e
Protocol
H3
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://fakty.com.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://fakty.com.ua
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age
36000
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a2fb5e94ec94132-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
36
api-esp-eu.piano.io/tracker/lucid/visit/ 		65 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/tracker/lucid/visit/36?story_url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&visitor=6b7khhp80on5g10e
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/wp-includes/js/jquery/jquery.js?ver=3.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ab91c2e92f52e90acd1a21ca8650a69366a9fc138ff993e0e7dc60379428ac
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
vary
X-HTTP-Method-Override
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
etag
W/"41-wJ4gWTiyBUzSaBYDHOGCIfbkXVI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fakty.com.ua
access-control-allow-credentials
true
cf-ray
6a2fb5e99c582798-PRG
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
iframeResizer.min.js
api-esp-eu.piano.io/public/sdk/vx/lib/iframeResizer/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vg.prod-euc1-1.79.1-ee2d165&p=36
Requested by
Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
141932
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 19 Oct 2021 14:30:08 GMT
server
cloudflare
etag
W/"2e2f-17c98f5a580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api-esp-eu.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6a2fb5e94c182798-PRG
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Mon, 24 Oct 2022 02:17:45 GMT
state-machine.min.js
api-esp-eu.piano.io/public/sdk/vx/lib/state-machine/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vg.prod-euc1-1.79.1-ee2d165&p=36
Requested by
Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
141932
x-cache-status
MISS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 19 Oct 2021 14:30:08 GMT
server
cloudflare
etag
W/"f2a-17c98f5a580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api-esp-eu.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6a2fb5e94c192798-PRG
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Mon, 24 Oct 2022 02:17:45 GMT
displayer.js
api-esp-eu.piano.io/public/sdk/vx/widgets/base/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vg.prod-euc1-1.79.1-ee2d165&p=36
Requested by
Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
141932
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 19 Oct 2021 14:30:08 GMT
server
cloudflare
etag
W/"8abb-17c98f5a580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api-esp-eu.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6a2fb5e94c1a2798-PRG
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Mon, 24 Oct 2022 02:17:45 GMT
displayer.js
api-esp-eu.piano.io/public/sdk/vx/widgets/embedded/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vg.prod-euc1-1.79.1-ee2d165&p=36
Requested by
Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
141932
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 19 Oct 2021 14:30:08 GMT
server
cloudflare
etag
W/"19c7-17c98f5a580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api-esp-eu.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6a2fb5e94c1b2798-PRG
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Mon, 24 Oct 2022 02:17:45 GMT
displayer.js
api-esp-eu.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp-eu.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/displayer.js?v=vg.prod-euc1-1.79.1-ee2d165&p=36
Requested by
Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.240.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
141932
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age
36000
strict-transport-security
max-age=86400; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 19 Oct 2021 14:30:08 GMT
server
cloudflare
etag
W/"3b47-17c98f5a580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
api-esp-eu.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
6a2fb5e94c1c2798-PRG
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Mon, 24 Oct 2022 02:17:45 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-81117537-46&cid=437685793.1635041865&jid=1570215790&gjid=1965808266&_gid=2121756954.1635041865&_u=ACCAgEABCAAAAE~&z=282828145
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 Oct 2021 02:17:45 GMT
content-type
text/plain
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=822090561&t=pageview&_s=1&dl=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D0%BD%D0%B0%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20%7C%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABC~&jid=1570215790&gjid=1965808266&cid=437685793.1635041865&tid=UA-81117537-46&_gid=2121756954.1635041865&z=924172227
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 07:15:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68548
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e673e4f17ce8be6398181af64e8955413a55cbcee468802117772067681061d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8768
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fakty.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fakty.com.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3999302759092812&correlator=2618488736078566&output=ldjh&impl=fifs&eid=31063267&vrg=2021101901&ptt=17&sc=1&sfv=1-0-38&ecs=20211024&iu_parts=58302844%2CSLDS_FakTy_Premium1_300x250%2CSLDS_FakTy_Premium2_300x250%2CSLDS_FakTy_Premium3_300x250%2CSLDS_FakTy_Paragraph_1%2CSLDS_Fakty_Footer%2CSLDS_FakTy_Gorizont_Main&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=300x250%7C300x600%2C300x250%7C240x600%7C300x600%7C240x400%7C240x350%2C300x250%7C240x400%7C240x350%7C300x600%7C240x600%2C300x250%2C728x90%2C320x50&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1472565425637-1%26is_vmhbmp%3Dtrue%26hb_override_id%3D3507409%26hb_buyer_id%3D18078%26hb_r_id%3D325ba65924bb3ee%26hb_site_id%3D811%26hb_format%3Dbanner%26hb_deal_adagio_mkp%3DADAGIO-SPORTRADAR-WW-SPORT-2021-08-05%26hb_deal%3DADAGIO-SPORTRADAR-WW-SPORT-2021-08-05%26hb_size%3D300x250%26hb_pb%3D3.00%26hb_adid%3D150965508de785fd%26hb_bidder%3Dadagio_mkp%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1472565425637-2%26is_vmhbmp%3Dtrue%26hb_override_id%3D3507402%26hb_buyer_id%3D18078%26hb_r_id%3D33e626688e88151%26hb_site_id%3D811%26hb_format%3Dbanner%26hb_deal_adagio_mkp%3DADAGIO-SPORTRADAR-WW-SPORT-2021-08-05%26hb_deal%3DADAGIO-SPORTRADAR-WW-SPORT-2021-08-05%26hb_size%3D300x250%26hb_pb%3D3.00%26hb_adid%3D15150b7b9d7c15a6%26hb_bidder%3Dadagio_mkp%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1576063607518-0%26is_vmhbmp%3Dtrue%26hb_override_id%3D3507376%26hb_buyer_id%3D18078%26hb_r_id%3D35d41d584259521%26hb_site_id%3D811%26hb_format%3Dbanner%26hb_deal_adagio_mkp%3DADAGIO-SPORTRADAR-WW-SPORT-2021-08-05%26hb_deal%3DADAGIO-SPORTRADAR-WW-SPORT-2021-08-05%26hb_size%3D300x250%26hb_pb%3D5.75%26hb_adid%3D1492d0241b1bc376%26hb_bidder%3Dadagio_mkp%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cust_params=fakty41803%3Dfe91274d1fdece52f27b20eb85550936%26fakty_com_ua%3Dfakty.com.ua%26url%3Dfe91274d1fdece52f27b20eb85550936&cookie=ID%3Df18326d55df2a747%3AT%3D1635041864%3AS%3DALNI_MaDRCUTW7bZTdmmwJosVWO5iZK-cg&bc=31&abxe=1&lmt=1635041865&dt=1635041865276&dlt=1635041864441&idt=387&frm=20&biw=1600&bih=1200&oid=2&adxs=990%2C990%2C990%2C-9%2C436%2C360&adys=759%2C1740%2C2830%2C-9%2C7603%2C1813&adks=4077173607%2C2525811245%2C1969491172%2C2420116060%2C888503014%2C661558397&ucis=4%7C5%7C6%7C7%7C8%7C9&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600%7C300x2668%7C300x0%7C0x-1%7C1020x90%7C420x2296&msz=300x600%7C300x0%7C300x0%7C0x-1%7C728x90%7C320x50&psts=AGkb-H-ZL8wj6s7a_y8bcDRQTb4294ZIhQAsaYzfoCa-zx22%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=437685793.1635041865&ga_sid=1635041865&ga_hid=822090561&ga_fc=true&fws=4%2C4%2C4%2C2%2C4%2C4&ohw=1600%2C1600%2C1600%2C0%2C1600%2C1600&btvi=0%7C1%7C2%7C-1%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
633b99fd31ca80b5705ab32d98c56000214e526e46a2b9c8ce1137518507b97b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31048
x-xss-protection
0
google-lineitem-id
-1,4455013347,-2,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138213736357,-2,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 24 Oct 2021 02:17:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2F07 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 23 Oct 2021 19:33:26 GMT
expires
Sun, 23 Oct 2022 19:33:26 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame 6BC6 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
df2325bc96b204dafa7859cd5a13812012c28fc137e581e8125c5b2db7017cd9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iETDbV39P6rHckn5uxa2CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 24 Oct 2021 02:17:45 GMT
date
Sun, 24 Oct 2021 02:17:45 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-iETDbV39P6rHckn5uxa2CQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/pagead/ Frame 6BC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101901&jk=3999302759092812&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 2F07 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
98349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101901&jk=3999302759092812&bg=!QkGlQQXNAAbUs_yW1LM7ACkAdvg8WpE_ZilZKN1Zzlb1YitR6NdXjKc8TWR6ax7wsrkrMEJRnwLQnwIAAABfUgAAAApoAQeZAqU4iXlNf9w9SidyyMzh2W35jjQeXv7FXPR9FQUAU2dzZPLRFWWnYrDXUGiUOVoSKAiKA4VtghjSkjSfW7S9V72n4guQwdSdYky7I7uLzX9B9zp8wF9FUryWb-BqCEvHNjz5ZN4umdjQ-cXhOZ_0gEWkgMreiTsOsKSCjc0vPY7v2CFTUry-Ok38hcxtbY2G7Ql2--DEut71mTAixSx6lXF3ON7BRYFelNTpDXmFQIAtLcOHg8rmxwDVny574tBoEtehQptN1rdQwj08eCWpVUg40tBwVgSx0BGQ0ifTDaRxgHuLJ-PvmyKMwPjHgs0U4Cxkxazq2KEJzii4svzubWrQYmK0iH7YYZ-vPb4EFygZ-ObAu2Alhf_S9PG3dcOa5mlPW_HsQbZdVQVhXFee_CYjJg1yDpfn_HT9gTNVmw2AjOWTLU-Ler_chj5TsabwkZbej7vP2_OcSgHBPDh5mM-71rKrfiThD20b_kj51tooYGU72eeFbw3O_P0edw74YhdBDw8_gW7sGPQ68b9eSCHn0O_vgHbM3-MOW9d7ttNXj3OZBF-3bPm8M9lD1pVdnrog8QM2XTsY5Bb66mOoKbnzLhtnNuAgKfpkQZwkAz4lAOf2uzGEnEerwY4HE3RXu_ZRe9sVwFhHuar6KNB72yFzYqfOFWdeuW0ShfM-5zwyEQRmB12FbwIJmvK3Gig7UFQEpFzpqVFNhwjjnQEJBV51bO5JkoR5n2FHjnBN4Aa9tUkPNLaoL9hwFzYmCRWshYbRnf1ThVRQTRC4zG8g2GZNR3UPwlYCU2dqaa3TwI5pFhKLc7CslX86iZZxfDufZeJKQfG9b9VjiuozxirqRFruBNcopx3Frcb6-QckLnOjY9bxbHhF5njWgI2gmycWkcccDNuNxQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 50D1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 02:17:44 GMT
expires
Mon, 24 Oct 2022 02:17:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FDF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 02:17:44 GMT
expires
Mon, 24 Oct 2022 02:17:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D95C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 02:17:44 GMT
expires
Mon, 24 Oct 2022 02:17:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
container.html
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EFE7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101901.js?31063267
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 24 Oct 2021 02:17:44 GMT
expires
Mon, 24 Oct 2022 02:17:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8FDF 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 16:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 23 Oct 2022 16:23:19 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 8FDF 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
18428
x-jsd-version
1.12.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19182-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-PM7TIXX2mG/XvjIIwb9PtOhKkw4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a2fb5ee3a77f9ce-PRG
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8FDF 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:17:45 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5AF4 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj1zYScATAB&v=APEucNVbMVjTQc33u9cBODT5tlAV9D9o6i3uqHeJYwiEND_HjztCADlSvGLN5ba8d4_Zl47Xa9b7dR1M_zhy4xHNjeSQCb6zBbXth0hhDSaRK1SGwbdaiRgHTY5e6c8ahRJemPCajsxwnTQ27XNPq2WCA3wkR-t21Zy5SHfd8K2Q1F1bwkx-OT0
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COXQcRCu_4SOAhj1zYScATAB&v=APEucNVbMVjTQc33u9cBODT5tlAV9D9o6i3uqHeJYwiEND_HjztCADlSvGLN5ba8d4_Zl47Xa9b7dR1M_zhy4xHNjeSQCb6zBbXth0hhDSaRK1SGwbdaiRgHTY5e6c8ahRJemPCajsxwnTQ27XNPq2WCA3wkR-t21Zy5SHfd8K2Q1F1bwkx-OT0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmt5QsSbQPZEpCCxh8L70iT-N-9ONCzG4m7zOan266Qvwy6S0xYSitlvCDq5uE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 24 Oct 2021 02:17:45 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame 50D1 		29 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcGGLkX5RVu-zEaj6aX8EP64UUVvySzUqWQn_mdgllsS7UAAf2qQcHoVRQinCOaArV6SlFNyBr0cSdqEAt_Q-fNs-ITb1UjPMSXlkxwSVpVUjLSHHjGR87DyvZCy2ExgrWoUgnJulMK1jX120duXnQCJeQFw&dbm_d=AKAmf-Cmyk-4DRk-_nj0o3CzgeoVVasjRzZiyDkfMy3tvYdJiHlMa_3kZMRSYDrQ2dHKH6HnHppry78zVtQbuOtgIWPDoxsnSJbcPIpdD66anscr59iOf5EKvtcHHNSTvjTj3wrfJz7ChUd2-rHbpYcnkutXKQCSYfI44KH10_jK56x0w05Z8z5ki1hAkBi_VjDCpKUQjuK727TtcufDfHz0UDiYzc9CNcBuh6IN66spW0GLiOQgHANVNg3IlrCb46MpQs1xTPcmzoun6cv6LqGQDu4OLVeDEEasehBtckxBRyLgj94evluK3oJY-XQkrigGP59zrSWqzuonnUOFK3fi2Sjgzp0M78Sv6pRq3QWVQMZX0F_d9rZOQ_LD2izNp09r7DEofjmcc12E4CZf0HSts_ukQQKtkUzX6eeE9m68pOVXgLVGNkEQhZ1XPY-lc-GM5cewb3t92sEx9zD0GEj9yDMRdH-wO6UgP6vtdNeRpn5uuh5zHZ3OCiXYOhvO_3NUvonZGabbIK_E0ROIXCt69w8JwwlkcybamDvrORFvVFqO00kKI4QGkueADpzmbEeTv-Zhgs7QPhcc8xiCYfUeImA1UrlmceKV2iwNEKsCqk6K34PHVa19GoX89QYTByh3Bhdx9UTf9Kn3Jx2Bpxfs_lzGg3KMpbSMIOn1LWi_6P2H2YDxD9PwEhAlpBgvlq9ExCJwGhurpQuk1wmfDq7BlzITeoOHx6YuOdBXdE-0q4tX_n-K5VRY4pf0QJ9rYqkiF99ldQUpKTK_qgneN-x-PUlTTs5LYrP9d36oPZGnW6Joe5BcpoOQzL7NpyKpeotdIN9PSEFkkI62YgL1tmzy7WMggp5e7KM18N7tE0Fcyxfkvb07v7wYjjPIboFQa6RZlb6amFOUUrDBzDffSaJXFGvgVZ3ErQwxvR485PDMIcBhcX-hNUDI54WeGc6oG0YlzCo_ArqkI_j_pG33T9aSsW-PS3J0pZs1EQkrmO1MCcBPByVyT2VNob4s0_cfZ9S_JSlUFiP2T3QmKB9LmPHM7eXiIKp53uUMxArSVSu9tHtAhYA_Cp6INg0YE13RBs-ZWtHhPNJGmcty52ybYL-5C9QZGpkX6m75J6WYsJG8hZae9UXUDSR2Yk2fsN9hExu9qu20KSqrg_1A7HCEtg7UVpTum3Pn9faxJLaoXDCkFMaLf1UUvTFIhdEImDBY8Pzq11_AqM7GH_YkGSqbatlVRqXtcBEO6cnh1OLTPj_CeOv8tZ8roN4SQoQD9Im_d6Gwq_tYoLapniC09w-0MrRiryeEC-XPoV8lzu8xX8hS_CmPedQ20nTCJn08HSKu2uXvlKp1CwvQ_v5NjRPj58YDK0XFZC4fFSWimC_QBFXf6Df3yxKs8EXn1mDQx7Hpx_RWGXgyx2orIMvjyRbQz6BdANya4wGt4fwA4zTCCxsr6Kg8OHp5ItJY_pqtJNP_UbJw37PG78ew5p-td8MeSqMjK_4V0C75bndlBr2_6VYtTfUidZ_eX3a7596cDr6cBSFkmaUbbvhtzYrbMvnifzhSvHs8c4cEYw4rQZsFzAiPHJWt1RdzngsaFikDJESV8QmMBfw1s5l7eechRbWXRU5H2PMUvNQBURhUFGAIa02jkip0JkpH3wAELDEcYqFhVteFdjGEeViSSW5_4ZmJTILjYyvFXKXPfz4VdQ_M_Mf_kwate7SCS-lgF9z8it-tnosxUwraB8ei2FnPTcKB-glZ1ElkwuAPYisL8xYQuBw6psmML88Ua_692kyIeOtG90knL64-CT2rMxZ77iYlgT_TLAulGL9zju11xrTC3NFQaKzKUMlVy4LW2mqIxIfSEx1PyK-L3n6Q-jB6PzJ9qNt1o6jx3at6YI4wny_OQrWHNuhKb_4qWujPIuQJihd7xzLsTwGwlwoInZj4bwukRZ6z7C8furfqPb8JGX9b7XOVJZ1RVJsh51fQmW36wxKecMWl3F8oMt9qUIb_xZLofTz6n4C5tTB1O-3Gn_L1GiUxawEguX2TzVKljJmhu7x1hcnvq55bZjNa9zC-oSrkvfvB1prOm1o0vKdbT8zDIvV1cwZtR2q_Nm6xhShdCZTQNkqykpnI1VBrgve4Hn740_GltJhyF2TIn8jYJbkTqRyhnDOpL8MppupmYESbtUIy51jBDODrlo_Nvr3y5ER-R68gpF8gSAamQqW5A-4NEij9dlCEVFNefL738LnCva9jDA4mKx36mdtO06-H9fIDGO3yVBhf0CaIqSYWorFINNsy2Eq7FaxsePEKJlPa7hN8IgUB_lWGBq9yfRKfuGhO_cCpH9vczAkX3uBmQKVl82unpacJkGKEiCJAngOSXQOaZ7OQLBMLU_FBHQmrBsx0lDphC0UvJNYJNd9-FKsFgW0jWlVoaMCDaC7KCewL4-wjT9qbzIo48Ro-SuC1bxAlsd-9h9a4Qyq0ZeP9ugXBoFYCyGU6YLT-W5RbnA1x5tG9FbaJdo2jfZ3BEiqNiMD-Gcs6jArVPg9cvjJfGnPsf55x8vE0fH6-yX8vOI5Bgn2B8TG2HN9vATD48xStBvvAKZdFSFZ5FnJof22d_sC-WptJO56TMeVDx2AAdpwUO4iieyyq0Q0_kzNVge3aqXrnIHFzGrr5fr5CUsXo_4659np6iKKTRKT5QGgzI_hvodbbBubUPhBbTT72J_WNQ0xPZVOQqxWikeU0DdgRRO2P-MSkkI2-1kJWZIaKGSVkLFEpgiYliKhGzp7iVTz-WfKO45OH1PZo1iHB-L57wy_i_SRL6RjzOZ0FE4rHkazZpdhFo4ftbdbGD3HkYOpmQpGK-CJIA2FqLGE6YBseuvGQAOfhe6ZidhIswXphkk1GGjDMP9lyhZc8XsBA6xBjEPHzKNQG7REnsnDv0p5F8DjTttkpMbhNqXd9CDVA6ddexaaRzyeQXVHDsXmIYlHH67yOItdG7ehwpWE_EA9fr5X43rXr8sCKVENIGN3P7jwhUjqW6eMA0NG5LO73opU7KhzUIiBC8DBXsbiBDqQwFaaZYiZ6xqDTu9JHpq4eOI5aydl5WglLIeIyn36K2j0JlZhMdG0ROTIG5lMSgr8MEzcAJmm9Ldk780U2L3enS-hyC4Kz-j-ptjxmPUnuq19RD-5GSqRK40sNj8DtWBR3J3wQ0VMVt4Rv0jGAxxk9_qY8IHhG6Bxtj965e6itXQH-KckNas2BZNLXMW3Fy29jtQgcakyRSlwoYVoIkfh6CxoPDPYHvzzU4syxlMHCDIz9Bt6GqMfo8ZscYpN7Rts52zuyXKln_sz0ZRffvrV40miMkN8rJgaGiM0fjsFy4HpW0rYuSD7uwDppKgmo7qbsSeV5gXZNClv5eoauB4iosysmF2RuObs2zvAf-HCU&cid=CAASEuRozeULtSb2oMKGSSRMNQP-ng&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
aee709a20163222200bc752e28511632b32b441b7de3c92f7952bb12ef2a85ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15099
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50D1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBn8wLzrgAabKDpN4rK9d6sPvwgo9Pkqjb6Be9s_T6U0PEhuvn3CparAmEpa2304TxUHX-NeQuuWVzJZBz4kd7tydM_umwGiOPELXqH-516DECFwk
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 50D1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=Odr898&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0i8PL5ZCo27tV76TMSskoGX&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231221&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&turl=https://fakty.com.ua/ua/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=300x600
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame 50D1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0i8PL5ZCo27tV76TMSskoGX&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231221&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&turl=https://fakty.com.ua/ua/&DVP_PP_BUNDLE_ID=
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 15:58:26 GMT
Server
Microsoft-IIS/10.0
ETag
"0fda9262c5d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 50D1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:30:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 50D1 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:17:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 50D1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:36:07 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1D37 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNX2O5o6BdZdXmnBJhrdIdv6uWrwNdarlDgq-AfLQoBjZ7Xq3NIqk6pRYBBKH-z8E-mqQY1wlFOjJukoW0EbRakXogahPKUltTImZ7NVBMO6d9X_lwyH4XlmMKEwUrByLVvrBI3xsvv0LqPiTv5pm4JE0gNd_rXr9XsAB6S3xKYLmCZttvk
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNX2O5o6BdZdXmnBJhrdIdv6uWrwNdarlDgq-AfLQoBjZ7Xq3NIqk6pRYBBKH-z8E-mqQY1wlFOjJukoW0EbRakXogahPKUltTImZ7NVBMO6d9X_lwyH4XlmMKEwUrByLVvrBI3xsvv0LqPiTv5pm4JE0gNd_rXr9XsAB6S3xKYLmCZttvk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmt5QsSbQPZEpCCxh8L70iT-N-9ONCzG4m7zOan266Qvwy6S0xYSitlvCDq5uE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 24 Oct 2021 02:17:45 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame D95C 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsGllP6MJBcs3SBW6lniND9hS011jCM0aEyI0SL24SL82UKlqaegcHYd73CTGLW7-Rmwlv2yf1zQzzCJNBvtUVk1dLp5VjSrj4FS2_CpQC39gCSxh-okUBeyBCMNDSfb0sYly2vk5XypvQxLnocK779GfyLQ&dbm_d=AKAmf-AEmsDvfJqtCtlYu7tp11CtP_xXD82Pg97y_1T6yon2fQRS0ALX5qdqZZ21DJKoi9H3EmLowFbVj9xHnunWfhceLR6d0dwSF76Z50AeWe2lNW3746B1nvGnrfiXx1IkfPYzcUn9JzXDOhUhcHv87Ov5wlOdUJh7dLkZlILF8rHns9bCKRLHcek2VghmPFqlSZ5kUMsO_NvdCBjoHGy8onoviLk4jXSUpCgNuQeYx_dSf6k0ix7GIy3n9edHozojdQz11W3JQDgEkk-P-eQOE4fpRFtZsgwxoD3Azz4PKqa6_gRaA7k2RxzpHr_oYfBOLUi1Hb-5krhfroHKRXHjwbhxGu-fQUJpn213p06O1YlcJaj4-eTHHVVOfYsKlw-LO2lA8-xvd_TooPo1KUsYQZNrgfCDXnpv2gf_dhy0KIdewxOSfR6cDqDaAJTNikWPgirnOtyL53JB86vtb3YfkmLAV_ZAxmE1Ab0wyfnsFD42vsFOwouSzovg7iI42NhcA3o-eR08IPNDY3AtfuA-dsYMsUNs1RXtIGloMw-ixXdhE1sRMDMS-nkDohpFvKZajz8DQxzDS6dj5sj3Xyh__Sk8QP3dBxIyy8_8IOU0diQxeaAP9u9LtkEzK4WWuY7EqlUXdSAe8mPkGcnTS0Vx6pRduh82Jfbk-lfBeiIBJKFTVkxTfGgRrROwlcRmucPpiKRkj14BbjDNSzRuC4ak19bRvg7FFBUnWbVp3vDPTfVWJwIDS93pwvdgYtWOvkzWMeKmuXGlVvrNLe6gkzHPJkIVTauHoP-JhYuJ9FTkDZcqxobe-9a7U2SalvlpgCqiS4Px8rhgfpAi6j_Z0WjiWUl9Q4HYbcBgtOJTMDwWW7m8UsEzslRtQOQjbizXbIqYECy3m2UAUnAgglhDRAITglomujaxY-MfRyly67SWINhCB5x_hEgNgpd6A9LJ8Juca4XwcBuoTrRi5bzS0koIfjXJBXHz2iRCvxKUELfY5cwax_5rfMSFxhisnjh34TKOmy9aU3UNS2H9n5525b3_4zlOBOAmATONuBFSBJ7Llr9lol6TcKnPmU-0ZNSxv-yF1fuTMWeuJoOYL9q-jXJBGHRaW16QfQ-324-gkuzGewbjWPkBaMjg6FdlPbBOp6sG1Q-4E9FJZ33O9mdWBOxJ3L6kHEs-0-O0K4fpwgHRnMTyR2T_64koVhxAo5pq1W_C17PQr65Z94yOjBmVFspBcW35o6dEdLFzXiT3d9jsORXidWnL-EzZoMHTvPkI4ipxoy-oS_QnOgNu5IPnfp-nkKsv8Z4rMD2uWVbpXpjBFJ32cTVWRY6tGksU60LFUkWnE3Yb8pcyVj3UX7IWCYZSR1bMjyLGf5I_JrSj--RQ7WLDf0xWknlUiAJXCLIrRNShn6lKfGCAXXkYizMXP2k71-vuUqfh0regbm-5VIFMC-Ndbjg-QtCsg58GIgI9Z9Tb7QIvDBmz_jk_BvyOSNjJb5he_a_6pIiyiJT__P7xgr1SS1XZX8wqu3dn-DxbFy9Z97hgFI3MSKTR8IAHb4IQKXDSzIyGMnLGXSpmdWjwPblFngxdB4lLeujvXUsfpfjkmVDN5Q61tpMOXpNAyikwdhgvrmgUbSOJs-u-36Ho5-YAMG9Vb8uYTTE4MuIb4j9PRflXuPjdiUBJfK2rbC94smo7EpJbZo7rat1gi8jeE08GSw-l0IBWFfqdB7xoBb3MSAdJCx6JclbrFUsEnhSWvarwAjdm6hKBTHxQCVEAVPilMhfE8aROW50tYNUonvkuDVM-RcfaDw-4HlqO5gXGJXShCYHEiepr9vOttImeECerN4osqQ3VLG8BAUYc32T7rUAm03ZCENmCc_Y-pt0GpbR5IUbCby5ILCmaPiJgiWuG_iMPWUzAximYhES6of0_Jqw_bjx78dRwZ36YlBrDej1CbbtbGY_yXtPTFIaevrLlSJeF6Xqevej0GC-HBYIEYa6ifpyEarmsgGFB2u1yUJRAPhiWtEbOq0cfKzSbKGrjC_l38tkHHCkXlCzorcumsazg96xOhvVy4RAgJ2lhNk8RFVk4KiNEUybJmFpdwppuJjp3WMF21ANeYz0B4icUdzT2ATje2--m57ohuI8j4v8-H--Ov633V5AkllNdWnpbYymiI6wTRcWdHKivMKMonloYFVAuXSdwrVhh36SvEQKFWALOD42wSeJc8_cUhwMLzF8DZLXLRbQTmVi3FZcQ4WSZJOWVw7XBBEyV-rlVVt-7VqL2NgOL9OxGv1Vw1XbCni1ZYsVSIXxLnnTYeQmM4whCe46jgzCGNfWAKcghfkkIAgVrhpgr5VDEY52kglaZNTFp5O2ur4kecRt2Umyw0jcbMdW9UPwbUa59cp9aRdziNMl5U5lueUNP72PbViYQSc5KP0-bP_dXbMr_rg5jnfFg9kNP3o0YmLJWcd9w_fusqxnzWSxZwnh5JQdM6Y4KC7NfdYAIBecNATntLT4jOejDbaNZJfnFqMQMVbo0vcmLQRem288UdkXsx7x-u3toYDJxYE02_25OwrNYnD5U_yEc1awOPFEW97-38H_YCNJRQ6cb1PgH80vYSJlW1I0UbkH2tvjrwLwrzwMvGHoKSipPNmLsji_g-xjo8bVmpstw5ImLX6Ik4nbK5dTXE7cbJvI5cjKl3vVm_LGQW9PceYjIuYPnfGujwdDsjSUtiuN4oTyzfStyPzIs85D0CqFFJxSfkMeJKL5pFsDNKI9p8oNv2BjC9cQKkLSIm3m-oXRGql2LfKFAWfMJI7EbL1RuRNma-vIa8LrrrXIr7ZW-rhKwW5z3Zb_a1b3gOxFd6QHgNySYGxR_XFMaYSekf5q7RCrQCYbcRyx0A3_3nBrRqYLChoTR5p8fPcrdTKPRRXtTZsYyxqopFG1mAcrw-9ZSvqEunUgeeZyvLhUbFexrtvAzVxbEzKQ07XqrV_mVgyLDUDqc2LXNWuHxouhQta4zA0NSa27KWqH9R28J2GYPB26yN78mCflBUCVcdV-kMQ6NwJOmuBjdh0omQugMp2GZUdugXvAl0HM232v_m8vIGYBJk5To&cid=CAASEuRotg0obmQSwagwdU8yWHjuIA&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b293a1370b4ec4aea6a4025137a5d9875099b5153eb276072dd2135dc35d741a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29645
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D95C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACTl1LGN7G66H7UpcgTHORyx5HGfBqBKKS91gNhx103Ox35Qhx2-yDodNxMPY29JJEc6dm_KM5PY5tACKxarje6on9PHRJ658xlhO9uosbxgL8J2E
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D95C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:30:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D95C 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:17:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame D95C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:36:07 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3640 		624 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj40IScATAB&v=APEucNXguwH06w1h98HRk-CBVS97XIGZXT7uyle_P42oc-QAd4GTdR_Uj14AoKxWMWLtRbDE2HWqMN04OK9etS96y8XS8bakErpjlcXw7XutgpoyFDw-RVobFjRXP_eMVViZ-h0iAoy_wdaJZ-PVgbN-MpzYhL7DSZrbCnSm6hbsG0v18ndLrCg
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COXQcRCu_4SOAhj40IScATAB&v=APEucNXguwH06w1h98HRk-CBVS97XIGZXT7uyle_P42oc-QAd4GTdR_Uj14AoKxWMWLtRbDE2HWqMN04OK9etS96y8XS8bakErpjlcXw7XutgpoyFDw-RVobFjRXP_eMVViZ-h0iAoy_wdaJZ-PVgbN-MpzYhL7DSZrbCnSm6hbsG0v18ndLrCg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmt5QsSbQPZEpCCxh8L70iT-N-9ONCzG4m7zOan266Qvwy6S0xYSitlvCDq5uE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 24 Oct 2021 02:17:45 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
ad
googleads.g.doubleclick.net/dbm/ Frame EFE7 		29 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-u5jfPxOlTjpwR_CnRvZjFv3m6qpg__0iVq5sCsDUyBclJJFKPam8Gf9O845SDG-qWJ4u26A-_NNsG67epwU_hdc0OjHwws17dyTb6pLmxf6Zn-HJgqskkg_pXsUIp6VqDx9UrnpUqCQ9MWRnIY_BBMkP2Q&dbm_d=AKAmf-CKMqEuo54N5lrGskXjmZQt0RQf86lm1Hvbl96OZYvoTNrmT2jfrS33blVbO3u2oFg47161tAiNse0DhWhSdGAZIrG8BKquWXLV7fn7wzl_B-X5eLsOEwsiyC0Fqr9Jzwp1tgMV2akPUetJfZDTi39sv6AHrgwqqDr80_dynjAvKR_CrCRBaI-n690doblT0AeZCQei0fr2UMueNSE_VbNrFYr5kYoSDqqKC2J0t2KC6Q6XwPCEKHKk_5AVTIhRCoHuCoomD0ZHwV_p7nCzjdFFioBKdgNXVX3aByCoTk8plGEgsYYOTVfMf3XlDShd-0MgKMym4iJANTIWjDAa6BZLkiHc6ivyN5YpxEesZctLfBZL9NqK0wUdK2_9V5B3EZOTcxc3Yl83VK3fs6Tojf86rmjSWMrmEN9lNnD3s0EeK1C2VCFtu5e0mo2H3b8sk_pXfOhb3sPpvv6YndLP_gb3sQs17MnbM4lyv0KuW0XAT7IGf80ANAhmtyM-eZg5NlTWpjJ6ak7gP1lD4F7U779E-Ws6uIolMT3KGFpIe42lLTPGMRyqJ1k9iQaU3CYUHBl26pV6nBcF9bnMLB_tpLHU9WMjuOlzR9_9ca50d7kz8eQqnjlxyd72ias4PPAeDpRgv8mDC0suMv_lUxKiGJVCKkBG7suaDhbZPHTQjxp4FzcYc9kZMrj0O-8xTO2ZgiRVGc0-8kBQKwufURkbj4IPQtiIwxBUuSTN-alfw-WLEwcAGrDElGT2C_IMfUb5xtWXmk8ucG0D_9hxvu43SgSBECtnZ7klldtGEKS-ouc4SpsiMMyz3We3DBa9M6mP86K1ruOY180ObLE8sAyMdhO0vwUtTHVdUz49WIvPek9kFI4wwyuwH29st_op70a7f2blBmU26axJ7RIlQO4rtDxsbKNTB74yAPIVxiGWAPrU2Yvqb-UVFTfmwbpmcix0gDjgDDlYTNYT4BlebUFfnXniuKiq-P5wQwAINtVUp1sRrciZn6wQ7b5LvLuukFMPssqdEbbjj_ThoAmbrn-OA5UsWWc97tv5DMwx2eZ9l3l8e1Anq3M1WDtY11Sr6PJI_F3S4xbkQvp1YI8U4C9YrweH92XDeaHVd5uENcXC-ri8OYt54qCHoslHR91TAvxOTX--glsDQYPSiTgOQb4zUX7QtaaeOjV4PDADjK_nN4CVUAGu6V31AGS70q1nrwDqPa8i0XxI5c4QxmHXw2h8VIbGeS4mbFYZ2UXuJSdCWBo2S31VwjwovDYCvVOxRfno0LGauv2SMBCsLL5_zQJxOlQCrscyEPUY5hUAl1atgxlml2ORINqb3brWFVxieExK34tnCTgcLIf3z5GeLUtrIP7kzCFHWT5L34aq9HaHICA7vM7YbIUIq3I_j5nNjWYX3bSPhwBLKt4C5m_s59PrQ2m9Cfvp0N88zQBRKHKNNc4-NioIhVqRv5sydCySNqsU09rmq1OOvBfjYCYfLwollwnwVqTQRha2xerLOBStwuXtMe8fmbcwt5v8td7rKOIas2o9L_46A8Fe93qhtGqf5iCxPUaML-R9mv7Dl2E2eSIvMxaeqNMOHyVdBMz3K-HPzglBK6lW511MhC2ze_h8h3fOojTiPmbJY836yJwxTff114W1PzOklPKoTKbn8XMJFyXT0Fhls_wRglgn9kLbFKgOmM7Wyi9nQDpZ1J0BCj-jx_Uh7qilYKEdk11DDjVywAaCcLx3dLPJo5ZtexRLmIr8qNKSAdks8LN7zCWQpk_Ik9_TWxLYYZBhFcFmAWdRDxtuAHFeTC0t5ggP2m3v7ZxAPQpVYSi_ae1BR-54j2kqUI-pL3KMMzNq5z_VQC9TVLNfZOKF-rVzpF19x42X8ktqTeCuK1qFovl_aBRJD42aOsOAZMm5WBLyyiNrQ25uVjmKSoZ4ZuD6l_1SkgPrQxVdeN8WTxRf9vT1yW7TL7b661Rn-NxpuucGr6bXi1SInpwALvwkII0lAW7hXlL1GZc0HV7BZFjxjo_afFw0vnjowsfkKQT8q7CIYQKJYED4t88LHUs_9fWHGZAcnoUU6XPKlxxyU2OMjvlF6yzzoGOsZUVbdxcyBYLc7a0AHOCsdpvqdIeS9TDbU_FdwbmF7tStP0Zon9p5kvYEiUpsdFf5ack6fIJXCBBvlEbgmXKpL4sFG2ZJUoBBXx7N8eBrnkmP2k5YT1NuyIg36hyYrJ3I-a53ZplS2f_StpIM9BpC3sLFlkVyLkSgCcmF2_oiR_kSK5Yt5bD5e7QMxMtfMiVDJgF5b6jwqQDMx4eNjm8sGn7Gkd52bdvZtJ8nnuyn09HZ6d0Iaa1EigCJnJxTFViq3MO_GGOIdZIm5gG1K73VRnJg0jJzZAe27uSUq9zfsUj1Z0YnK0LuesiSP5bz3W1b2dw9IRlfj8YFb8sQjHZC8d0sXwiaV7yQxKeUj2qrjvDWIRWr1Z_Cp6NGOrBR_HZjknomb9umUJgEHvqMoDj5l8Nw26Qa0DNoVt2cn599nOf4MSNViMrliM7iUMSi301W2aWglIIKG4hnpy1RRcN3Zo4oJ46Y3LQenmdCXElOsZ63pVTO5wAKbKk-BnMWhQv8Pi33blJC8A0nLRFJzDYQzeN1YRFfMmHOkNowoRCeqN1faNEb5wFNXTuqggumtCV1S3dtaW3H0gi8Iq1I_22e8qWjQQIuVEK3Yv2JsidgJo8IExeuabHbuYJItNoi4x0Mi713wRG5g5q6Oq5nXsum4yyILOXPyqu0Ht-6QWH3a0lVk0bP4ObH6i-s3LcbDpdtw3SqQmhVeOe4iD-VrEXUpJ312QFTZ-E1YdG75QWrB7syovysRDfBZnRk5itKv-94sAMRvUWAzAtzYzz59SDogEMgeCFC7JYg9DzyhRQrB64heW4lLwJd8cmy_4ZHF6DU9DFD06D-C97VCNlFgxlQk_ga4o9buPOpql-WVFJ2KeCi0fIkohKeB_W2DxW4a6CT0PL-odsWMaPbJ6p15E145nCBYEsuUVgme_2qZWT_WjQ5vdnpxEmGOJCqKRh_TQty2y6j5Ul49jJLuF3XKwXHX_bi9D4LvjUY-I28Tgjr5BJrWVk4_FwXAcRv1UynHZph1_EXsapQ_mCjQCuzBE8bP9SuRu7CApu6X1I09qDCGcIH4ibFN-Y3HDOS9nbv9ctPG9iYT6UIO9InDD2JN8Kycoi7m-A3G9o97uFa1x9tTTtunNI2d3fdrTP7G9rWpS6KAxsQagdRgre3f_lFKoCdcIRzUnhQVlFFgU_QWX0skJN9ufbCX2-pCh98S9f1U6Rwl8cMhhJE4g2MXsqFIlcRlAt6Fibi3a-niNao__e54LkfauattE1lSsF-pDKZ9tri5RTkOUlTy7q9lkLXdHa7TZXJdiRJ&cid=CAASEuRoilOiVz4QB-tAlJSB3baZUw&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
fcc3a01d9c6e486f6c57a64b436de0bcab157a31f88728fff58d495784174509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EFE7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B2owBiruiNzNwEvtgc_mr-WUI_fhXQnMXemOSyiJzJhVbDRiPnK4l8sPCYp7jPEzLKqBicJn_WEhFcPODOy7DvTAO-WCDe0Mn9CRBj8QvC4RLL7sI
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame EFE7 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=ZWCsG7&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0jNsVtZ3bkCnXKx4enWMm8R&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231608&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&turl=https://fakty.com.ua/ua/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=320x50
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:26 GMT
Server
Microsoft-IIS/10.0
ETag
"60d09d781a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1338
dvtp_src.js
cdn.doubleverify.com/ Frame EFE7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0jNsVtZ3bkCnXKx4enWMm8R&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231608&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&turl=https://fakty.com.ua/ua/&DVP_PP_BUNDLE_ID=
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 15:58:26 GMT
Server
Microsoft-IIS/10.0
ETag
"0fda9262c5d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame EFE7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:30:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EFE7 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37344
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634750403498492"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:17:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame EFE7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:36:07 GMT
l
www.google.com/ads/measurement/ Frame EFE7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGECijglKRKTmBgkmd0hZWj8VTR-jVouJHbdxUCjXS3uoTmm4GbN8sWwCjd8GAAYGU99xcycdA_LehqM-c8feb-1_4pg
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 8FDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0GaF-mUXggZCOAJsG3oAoKh5pQb6uegFbIEtxuIODDoSC2mKa-A72YfzKTigl13FRvHhD5CGE1ogkwagCFbKrnP4CbWouwSI_hlTFgsA0th7gNpONuNNRWr8bS30I2AQd_XNtrD2IARjY26xCl4j0QGpb8fkTOxekGycu6SZsRa3rjiiI7v_-1jA0n2ZAKG-2W82vtlo7epga81QbhaMLzbKCQlGyJaUo2leHiLHByPgGKlczMOEm1xFoqwwCVHKo5zNhFkJM0HWvMisd5j4pw_OO8gWkEF3e5_X01PPO8El3lz4XX8Z2GmoIIIOOkyTaFHVY3blq&sig=Cg0ArKJSzJcyZwCidirmEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame 3640
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj40IScATAB&v=APEucNXguwH06w1h98HRk-CBVS97XIGZXT7uyle_P42oc-QAd4GTdR_Uj14AoKxWMWLtRbDE2HWqMN04OK9etS96y8XS8bakErpjlcXw7XutgpoyFDw-RVobFjRXP_eMVViZ-h0iAoy_wdaJZ-PVgbN-MpzYhL7DSZrbCnSm6hbsG0v18ndLrCg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:17:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3640
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXTCSlDhKJoRMEtkWzkrlgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj40IScATAB&v=APEucNXguwH06w1h98HRk-CBVS97XIGZXT7uyle_P42oc-QAd4GTdR_Uj14AoKxWMWLtRbDE2HWqMN04OK9etS96y8XS8bakErpjlcXw7XutgpoyFDw-RVobFjRXP_eMVViZ-h0iAoy_wdaJZ-PVgbN-MpzYhL7DSZrbCnSm6hbsG0v18ndLrCg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:17:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3640
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj40IScATAB&v=APEucNXguwH06w1h98HRk-CBVS97XIGZXT7uyle_P42oc-QAd4GTdR_Uj14AoKxWMWLtRbDE2HWqMN04OK9etS96y8XS8bakErpjlcXw7XutgpoyFDw-RVobFjRXP_eMVViZ-h0iAoy_wdaJZ-PVgbN-MpzYhL7DSZrbCnSm6hbsG0v18ndLrCg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
X-Proxy-Origin
216.131.114.84; 216.131.114.84; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cb5ef9c3-dac2-4c2c-b885-c2f478de8e08
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3640
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj40IScATAB&v=APEucNXguwH06w1h98HRk-CBVS97XIGZXT7uyle_P42oc-QAd4GTdR_Uj14AoKxWMWLtRbDE2HWqMN04OK9etS96y8XS8bakErpjlcXw7XutgpoyFDw-RVobFjRXP_eMVViZ-h0iAoy_wdaJZ-PVgbN-MpzYhL7DSZrbCnSm6hbsG0v18ndLrCg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
X-Proxy-Origin
216.131.114.84; 216.131.114.84; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d2d702b2-a467-41d2-9427-a125633cc9b1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1D37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNX2O5o6BdZdXmnBJhrdIdv6uWrwNdarlDgq-AfLQoBjZ7Xq3NIqk6pRYBBKH-z8E-mqQY1wlFOjJukoW0EbRakXogahPKUltTImZ7NVBMO6d9X_lwyH4XlmMKEwUrByLVvrBI3xsvv0LqPiTv5pm4JE0gNd_rXr9XsAB6S3xKYLmCZttvk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:17:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1D37
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXTCSlDhKJoRMEtkWzkrlgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNX2O5o6BdZdXmnBJhrdIdv6uWrwNdarlDgq-AfLQoBjZ7Xq3NIqk6pRYBBKH-z8E-mqQY1wlFOjJukoW0EbRakXogahPKUltTImZ7NVBMO6d9X_lwyH4XlmMKEwUrByLVvrBI3xsvv0LqPiTv5pm4JE0gNd_rXr9XsAB6S3xKYLmCZttvk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:17:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1D37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNX2O5o6BdZdXmnBJhrdIdv6uWrwNdarlDgq-AfLQoBjZ7Xq3NIqk6pRYBBKH-z8E-mqQY1wlFOjJukoW0EbRakXogahPKUltTImZ7NVBMO6d9X_lwyH4XlmMKEwUrByLVvrBI3xsvv0LqPiTv5pm4JE0gNd_rXr9XsAB6S3xKYLmCZttvk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
X-Proxy-Origin
216.131.114.84; 216.131.114.84; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2b73a39c-9a6a-4971-b525-8f316341e40c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D37
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNX2O5o6BdZdXmnBJhrdIdv6uWrwNdarlDgq-AfLQoBjZ7Xq3NIqk6pRYBBKH-z8E-mqQY1wlFOjJukoW0EbRakXogahPKUltTImZ7NVBMO6d9X_lwyH4XlmMKEwUrByLVvrBI3xsvv0LqPiTv5pm4JE0gNd_rXr9XsAB6S3xKYLmCZttvk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
X-Proxy-Origin
216.131.114.84; 216.131.114.84; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
04743289-7cb0-457d-8dbb-7aad42e470ee
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5AF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj1zYScATAB&v=APEucNVbMVjTQc33u9cBODT5tlAV9D9o6i3uqHeJYwiEND_HjztCADlSvGLN5ba8d4_Zl47Xa9b7dR1M_zhy4xHNjeSQCb6zBbXth0hhDSaRK1SGwbdaiRgHTY5e6c8ahRJemPCajsxwnTQ27XNPq2WCA3wkR-t21Zy5SHfd8K2Q1F1bwkx-OT0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:17:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5AF4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXTCSlDhKJoRMEtkWzkrlgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj1zYScATAB&v=APEucNVbMVjTQc33u9cBODT5tlAV9D9o6i3uqHeJYwiEND_HjztCADlSvGLN5ba8d4_Zl47Xa9b7dR1M_zhy4xHNjeSQCb6zBbXth0hhDSaRK1SGwbdaiRgHTY5e6c8ahRJemPCajsxwnTQ27XNPq2WCA3wkR-t21Zy5SHfd8K2Q1F1bwkx-OT0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 24 Oct 2021 02:17:46 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJgUsDnULdNGLj6bjPqlJ9U&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5AF4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj1zYScATAB&v=APEucNVbMVjTQc33u9cBODT5tlAV9D9o6i3uqHeJYwiEND_HjztCADlSvGLN5ba8d4_Zl47Xa9b7dR1M_zhy4xHNjeSQCb6zBbXth0hhDSaRK1SGwbdaiRgHTY5e6c8ahRJemPCajsxwnTQ27XNPq2WCA3wkR-t21Zy5SHfd8K2Q1F1bwkx-OT0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
X-Proxy-Origin
216.131.114.84; 216.131.114.84; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
27906305-7a77-42c6-9082-4f3ff9832e20
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEABEeDcDMpg7SAWaLskfedA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5AF4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhj1zYScATAB&v=APEucNVbMVjTQc33u9cBODT5tlAV9D9o6i3uqHeJYwiEND_HjztCADlSvGLN5ba8d4_Zl47Xa9b7dR1M_zhy4xHNjeSQCb6zBbXth0hhDSaRK1SGwbdaiRgHTY5e6c8ahRJemPCajsxwnTQ27XNPq2WCA3wkR-t21Zy5SHfd8K2Q1F1bwkx-OT0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
X-Proxy-Origin
216.131.114.84; 216.131.114.84; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b14411a3-7c29-44c8-9471-e8c9ea88dce2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMwNDc3MzYyNDYzMTY0MjQ2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 8FDF 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15505fd37a57356cd3421681a750d66ed36cabb9f91f269b43bc4b9ba7af456d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8FDF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuUD5XfEkNmHQYeqiT6WolnKu6uSnz338uMvLrmVZTS3JoUL59RmH6RIU9btDgo6fRL4pg7bm6rnsWFlv17sc_4umvFP8a7HN-azVzEju2sa7fb2hxwA9X_qP0zskvxgApA0OwRGvEuIoujurkAF56sbVi29azAdor8zOZPqiA63v1x-rGtrxOgTOViIOzyb-sm327GFW8qmxSLdMcXb8mX2uoXq1MotZtdob_asgvVEkq-T8RAFan4G-OHjtnBI5xourkWnnFbOKoMW3wLdSQ8QKribKHhcH2NeoQ8nkXhvU27dkztuHD5C_v47ZFhI1UFZzRgVZSGRY&sig=Cg0ArKJSzIO4K-nWk5eVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 24 Oct 2021 02:17:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 50D1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcGGLkX5RVu-zEaj6aX8EP64UUVvySzUqWQn_mdgllsS7UAAf2qQcHoVRQinCOaArV6SlFNyBr0cSdqEAt_Q-fNs-ITb1UjPMSXlkxwSVpVUjLSHHjGR87DyvZCy2ExgrWoUgnJulMK1jX120duXnQCJeQFw&dbm_d=AKAmf-Cmyk-4DRk-_nj0o3CzgeoVVasjRzZiyDkfMy3tvYdJiHlMa_3kZMRSYDrQ2dHKH6HnHppry78zVtQbuOtgIWPDoxsnSJbcPIpdD66anscr59iOf5EKvtcHHNSTvjTj3wrfJz7ChUd2-rHbpYcnkutXKQCSYfI44KH10_jK56x0w05Z8z5ki1hAkBi_VjDCpKUQjuK727TtcufDfHz0UDiYzc9CNcBuh6IN66spW0GLiOQgHANVNg3IlrCb46MpQs1xTPcmzoun6cv6LqGQDu4OLVeDEEasehBtckxBRyLgj94evluK3oJY-XQkrigGP59zrSWqzuonnUOFK3fi2Sjgzp0M78Sv6pRq3QWVQMZX0F_d9rZOQ_LD2izNp09r7DEofjmcc12E4CZf0HSts_ukQQKtkUzX6eeE9m68pOVXgLVGNkEQhZ1XPY-lc-GM5cewb3t92sEx9zD0GEj9yDMRdH-wO6UgP6vtdNeRpn5uuh5zHZ3OCiXYOhvO_3NUvonZGabbIK_E0ROIXCt69w8JwwlkcybamDvrORFvVFqO00kKI4QGkueADpzmbEeTv-Zhgs7QPhcc8xiCYfUeImA1UrlmceKV2iwNEKsCqk6K34PHVa19GoX89QYTByh3Bhdx9UTf9Kn3Jx2Bpxfs_lzGg3KMpbSMIOn1LWi_6P2H2YDxD9PwEhAlpBgvlq9ExCJwGhurpQuk1wmfDq7BlzITeoOHx6YuOdBXdE-0q4tX_n-K5VRY4pf0QJ9rYqkiF99ldQUpKTK_qgneN-x-PUlTTs5LYrP9d36oPZGnW6Joe5BcpoOQzL7NpyKpeotdIN9PSEFkkI62YgL1tmzy7WMggp5e7KM18N7tE0Fcyxfkvb07v7wYjjPIboFQa6RZlb6amFOUUrDBzDffSaJXFGvgVZ3ErQwxvR485PDMIcBhcX-hNUDI54WeGc6oG0YlzCo_ArqkI_j_pG33T9aSsW-PS3J0pZs1EQkrmO1MCcBPByVyT2VNob4s0_cfZ9S_JSlUFiP2T3QmKB9LmPHM7eXiIKp53uUMxArSVSu9tHtAhYA_Cp6INg0YE13RBs-ZWtHhPNJGmcty52ybYL-5C9QZGpkX6m75J6WYsJG8hZae9UXUDSR2Yk2fsN9hExu9qu20KSqrg_1A7HCEtg7UVpTum3Pn9faxJLaoXDCkFMaLf1UUvTFIhdEImDBY8Pzq11_AqM7GH_YkGSqbatlVRqXtcBEO6cnh1OLTPj_CeOv8tZ8roN4SQoQD9Im_d6Gwq_tYoLapniC09w-0MrRiryeEC-XPoV8lzu8xX8hS_CmPedQ20nTCJn08HSKu2uXvlKp1CwvQ_v5NjRPj58YDK0XFZC4fFSWimC_QBFXf6Df3yxKs8EXn1mDQx7Hpx_RWGXgyx2orIMvjyRbQz6BdANya4wGt4fwA4zTCCxsr6Kg8OHp5ItJY_pqtJNP_UbJw37PG78ew5p-td8MeSqMjK_4V0C75bndlBr2_6VYtTfUidZ_eX3a7596cDr6cBSFkmaUbbvhtzYrbMvnifzhSvHs8c4cEYw4rQZsFzAiPHJWt1RdzngsaFikDJESV8QmMBfw1s5l7eechRbWXRU5H2PMUvNQBURhUFGAIa02jkip0JkpH3wAELDEcYqFhVteFdjGEeViSSW5_4ZmJTILjYyvFXKXPfz4VdQ_M_Mf_kwate7SCS-lgF9z8it-tnosxUwraB8ei2FnPTcKB-glZ1ElkwuAPYisL8xYQuBw6psmML88Ua_692kyIeOtG90knL64-CT2rMxZ77iYlgT_TLAulGL9zju11xrTC3NFQaKzKUMlVy4LW2mqIxIfSEx1PyK-L3n6Q-jB6PzJ9qNt1o6jx3at6YI4wny_OQrWHNuhKb_4qWujPIuQJihd7xzLsTwGwlwoInZj4bwukRZ6z7C8furfqPb8JGX9b7XOVJZ1RVJsh51fQmW36wxKecMWl3F8oMt9qUIb_xZLofTz6n4C5tTB1O-3Gn_L1GiUxawEguX2TzVKljJmhu7x1hcnvq55bZjNa9zC-oSrkvfvB1prOm1o0vKdbT8zDIvV1cwZtR2q_Nm6xhShdCZTQNkqykpnI1VBrgve4Hn740_GltJhyF2TIn8jYJbkTqRyhnDOpL8MppupmYESbtUIy51jBDODrlo_Nvr3y5ER-R68gpF8gSAamQqW5A-4NEij9dlCEVFNefL738LnCva9jDA4mKx36mdtO06-H9fIDGO3yVBhf0CaIqSYWorFINNsy2Eq7FaxsePEKJlPa7hN8IgUB_lWGBq9yfRKfuGhO_cCpH9vczAkX3uBmQKVl82unpacJkGKEiCJAngOSXQOaZ7OQLBMLU_FBHQmrBsx0lDphC0UvJNYJNd9-FKsFgW0jWlVoaMCDaC7KCewL4-wjT9qbzIo48Ro-SuC1bxAlsd-9h9a4Qyq0ZeP9ugXBoFYCyGU6YLT-W5RbnA1x5tG9FbaJdo2jfZ3BEiqNiMD-Gcs6jArVPg9cvjJfGnPsf55x8vE0fH6-yX8vOI5Bgn2B8TG2HN9vATD48xStBvvAKZdFSFZ5FnJof22d_sC-WptJO56TMeVDx2AAdpwUO4iieyyq0Q0_kzNVge3aqXrnIHFzGrr5fr5CUsXo_4659np6iKKTRKT5QGgzI_hvodbbBubUPhBbTT72J_WNQ0xPZVOQqxWikeU0DdgRRO2P-MSkkI2-1kJWZIaKGSVkLFEpgiYliKhGzp7iVTz-WfKO45OH1PZo1iHB-L57wy_i_SRL6RjzOZ0FE4rHkazZpdhFo4ftbdbGD3HkYOpmQpGK-CJIA2FqLGE6YBseuvGQAOfhe6ZidhIswXphkk1GGjDMP9lyhZc8XsBA6xBjEPHzKNQG7REnsnDv0p5F8DjTttkpMbhNqXd9CDVA6ddexaaRzyeQXVHDsXmIYlHH67yOItdG7ehwpWE_EA9fr5X43rXr8sCKVENIGN3P7jwhUjqW6eMA0NG5LO73opU7KhzUIiBC8DBXsbiBDqQwFaaZYiZ6xqDTu9JHpq4eOI5aydl5WglLIeIyn36K2j0JlZhMdG0ROTIG5lMSgr8MEzcAJmm9Ldk780U2L3enS-hyC4Kz-j-ptjxmPUnuq19RD-5GSqRK40sNj8DtWBR3J3wQ0VMVt4Rv0jGAxxk9_qY8IHhG6Bxtj965e6itXQH-KckNas2BZNLXMW3Fy29jtQgcakyRSlwoYVoIkfh6CxoPDPYHvzzU4syxlMHCDIz9Bt6GqMfo8ZscYpN7Rts52zuyXKln_sz0ZRffvrV40miMkN8rJgaGiM0fjsFy4HpW0rYuSD7uwDppKgmo7qbsSeV5gXZNClv5eoauB4iosysmF2RuObs2zvAf-HCU&cid=CAASEuRozeULtSb2oMKGSSRMNQP-ng&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 02:02:46 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 50D1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcGGLkX5RVu-zEaj6aX8EP64UUVvySzUqWQn_mdgllsS7UAAf2qQcHoVRQinCOaArV6SlFNyBr0cSdqEAt_Q-fNs-ITb1UjPMSXlkxwSVpVUjLSHHjGR87DyvZCy2ExgrWoUgnJulMK1jX120duXnQCJeQFw&dbm_d=AKAmf-Cmyk-4DRk-_nj0o3CzgeoVVasjRzZiyDkfMy3tvYdJiHlMa_3kZMRSYDrQ2dHKH6HnHppry78zVtQbuOtgIWPDoxsnSJbcPIpdD66anscr59iOf5EKvtcHHNSTvjTj3wrfJz7ChUd2-rHbpYcnkutXKQCSYfI44KH10_jK56x0w05Z8z5ki1hAkBi_VjDCpKUQjuK727TtcufDfHz0UDiYzc9CNcBuh6IN66spW0GLiOQgHANVNg3IlrCb46MpQs1xTPcmzoun6cv6LqGQDu4OLVeDEEasehBtckxBRyLgj94evluK3oJY-XQkrigGP59zrSWqzuonnUOFK3fi2Sjgzp0M78Sv6pRq3QWVQMZX0F_d9rZOQ_LD2izNp09r7DEofjmcc12E4CZf0HSts_ukQQKtkUzX6eeE9m68pOVXgLVGNkEQhZ1XPY-lc-GM5cewb3t92sEx9zD0GEj9yDMRdH-wO6UgP6vtdNeRpn5uuh5zHZ3OCiXYOhvO_3NUvonZGabbIK_E0ROIXCt69w8JwwlkcybamDvrORFvVFqO00kKI4QGkueADpzmbEeTv-Zhgs7QPhcc8xiCYfUeImA1UrlmceKV2iwNEKsCqk6K34PHVa19GoX89QYTByh3Bhdx9UTf9Kn3Jx2Bpxfs_lzGg3KMpbSMIOn1LWi_6P2H2YDxD9PwEhAlpBgvlq9ExCJwGhurpQuk1wmfDq7BlzITeoOHx6YuOdBXdE-0q4tX_n-K5VRY4pf0QJ9rYqkiF99ldQUpKTK_qgneN-x-PUlTTs5LYrP9d36oPZGnW6Joe5BcpoOQzL7NpyKpeotdIN9PSEFkkI62YgL1tmzy7WMggp5e7KM18N7tE0Fcyxfkvb07v7wYjjPIboFQa6RZlb6amFOUUrDBzDffSaJXFGvgVZ3ErQwxvR485PDMIcBhcX-hNUDI54WeGc6oG0YlzCo_ArqkI_j_pG33T9aSsW-PS3J0pZs1EQkrmO1MCcBPByVyT2VNob4s0_cfZ9S_JSlUFiP2T3QmKB9LmPHM7eXiIKp53uUMxArSVSu9tHtAhYA_Cp6INg0YE13RBs-ZWtHhPNJGmcty52ybYL-5C9QZGpkX6m75J6WYsJG8hZae9UXUDSR2Yk2fsN9hExu9qu20KSqrg_1A7HCEtg7UVpTum3Pn9faxJLaoXDCkFMaLf1UUvTFIhdEImDBY8Pzq11_AqM7GH_YkGSqbatlVRqXtcBEO6cnh1OLTPj_CeOv8tZ8roN4SQoQD9Im_d6Gwq_tYoLapniC09w-0MrRiryeEC-XPoV8lzu8xX8hS_CmPedQ20nTCJn08HSKu2uXvlKp1CwvQ_v5NjRPj58YDK0XFZC4fFSWimC_QBFXf6Df3yxKs8EXn1mDQx7Hpx_RWGXgyx2orIMvjyRbQz6BdANya4wGt4fwA4zTCCxsr6Kg8OHp5ItJY_pqtJNP_UbJw37PG78ew5p-td8MeSqMjK_4V0C75bndlBr2_6VYtTfUidZ_eX3a7596cDr6cBSFkmaUbbvhtzYrbMvnifzhSvHs8c4cEYw4rQZsFzAiPHJWt1RdzngsaFikDJESV8QmMBfw1s5l7eechRbWXRU5H2PMUvNQBURhUFGAIa02jkip0JkpH3wAELDEcYqFhVteFdjGEeViSSW5_4ZmJTILjYyvFXKXPfz4VdQ_M_Mf_kwate7SCS-lgF9z8it-tnosxUwraB8ei2FnPTcKB-glZ1ElkwuAPYisL8xYQuBw6psmML88Ua_692kyIeOtG90knL64-CT2rMxZ77iYlgT_TLAulGL9zju11xrTC3NFQaKzKUMlVy4LW2mqIxIfSEx1PyK-L3n6Q-jB6PzJ9qNt1o6jx3at6YI4wny_OQrWHNuhKb_4qWujPIuQJihd7xzLsTwGwlwoInZj4bwukRZ6z7C8furfqPb8JGX9b7XOVJZ1RVJsh51fQmW36wxKecMWl3F8oMt9qUIb_xZLofTz6n4C5tTB1O-3Gn_L1GiUxawEguX2TzVKljJmhu7x1hcnvq55bZjNa9zC-oSrkvfvB1prOm1o0vKdbT8zDIvV1cwZtR2q_Nm6xhShdCZTQNkqykpnI1VBrgve4Hn740_GltJhyF2TIn8jYJbkTqRyhnDOpL8MppupmYESbtUIy51jBDODrlo_Nvr3y5ER-R68gpF8gSAamQqW5A-4NEij9dlCEVFNefL738LnCva9jDA4mKx36mdtO06-H9fIDGO3yVBhf0CaIqSYWorFINNsy2Eq7FaxsePEKJlPa7hN8IgUB_lWGBq9yfRKfuGhO_cCpH9vczAkX3uBmQKVl82unpacJkGKEiCJAngOSXQOaZ7OQLBMLU_FBHQmrBsx0lDphC0UvJNYJNd9-FKsFgW0jWlVoaMCDaC7KCewL4-wjT9qbzIo48Ro-SuC1bxAlsd-9h9a4Qyq0ZeP9ugXBoFYCyGU6YLT-W5RbnA1x5tG9FbaJdo2jfZ3BEiqNiMD-Gcs6jArVPg9cvjJfGnPsf55x8vE0fH6-yX8vOI5Bgn2B8TG2HN9vATD48xStBvvAKZdFSFZ5FnJof22d_sC-WptJO56TMeVDx2AAdpwUO4iieyyq0Q0_kzNVge3aqXrnIHFzGrr5fr5CUsXo_4659np6iKKTRKT5QGgzI_hvodbbBubUPhBbTT72J_WNQ0xPZVOQqxWikeU0DdgRRO2P-MSkkI2-1kJWZIaKGSVkLFEpgiYliKhGzp7iVTz-WfKO45OH1PZo1iHB-L57wy_i_SRL6RjzOZ0FE4rHkazZpdhFo4ftbdbGD3HkYOpmQpGK-CJIA2FqLGE6YBseuvGQAOfhe6ZidhIswXphkk1GGjDMP9lyhZc8XsBA6xBjEPHzKNQG7REnsnDv0p5F8DjTttkpMbhNqXd9CDVA6ddexaaRzyeQXVHDsXmIYlHH67yOItdG7ehwpWE_EA9fr5X43rXr8sCKVENIGN3P7jwhUjqW6eMA0NG5LO73opU7KhzUIiBC8DBXsbiBDqQwFaaZYiZ6xqDTu9JHpq4eOI5aydl5WglLIeIyn36K2j0JlZhMdG0ROTIG5lMSgr8MEzcAJmm9Ldk780U2L3enS-hyC4Kz-j-ptjxmPUnuq19RD-5GSqRK40sNj8DtWBR3J3wQ0VMVt4Rv0jGAxxk9_qY8IHhG6Bxtj965e6itXQH-KckNas2BZNLXMW3Fy29jtQgcakyRSlwoYVoIkfh6CxoPDPYHvzzU4syxlMHCDIz9Bt6GqMfo8ZscYpN7Rts52zuyXKln_sz0ZRffvrV40miMkN8rJgaGiM0fjsFy4HpW0rYuSD7uwDppKgmo7qbsSeV5gXZNClv5eoauB4iosysmF2RuObs2zvAf-HCU&cid=CAASEuRozeULtSb2oMKGSSRMNQP-ng&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
/
d.agkn.com/pixel/10690/ Frame 50D1 		43 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10690/?che=3709686107&cmid=24601696&sid=4128031&pid=293420620&cgid=486686199&cid=144544095&aid=9533159&gdpr=&gdpr_consent=
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.155.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-155-173.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
grumi.js
rumcdn.geoedge.be/e7e53b81-adf0-4ad4-97e3-d9b2b97276a/ Frame 6E53 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7e53b81-adf0-4ad4-97e3-d9b2b97276a/grumi.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-105.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
imp.gif
c.4dex.io/ Frame 6E53 		43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.4dex.io/imp.gif?adu_code=div-gpt-ad-1472565425637-2&auction_id=4lpl94.yv&bid_id=33e626688e88151&bidder=bidswitch-sportradar&browser=chrome&buid=0&buids=0&category=&cpm=0.1689&crea_id=409_19621&ctry=DEU&curr=USD&deal_id=ADAGIO-SPORTRADAR-WW-SPORT-2021-08-05&deal_pcat=1&dvc=2&environment=desktop&h=250&lzy=0&margin=0.1&mt=ban&net_cpm=0.13512&org_id=1161&os=windows&partid=2021102402&pgtyp=&plcmt=ban_atf&pn=1&pub_id=10603&pv_id=c7240315-035f-4612-8b7f-63ccef855971&rpmadc_smpl=1&rule_id=1192&site=fakty&sspv=4.3.0-do&subcategory=&tiv=44&url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&vr=0.1&vsbl_thrshd=0.5&w=300
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:46 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
43
expires
-1
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame D95C 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 11:16:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame D95C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsGllP6MJBcs3SBW6lniND9hS011jCM0aEyI0SL24SL82UKlqaegcHYd73CTGLW7-Rmwlv2yf1zQzzCJNBvtUVk1dLp5VjSrj4FS2_CpQC39gCSxh-okUBeyBCMNDSfb0sYly2vk5XypvQxLnocK779GfyLQ&dbm_d=AKAmf-AEmsDvfJqtCtlYu7tp11CtP_xXD82Pg97y_1T6yon2fQRS0ALX5qdqZZ21DJKoi9H3EmLowFbVj9xHnunWfhceLR6d0dwSF76Z50AeWe2lNW3746B1nvGnrfiXx1IkfPYzcUn9JzXDOhUhcHv87Ov5wlOdUJh7dLkZlILF8rHns9bCKRLHcek2VghmPFqlSZ5kUMsO_NvdCBjoHGy8onoviLk4jXSUpCgNuQeYx_dSf6k0ix7GIy3n9edHozojdQz11W3JQDgEkk-P-eQOE4fpRFtZsgwxoD3Azz4PKqa6_gRaA7k2RxzpHr_oYfBOLUi1Hb-5krhfroHKRXHjwbhxGu-fQUJpn213p06O1YlcJaj4-eTHHVVOfYsKlw-LO2lA8-xvd_TooPo1KUsYQZNrgfCDXnpv2gf_dhy0KIdewxOSfR6cDqDaAJTNikWPgirnOtyL53JB86vtb3YfkmLAV_ZAxmE1Ab0wyfnsFD42vsFOwouSzovg7iI42NhcA3o-eR08IPNDY3AtfuA-dsYMsUNs1RXtIGloMw-ixXdhE1sRMDMS-nkDohpFvKZajz8DQxzDS6dj5sj3Xyh__Sk8QP3dBxIyy8_8IOU0diQxeaAP9u9LtkEzK4WWuY7EqlUXdSAe8mPkGcnTS0Vx6pRduh82Jfbk-lfBeiIBJKFTVkxTfGgRrROwlcRmucPpiKRkj14BbjDNSzRuC4ak19bRvg7FFBUnWbVp3vDPTfVWJwIDS93pwvdgYtWOvkzWMeKmuXGlVvrNLe6gkzHPJkIVTauHoP-JhYuJ9FTkDZcqxobe-9a7U2SalvlpgCqiS4Px8rhgfpAi6j_Z0WjiWUl9Q4HYbcBgtOJTMDwWW7m8UsEzslRtQOQjbizXbIqYECy3m2UAUnAgglhDRAITglomujaxY-MfRyly67SWINhCB5x_hEgNgpd6A9LJ8Juca4XwcBuoTrRi5bzS0koIfjXJBXHz2iRCvxKUELfY5cwax_5rfMSFxhisnjh34TKOmy9aU3UNS2H9n5525b3_4zlOBOAmATONuBFSBJ7Llr9lol6TcKnPmU-0ZNSxv-yF1fuTMWeuJoOYL9q-jXJBGHRaW16QfQ-324-gkuzGewbjWPkBaMjg6FdlPbBOp6sG1Q-4E9FJZ33O9mdWBOxJ3L6kHEs-0-O0K4fpwgHRnMTyR2T_64koVhxAo5pq1W_C17PQr65Z94yOjBmVFspBcW35o6dEdLFzXiT3d9jsORXidWnL-EzZoMHTvPkI4ipxoy-oS_QnOgNu5IPnfp-nkKsv8Z4rMD2uWVbpXpjBFJ32cTVWRY6tGksU60LFUkWnE3Yb8pcyVj3UX7IWCYZSR1bMjyLGf5I_JrSj--RQ7WLDf0xWknlUiAJXCLIrRNShn6lKfGCAXXkYizMXP2k71-vuUqfh0regbm-5VIFMC-Ndbjg-QtCsg58GIgI9Z9Tb7QIvDBmz_jk_BvyOSNjJb5he_a_6pIiyiJT__P7xgr1SS1XZX8wqu3dn-DxbFy9Z97hgFI3MSKTR8IAHb4IQKXDSzIyGMnLGXSpmdWjwPblFngxdB4lLeujvXUsfpfjkmVDN5Q61tpMOXpNAyikwdhgvrmgUbSOJs-u-36Ho5-YAMG9Vb8uYTTE4MuIb4j9PRflXuPjdiUBJfK2rbC94smo7EpJbZo7rat1gi8jeE08GSw-l0IBWFfqdB7xoBb3MSAdJCx6JclbrFUsEnhSWvarwAjdm6hKBTHxQCVEAVPilMhfE8aROW50tYNUonvkuDVM-RcfaDw-4HlqO5gXGJXShCYHEiepr9vOttImeECerN4osqQ3VLG8BAUYc32T7rUAm03ZCENmCc_Y-pt0GpbR5IUbCby5ILCmaPiJgiWuG_iMPWUzAximYhES6of0_Jqw_bjx78dRwZ36YlBrDej1CbbtbGY_yXtPTFIaevrLlSJeF6Xqevej0GC-HBYIEYa6ifpyEarmsgGFB2u1yUJRAPhiWtEbOq0cfKzSbKGrjC_l38tkHHCkXlCzorcumsazg96xOhvVy4RAgJ2lhNk8RFVk4KiNEUybJmFpdwppuJjp3WMF21ANeYz0B4icUdzT2ATje2--m57ohuI8j4v8-H--Ov633V5AkllNdWnpbYymiI6wTRcWdHKivMKMonloYFVAuXSdwrVhh36SvEQKFWALOD42wSeJc8_cUhwMLzF8DZLXLRbQTmVi3FZcQ4WSZJOWVw7XBBEyV-rlVVt-7VqL2NgOL9OxGv1Vw1XbCni1ZYsVSIXxLnnTYeQmM4whCe46jgzCGNfWAKcghfkkIAgVrhpgr5VDEY52kglaZNTFp5O2ur4kecRt2Umyw0jcbMdW9UPwbUa59cp9aRdziNMl5U5lueUNP72PbViYQSc5KP0-bP_dXbMr_rg5jnfFg9kNP3o0YmLJWcd9w_fusqxnzWSxZwnh5JQdM6Y4KC7NfdYAIBecNATntLT4jOejDbaNZJfnFqMQMVbo0vcmLQRem288UdkXsx7x-u3toYDJxYE02_25OwrNYnD5U_yEc1awOPFEW97-38H_YCNJRQ6cb1PgH80vYSJlW1I0UbkH2tvjrwLwrzwMvGHoKSipPNmLsji_g-xjo8bVmpstw5ImLX6Ik4nbK5dTXE7cbJvI5cjKl3vVm_LGQW9PceYjIuYPnfGujwdDsjSUtiuN4oTyzfStyPzIs85D0CqFFJxSfkMeJKL5pFsDNKI9p8oNv2BjC9cQKkLSIm3m-oXRGql2LfKFAWfMJI7EbL1RuRNma-vIa8LrrrXIr7ZW-rhKwW5z3Zb_a1b3gOxFd6QHgNySYGxR_XFMaYSekf5q7RCrQCYbcRyx0A3_3nBrRqYLChoTR5p8fPcrdTKPRRXtTZsYyxqopFG1mAcrw-9ZSvqEunUgeeZyvLhUbFexrtvAzVxbEzKQ07XqrV_mVgyLDUDqc2LXNWuHxouhQta4zA0NSa27KWqH9R28J2GYPB26yN78mCflBUCVcdV-kMQ6NwJOmuBjdh0omQugMp2GZUdugXvAl0HM232v_m8vIGYBJk5To&cid=CAASEuRotg0obmQSwagwdU8yWHjuIA&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:07:34 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame D95C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsGllP6MJBcs3SBW6lniND9hS011jCM0aEyI0SL24SL82UKlqaegcHYd73CTGLW7-Rmwlv2yf1zQzzCJNBvtUVk1dLp5VjSrj4FS2_CpQC39gCSxh-okUBeyBCMNDSfb0sYly2vk5XypvQxLnocK779GfyLQ&dbm_d=AKAmf-AEmsDvfJqtCtlYu7tp11CtP_xXD82Pg97y_1T6yon2fQRS0ALX5qdqZZ21DJKoi9H3EmLowFbVj9xHnunWfhceLR6d0dwSF76Z50AeWe2lNW3746B1nvGnrfiXx1IkfPYzcUn9JzXDOhUhcHv87Ov5wlOdUJh7dLkZlILF8rHns9bCKRLHcek2VghmPFqlSZ5kUMsO_NvdCBjoHGy8onoviLk4jXSUpCgNuQeYx_dSf6k0ix7GIy3n9edHozojdQz11W3JQDgEkk-P-eQOE4fpRFtZsgwxoD3Azz4PKqa6_gRaA7k2RxzpHr_oYfBOLUi1Hb-5krhfroHKRXHjwbhxGu-fQUJpn213p06O1YlcJaj4-eTHHVVOfYsKlw-LO2lA8-xvd_TooPo1KUsYQZNrgfCDXnpv2gf_dhy0KIdewxOSfR6cDqDaAJTNikWPgirnOtyL53JB86vtb3YfkmLAV_ZAxmE1Ab0wyfnsFD42vsFOwouSzovg7iI42NhcA3o-eR08IPNDY3AtfuA-dsYMsUNs1RXtIGloMw-ixXdhE1sRMDMS-nkDohpFvKZajz8DQxzDS6dj5sj3Xyh__Sk8QP3dBxIyy8_8IOU0diQxeaAP9u9LtkEzK4WWuY7EqlUXdSAe8mPkGcnTS0Vx6pRduh82Jfbk-lfBeiIBJKFTVkxTfGgRrROwlcRmucPpiKRkj14BbjDNSzRuC4ak19bRvg7FFBUnWbVp3vDPTfVWJwIDS93pwvdgYtWOvkzWMeKmuXGlVvrNLe6gkzHPJkIVTauHoP-JhYuJ9FTkDZcqxobe-9a7U2SalvlpgCqiS4Px8rhgfpAi6j_Z0WjiWUl9Q4HYbcBgtOJTMDwWW7m8UsEzslRtQOQjbizXbIqYECy3m2UAUnAgglhDRAITglomujaxY-MfRyly67SWINhCB5x_hEgNgpd6A9LJ8Juca4XwcBuoTrRi5bzS0koIfjXJBXHz2iRCvxKUELfY5cwax_5rfMSFxhisnjh34TKOmy9aU3UNS2H9n5525b3_4zlOBOAmATONuBFSBJ7Llr9lol6TcKnPmU-0ZNSxv-yF1fuTMWeuJoOYL9q-jXJBGHRaW16QfQ-324-gkuzGewbjWPkBaMjg6FdlPbBOp6sG1Q-4E9FJZ33O9mdWBOxJ3L6kHEs-0-O0K4fpwgHRnMTyR2T_64koVhxAo5pq1W_C17PQr65Z94yOjBmVFspBcW35o6dEdLFzXiT3d9jsORXidWnL-EzZoMHTvPkI4ipxoy-oS_QnOgNu5IPnfp-nkKsv8Z4rMD2uWVbpXpjBFJ32cTVWRY6tGksU60LFUkWnE3Yb8pcyVj3UX7IWCYZSR1bMjyLGf5I_JrSj--RQ7WLDf0xWknlUiAJXCLIrRNShn6lKfGCAXXkYizMXP2k71-vuUqfh0regbm-5VIFMC-Ndbjg-QtCsg58GIgI9Z9Tb7QIvDBmz_jk_BvyOSNjJb5he_a_6pIiyiJT__P7xgr1SS1XZX8wqu3dn-DxbFy9Z97hgFI3MSKTR8IAHb4IQKXDSzIyGMnLGXSpmdWjwPblFngxdB4lLeujvXUsfpfjkmVDN5Q61tpMOXpNAyikwdhgvrmgUbSOJs-u-36Ho5-YAMG9Vb8uYTTE4MuIb4j9PRflXuPjdiUBJfK2rbC94smo7EpJbZo7rat1gi8jeE08GSw-l0IBWFfqdB7xoBb3MSAdJCx6JclbrFUsEnhSWvarwAjdm6hKBTHxQCVEAVPilMhfE8aROW50tYNUonvkuDVM-RcfaDw-4HlqO5gXGJXShCYHEiepr9vOttImeECerN4osqQ3VLG8BAUYc32T7rUAm03ZCENmCc_Y-pt0GpbR5IUbCby5ILCmaPiJgiWuG_iMPWUzAximYhES6of0_Jqw_bjx78dRwZ36YlBrDej1CbbtbGY_yXtPTFIaevrLlSJeF6Xqevej0GC-HBYIEYa6ifpyEarmsgGFB2u1yUJRAPhiWtEbOq0cfKzSbKGrjC_l38tkHHCkXlCzorcumsazg96xOhvVy4RAgJ2lhNk8RFVk4KiNEUybJmFpdwppuJjp3WMF21ANeYz0B4icUdzT2ATje2--m57ohuI8j4v8-H--Ov633V5AkllNdWnpbYymiI6wTRcWdHKivMKMonloYFVAuXSdwrVhh36SvEQKFWALOD42wSeJc8_cUhwMLzF8DZLXLRbQTmVi3FZcQ4WSZJOWVw7XBBEyV-rlVVt-7VqL2NgOL9OxGv1Vw1XbCni1ZYsVSIXxLnnTYeQmM4whCe46jgzCGNfWAKcghfkkIAgVrhpgr5VDEY52kglaZNTFp5O2ur4kecRt2Umyw0jcbMdW9UPwbUa59cp9aRdziNMl5U5lueUNP72PbViYQSc5KP0-bP_dXbMr_rg5jnfFg9kNP3o0YmLJWcd9w_fusqxnzWSxZwnh5JQdM6Y4KC7NfdYAIBecNATntLT4jOejDbaNZJfnFqMQMVbo0vcmLQRem288UdkXsx7x-u3toYDJxYE02_25OwrNYnD5U_yEc1awOPFEW97-38H_YCNJRQ6cb1PgH80vYSJlW1I0UbkH2tvjrwLwrzwMvGHoKSipPNmLsji_g-xjo8bVmpstw5ImLX6Ik4nbK5dTXE7cbJvI5cjKl3vVm_LGQW9PceYjIuYPnfGujwdDsjSUtiuN4oTyzfStyPzIs85D0CqFFJxSfkMeJKL5pFsDNKI9p8oNv2BjC9cQKkLSIm3m-oXRGql2LfKFAWfMJI7EbL1RuRNma-vIa8LrrrXIr7ZW-rhKwW5z3Zb_a1b3gOxFd6QHgNySYGxR_XFMaYSekf5q7RCrQCYbcRyx0A3_3nBrRqYLChoTR5p8fPcrdTKPRRXtTZsYyxqopFG1mAcrw-9ZSvqEunUgeeZyvLhUbFexrtvAzVxbEzKQ07XqrV_mVgyLDUDqc2LXNWuHxouhQta4zA0NSa27KWqH9R28J2GYPB26yN78mCflBUCVcdV-kMQ6NwJOmuBjdh0omQugMp2GZUdugXvAl0HM232v_m8vIGYBJk5To&cid=CAASEuRotg0obmQSwagwdU8yWHjuIA&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 02:02:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame EFE7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-u5jfPxOlTjpwR_CnRvZjFv3m6qpg__0iVq5sCsDUyBclJJFKPam8Gf9O845SDG-qWJ4u26A-_NNsG67epwU_hdc0OjHwws17dyTb6pLmxf6Zn-HJgqskkg_pXsUIp6VqDx9UrnpUqCQ9MWRnIY_BBMkP2Q&dbm_d=AKAmf-CKMqEuo54N5lrGskXjmZQt0RQf86lm1Hvbl96OZYvoTNrmT2jfrS33blVbO3u2oFg47161tAiNse0DhWhSdGAZIrG8BKquWXLV7fn7wzl_B-X5eLsOEwsiyC0Fqr9Jzwp1tgMV2akPUetJfZDTi39sv6AHrgwqqDr80_dynjAvKR_CrCRBaI-n690doblT0AeZCQei0fr2UMueNSE_VbNrFYr5kYoSDqqKC2J0t2KC6Q6XwPCEKHKk_5AVTIhRCoHuCoomD0ZHwV_p7nCzjdFFioBKdgNXVX3aByCoTk8plGEgsYYOTVfMf3XlDShd-0MgKMym4iJANTIWjDAa6BZLkiHc6ivyN5YpxEesZctLfBZL9NqK0wUdK2_9V5B3EZOTcxc3Yl83VK3fs6Tojf86rmjSWMrmEN9lNnD3s0EeK1C2VCFtu5e0mo2H3b8sk_pXfOhb3sPpvv6YndLP_gb3sQs17MnbM4lyv0KuW0XAT7IGf80ANAhmtyM-eZg5NlTWpjJ6ak7gP1lD4F7U779E-Ws6uIolMT3KGFpIe42lLTPGMRyqJ1k9iQaU3CYUHBl26pV6nBcF9bnMLB_tpLHU9WMjuOlzR9_9ca50d7kz8eQqnjlxyd72ias4PPAeDpRgv8mDC0suMv_lUxKiGJVCKkBG7suaDhbZPHTQjxp4FzcYc9kZMrj0O-8xTO2ZgiRVGc0-8kBQKwufURkbj4IPQtiIwxBUuSTN-alfw-WLEwcAGrDElGT2C_IMfUb5xtWXmk8ucG0D_9hxvu43SgSBECtnZ7klldtGEKS-ouc4SpsiMMyz3We3DBa9M6mP86K1ruOY180ObLE8sAyMdhO0vwUtTHVdUz49WIvPek9kFI4wwyuwH29st_op70a7f2blBmU26axJ7RIlQO4rtDxsbKNTB74yAPIVxiGWAPrU2Yvqb-UVFTfmwbpmcix0gDjgDDlYTNYT4BlebUFfnXniuKiq-P5wQwAINtVUp1sRrciZn6wQ7b5LvLuukFMPssqdEbbjj_ThoAmbrn-OA5UsWWc97tv5DMwx2eZ9l3l8e1Anq3M1WDtY11Sr6PJI_F3S4xbkQvp1YI8U4C9YrweH92XDeaHVd5uENcXC-ri8OYt54qCHoslHR91TAvxOTX--glsDQYPSiTgOQb4zUX7QtaaeOjV4PDADjK_nN4CVUAGu6V31AGS70q1nrwDqPa8i0XxI5c4QxmHXw2h8VIbGeS4mbFYZ2UXuJSdCWBo2S31VwjwovDYCvVOxRfno0LGauv2SMBCsLL5_zQJxOlQCrscyEPUY5hUAl1atgxlml2ORINqb3brWFVxieExK34tnCTgcLIf3z5GeLUtrIP7kzCFHWT5L34aq9HaHICA7vM7YbIUIq3I_j5nNjWYX3bSPhwBLKt4C5m_s59PrQ2m9Cfvp0N88zQBRKHKNNc4-NioIhVqRv5sydCySNqsU09rmq1OOvBfjYCYfLwollwnwVqTQRha2xerLOBStwuXtMe8fmbcwt5v8td7rKOIas2o9L_46A8Fe93qhtGqf5iCxPUaML-R9mv7Dl2E2eSIvMxaeqNMOHyVdBMz3K-HPzglBK6lW511MhC2ze_h8h3fOojTiPmbJY836yJwxTff114W1PzOklPKoTKbn8XMJFyXT0Fhls_wRglgn9kLbFKgOmM7Wyi9nQDpZ1J0BCj-jx_Uh7qilYKEdk11DDjVywAaCcLx3dLPJo5ZtexRLmIr8qNKSAdks8LN7zCWQpk_Ik9_TWxLYYZBhFcFmAWdRDxtuAHFeTC0t5ggP2m3v7ZxAPQpVYSi_ae1BR-54j2kqUI-pL3KMMzNq5z_VQC9TVLNfZOKF-rVzpF19x42X8ktqTeCuK1qFovl_aBRJD42aOsOAZMm5WBLyyiNrQ25uVjmKSoZ4ZuD6l_1SkgPrQxVdeN8WTxRf9vT1yW7TL7b661Rn-NxpuucGr6bXi1SInpwALvwkII0lAW7hXlL1GZc0HV7BZFjxjo_afFw0vnjowsfkKQT8q7CIYQKJYED4t88LHUs_9fWHGZAcnoUU6XPKlxxyU2OMjvlF6yzzoGOsZUVbdxcyBYLc7a0AHOCsdpvqdIeS9TDbU_FdwbmF7tStP0Zon9p5kvYEiUpsdFf5ack6fIJXCBBvlEbgmXKpL4sFG2ZJUoBBXx7N8eBrnkmP2k5YT1NuyIg36hyYrJ3I-a53ZplS2f_StpIM9BpC3sLFlkVyLkSgCcmF2_oiR_kSK5Yt5bD5e7QMxMtfMiVDJgF5b6jwqQDMx4eNjm8sGn7Gkd52bdvZtJ8nnuyn09HZ6d0Iaa1EigCJnJxTFViq3MO_GGOIdZIm5gG1K73VRnJg0jJzZAe27uSUq9zfsUj1Z0YnK0LuesiSP5bz3W1b2dw9IRlfj8YFb8sQjHZC8d0sXwiaV7yQxKeUj2qrjvDWIRWr1Z_Cp6NGOrBR_HZjknomb9umUJgEHvqMoDj5l8Nw26Qa0DNoVt2cn599nOf4MSNViMrliM7iUMSi301W2aWglIIKG4hnpy1RRcN3Zo4oJ46Y3LQenmdCXElOsZ63pVTO5wAKbKk-BnMWhQv8Pi33blJC8A0nLRFJzDYQzeN1YRFfMmHOkNowoRCeqN1faNEb5wFNXTuqggumtCV1S3dtaW3H0gi8Iq1I_22e8qWjQQIuVEK3Yv2JsidgJo8IExeuabHbuYJItNoi4x0Mi713wRG5g5q6Oq5nXsum4yyILOXPyqu0Ht-6QWH3a0lVk0bP4ObH6i-s3LcbDpdtw3SqQmhVeOe4iD-VrEXUpJ312QFTZ-E1YdG75QWrB7syovysRDfBZnRk5itKv-94sAMRvUWAzAtzYzz59SDogEMgeCFC7JYg9DzyhRQrB64heW4lLwJd8cmy_4ZHF6DU9DFD06D-C97VCNlFgxlQk_ga4o9buPOpql-WVFJ2KeCi0fIkohKeB_W2DxW4a6CT0PL-odsWMaPbJ6p15E145nCBYEsuUVgme_2qZWT_WjQ5vdnpxEmGOJCqKRh_TQty2y6j5Ul49jJLuF3XKwXHX_bi9D4LvjUY-I28Tgjr5BJrWVk4_FwXAcRv1UynHZph1_EXsapQ_mCjQCuzBE8bP9SuRu7CApu6X1I09qDCGcIH4ibFN-Y3HDOS9nbv9ctPG9iYT6UIO9InDD2JN8Kycoi7m-A3G9o97uFa1x9tTTtunNI2d3fdrTP7G9rWpS6KAxsQagdRgre3f_lFKoCdcIRzUnhQVlFFgU_QWX0skJN9ufbCX2-pCh98S9f1U6Rwl8cMhhJE4g2MXsqFIlcRlAt6Fibi3a-niNao__e54LkfauattE1lSsF-pDKZ9tri5RTkOUlTy7q9lkLXdHa7TZXJdiRJ&cid=CAASEuRoilOiVz4QB-tAlJSB3baZUw&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9298
x-xss-protection
0
server
cafe
etag
5575107075035495308
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 02:02:46 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EFE7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-u5jfPxOlTjpwR_CnRvZjFv3m6qpg__0iVq5sCsDUyBclJJFKPam8Gf9O845SDG-qWJ4u26A-_NNsG67epwU_hdc0OjHwws17dyTb6pLmxf6Zn-HJgqskkg_pXsUIp6VqDx9UrnpUqCQ9MWRnIY_BBMkP2Q&dbm_d=AKAmf-CKMqEuo54N5lrGskXjmZQt0RQf86lm1Hvbl96OZYvoTNrmT2jfrS33blVbO3u2oFg47161tAiNse0DhWhSdGAZIrG8BKquWXLV7fn7wzl_B-X5eLsOEwsiyC0Fqr9Jzwp1tgMV2akPUetJfZDTi39sv6AHrgwqqDr80_dynjAvKR_CrCRBaI-n690doblT0AeZCQei0fr2UMueNSE_VbNrFYr5kYoSDqqKC2J0t2KC6Q6XwPCEKHKk_5AVTIhRCoHuCoomD0ZHwV_p7nCzjdFFioBKdgNXVX3aByCoTk8plGEgsYYOTVfMf3XlDShd-0MgKMym4iJANTIWjDAa6BZLkiHc6ivyN5YpxEesZctLfBZL9NqK0wUdK2_9V5B3EZOTcxc3Yl83VK3fs6Tojf86rmjSWMrmEN9lNnD3s0EeK1C2VCFtu5e0mo2H3b8sk_pXfOhb3sPpvv6YndLP_gb3sQs17MnbM4lyv0KuW0XAT7IGf80ANAhmtyM-eZg5NlTWpjJ6ak7gP1lD4F7U779E-Ws6uIolMT3KGFpIe42lLTPGMRyqJ1k9iQaU3CYUHBl26pV6nBcF9bnMLB_tpLHU9WMjuOlzR9_9ca50d7kz8eQqnjlxyd72ias4PPAeDpRgv8mDC0suMv_lUxKiGJVCKkBG7suaDhbZPHTQjxp4FzcYc9kZMrj0O-8xTO2ZgiRVGc0-8kBQKwufURkbj4IPQtiIwxBUuSTN-alfw-WLEwcAGrDElGT2C_IMfUb5xtWXmk8ucG0D_9hxvu43SgSBECtnZ7klldtGEKS-ouc4SpsiMMyz3We3DBa9M6mP86K1ruOY180ObLE8sAyMdhO0vwUtTHVdUz49WIvPek9kFI4wwyuwH29st_op70a7f2blBmU26axJ7RIlQO4rtDxsbKNTB74yAPIVxiGWAPrU2Yvqb-UVFTfmwbpmcix0gDjgDDlYTNYT4BlebUFfnXniuKiq-P5wQwAINtVUp1sRrciZn6wQ7b5LvLuukFMPssqdEbbjj_ThoAmbrn-OA5UsWWc97tv5DMwx2eZ9l3l8e1Anq3M1WDtY11Sr6PJI_F3S4xbkQvp1YI8U4C9YrweH92XDeaHVd5uENcXC-ri8OYt54qCHoslHR91TAvxOTX--glsDQYPSiTgOQb4zUX7QtaaeOjV4PDADjK_nN4CVUAGu6V31AGS70q1nrwDqPa8i0XxI5c4QxmHXw2h8VIbGeS4mbFYZ2UXuJSdCWBo2S31VwjwovDYCvVOxRfno0LGauv2SMBCsLL5_zQJxOlQCrscyEPUY5hUAl1atgxlml2ORINqb3brWFVxieExK34tnCTgcLIf3z5GeLUtrIP7kzCFHWT5L34aq9HaHICA7vM7YbIUIq3I_j5nNjWYX3bSPhwBLKt4C5m_s59PrQ2m9Cfvp0N88zQBRKHKNNc4-NioIhVqRv5sydCySNqsU09rmq1OOvBfjYCYfLwollwnwVqTQRha2xerLOBStwuXtMe8fmbcwt5v8td7rKOIas2o9L_46A8Fe93qhtGqf5iCxPUaML-R9mv7Dl2E2eSIvMxaeqNMOHyVdBMz3K-HPzglBK6lW511MhC2ze_h8h3fOojTiPmbJY836yJwxTff114W1PzOklPKoTKbn8XMJFyXT0Fhls_wRglgn9kLbFKgOmM7Wyi9nQDpZ1J0BCj-jx_Uh7qilYKEdk11DDjVywAaCcLx3dLPJo5ZtexRLmIr8qNKSAdks8LN7zCWQpk_Ik9_TWxLYYZBhFcFmAWdRDxtuAHFeTC0t5ggP2m3v7ZxAPQpVYSi_ae1BR-54j2kqUI-pL3KMMzNq5z_VQC9TVLNfZOKF-rVzpF19x42X8ktqTeCuK1qFovl_aBRJD42aOsOAZMm5WBLyyiNrQ25uVjmKSoZ4ZuD6l_1SkgPrQxVdeN8WTxRf9vT1yW7TL7b661Rn-NxpuucGr6bXi1SInpwALvwkII0lAW7hXlL1GZc0HV7BZFjxjo_afFw0vnjowsfkKQT8q7CIYQKJYED4t88LHUs_9fWHGZAcnoUU6XPKlxxyU2OMjvlF6yzzoGOsZUVbdxcyBYLc7a0AHOCsdpvqdIeS9TDbU_FdwbmF7tStP0Zon9p5kvYEiUpsdFf5ack6fIJXCBBvlEbgmXKpL4sFG2ZJUoBBXx7N8eBrnkmP2k5YT1NuyIg36hyYrJ3I-a53ZplS2f_StpIM9BpC3sLFlkVyLkSgCcmF2_oiR_kSK5Yt5bD5e7QMxMtfMiVDJgF5b6jwqQDMx4eNjm8sGn7Gkd52bdvZtJ8nnuyn09HZ6d0Iaa1EigCJnJxTFViq3MO_GGOIdZIm5gG1K73VRnJg0jJzZAe27uSUq9zfsUj1Z0YnK0LuesiSP5bz3W1b2dw9IRlfj8YFb8sQjHZC8d0sXwiaV7yQxKeUj2qrjvDWIRWr1Z_Cp6NGOrBR_HZjknomb9umUJgEHvqMoDj5l8Nw26Qa0DNoVt2cn599nOf4MSNViMrliM7iUMSi301W2aWglIIKG4hnpy1RRcN3Zo4oJ46Y3LQenmdCXElOsZ63pVTO5wAKbKk-BnMWhQv8Pi33blJC8A0nLRFJzDYQzeN1YRFfMmHOkNowoRCeqN1faNEb5wFNXTuqggumtCV1S3dtaW3H0gi8Iq1I_22e8qWjQQIuVEK3Yv2JsidgJo8IExeuabHbuYJItNoi4x0Mi713wRG5g5q6Oq5nXsum4yyILOXPyqu0Ht-6QWH3a0lVk0bP4ObH6i-s3LcbDpdtw3SqQmhVeOe4iD-VrEXUpJ312QFTZ-E1YdG75QWrB7syovysRDfBZnRk5itKv-94sAMRvUWAzAtzYzz59SDogEMgeCFC7JYg9DzyhRQrB64heW4lLwJd8cmy_4ZHF6DU9DFD06D-C97VCNlFgxlQk_ga4o9buPOpql-WVFJ2KeCi0fIkohKeB_W2DxW4a6CT0PL-odsWMaPbJ6p15E145nCBYEsuUVgme_2qZWT_WjQ5vdnpxEmGOJCqKRh_TQty2y6j5Ul49jJLuF3XKwXHX_bi9D4LvjUY-I28Tgjr5BJrWVk4_FwXAcRv1UynHZph1_EXsapQ_mCjQCuzBE8bP9SuRu7CApu6X1I09qDCGcIH4ibFN-Y3HDOS9nbv9ctPG9iYT6UIO9InDD2JN8Kycoi7m-A3G9o97uFa1x9tTTtunNI2d3fdrTP7G9rWpS6KAxsQagdRgre3f_lFKoCdcIRzUnhQVlFFgU_QWX0skJN9ufbCX2-pCh98S9f1U6Rwl8cMhhJE4g2MXsqFIlcRlAt6Fibi3a-niNao__e54LkfauattE1lSsF-pDKZ9tri5RTkOUlTy7q9lkLXdHa7TZXJdiRJ&cid=CAASEuRoilOiVz4QB-tAlJSB3baZUw&rfl=1%2Chttps%253A%252F%252Ffakty.com.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
/
d.agkn.com/pixel/10690/ Frame EFE7 		43 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10690/?che=2160764085&cmid=24601696&sid=4128031&pid=293420620&cgid=486686199&cid=144544095&aid=9533159&gdpr=&gdpr_consent=
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.155.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-155-173.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame 50D1 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=Odr898&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0i8PL5ZCo27tV76TMSskoGX&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231221&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&turl=https://fakty.com.ua/ua/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=300x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:43 GMT
Server
Microsoft-IIS/10.0
ETag
"802192821a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0E0B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
141618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
dvbs_src_internal99.js
cdn.doubleverify.com/ Frame EFE7 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal99.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=ZWCsG7&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0jNsVtZ3bkCnXKx4enWMm8R&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231608&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&turl=https://fakty.com.ua/ua/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=320x50
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 12:31:43 GMT
Server
Microsoft-IIS/10.0
ETag
"802192821a8dd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19248
bst2tv3.html
cdn3.doubleverify.com/ Frame 848F 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=35876
Date
Sun, 24 Oct 2021 02:17:46 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame 50D1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_577030200669&jsTagObjCallback=__tagObject_callback_577030200669&num=6&ctx=14526021&cmp=145089&plc=Odr898&sid=45f3d18e47f96c&advid=&adsrv=&unit=300x600&isdvvid=&uid=577030200669&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=93&bridua=3&dup=null&turl=https://fakty.com.ua/ua/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0i8PL5ZCo27tV76TMSskoGX&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231221&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2Tar9EEADTbpTauTau66f%602255abg2edabbc7g556fd72f7%60d3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauF2Tau&dvp_exetime=9.30&callbackName=__verify_callback_577030200669
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
22ddfc3f368ffb43a89bed39032959829662fec2a5896ded7ee2a49e66b6b287

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Sun, 24 Oct 2021 02:17:45 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/23/2021 2:17:46 AM
dv-match6.js
cdn.doubleverify.com/ Frame 78A0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=54904
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D95C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 13:42:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 21 Oct 2022 13:42:01 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 686F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 08:58:57 GMT
expires
Sun, 24 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62329
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame D95C 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2671e84a984e4f8571956d3bc91223b89d005988fe7032ce074b6e9d5f7191d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A027 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
141618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
bst2tv3.html
cdn3.doubleverify.com/ Frame 1A29 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn3.doubleverify.com/bst2tv3.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges
bytes
ETag
"01818ecfc6cf1:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Content-Length
806
Cache-Control
max-age=35876
Date
Sun, 24 Oct 2021 02:17:46 GMT
Connection
keep-alive
verify.js
rtb0.doubleverify.com/ Frame EFE7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_166635959336&jsTagObjCallback=__tagObject_callback_166635959336&num=6&ctx=14526021&cmp=145089&plc=ZWCsG7&sid=45f3d18e47f96c&advid=&adsrv=&unit=320x50&isdvvid=&uid=166635959336&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.00&dvpx_strhd=0.00&brid=3&brver=93&bridua=3&dup=null&turl=https://fakty.com.ua/ua/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0jNsVtZ3bkCnXKx4enWMm8R&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231608&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=9&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=147&eparams=DC4FC%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2Tar9EEADTbpTauTau66f%602255abg2edabbc7g556fd72f7%60d3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauF2Tau&dvp_exetime=5.20&callbackName=__verify_callback_166635959336
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
7e7da1cc7366a4d8c2699b70b3ea90c7f411a3d1397cc6b3694032ccee240417

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
X-DV-Response
1
Content-Encoding
gzip
Date
Sun, 24 Oct 2021 02:17:45 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/23/2021 2:17:46 AM
dv-match6.js
cdn.doubleverify.com/ Frame 6C03 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-match6.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Mar 2018 04:45:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"03c84bdf3b8d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=54904
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 10AE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
141618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/ Frame 1DDA 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
81d4698216e4a5e9a5a74a64165808711894ff3f959368a725b007a75ae3164f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1330
date
Sun, 24 Oct 2021 02:17:46 GMT
expires
Mon, 25 Oct 2021 02:17:46 GMT
cache-control
public, max-age=86400
last-modified
Wed, 20 May 2020 15:31:39 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
view
googleads4.g.doubleclick.net/pcs/ Frame D95C 		0
542 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvM18bQ4RZORLXxPqBl1aFD3tbMIJuQVHZvbGWup13xdmmuZ3f2oQe7hGaPnXWPH7RN2Dp0iGEXLl5Z40Vv54iBuf_XcT7Jco0Oaa5p2i1JkwG1TGqmK-s5MutNj4-zIOaKlrVLLjjE7vW4uSnToiXv4idrJtZFHo2uZNJKpCHLLBKC2GhYU81AvdiM8kFIrkHCvCQ0xMxMS2CHWjxw6aJXPhddFuSQwMe4udSE-QrWKzBt8V8c6qhM6ec44_MLpZ9Nwgymoy2Q_1fkqD0MLoswpnleOb0NzT32LlDnc-oDlKSmL52B6ukvoJ4LXtK_iLVDWeujJYAQmlCigjc06jMEUUKlJBDwFXffLnqO1TMydDVI41VvUtKJ9j6NJyQBLPAxtlwzkGN2FDCwaLRPfYnA4k-L-I_osrTdRuuFmum3Q8syt_pPzTXYL4IvDr0ROWmzxmADRkm-NgbOWOJAE1uS1gTwUIW8g54EHAw5RXgprFXZ6FGRM-e3xaaTwN2EzCGt0jAZx0GRZ29vSxBsjXu-Yhg8Ev0FqxbRlO4Fffv47Gcuk11cg4GWs-apQjQUAvwXalbi03NXg6EwpVR-oS1Imi9SlqbZdUu2RJK_OCXRVLlzaK3yObJGkPlBPiC5liMrI25eiQg1T6bhUR_MKB_SOBRIyukaJGP8EbPiB8dSeto6Lja7NGnwvhLS2R1chhHFtS1PDvshUs18toG5FezjY1v02Q4u5mL3tEudkZSR7S3dis3czlhyxRVhsaRZkS376GaFOygC3d_D8PoX70m9IE34eQObTQ0vK-Uhhe-Ad_zQRaxeosJdG6atm5BGg0l-CBZlMdoyBMELW9QGUNnd2Lj7NHikwRNRlaWnhUIbA_S14_Y7bXxBZGsCCwEyz5PyXTws_xARuiuPKYnZa3Hdxcq5fZtiyF3tC8HwHScYulKrorZR5QN3ird6WuTzH6I_pY9MSW4rblmTwP2t8VSvHJ9qOXTpJOTwZVKmbEpK1QYhFpCR5_nAgbu_eSqvjrobc_GiEYq2uv-c-6KpLRBp8lXJDVRBlNEKDw_vKtjgc8JOv348zAboj7xgXXEIR_n9grjnl7ln7ogemPZID-uq-05dgbeNszD4SHv22ZGQcsNv86yBrYXmF_ytGrD8m7Go82n84e3syvt3K0RuruGDF7QiP8l32aPVn_g7gE5qc_hJ5jCN4jiOnwk&sai=AMfl-YQ8K1EV4k_jhZFy6rAlhRL4m93nmm-4NLiXj0ODrAFwOkr3TgS67onT6tqeR5UMMoGZMDgniZtCI06lR528KenD05BbQyRptr_wX8pJeRaedcnOpgGIsGrKLn1JuE7I6pYw6ZDwUnmhS__1rMeRe0WlwiYUUg&sig=Cg0ArKJSzBXvprzTuHHnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=125&cbvp=1&cstd=121&cisv=r20211020.95001&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 24 Oct 2021 02:17:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
bsevent.gif
tps20511.doubleverify.com/ Frame 50D1 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=9fed8a8218b14218b252cb2788b02b57&dvp_or2=1&cbust=1635041866194905
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/23/2021 2:17:46 AM
dcmads.js
www.googletagservices.com/dcm/ Frame 50D1 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4451
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 15:55:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:54:32 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame EFE7 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:54:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1394
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4451
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 15:55:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 24 Oct 2021 02:54:32 GMT
bsevent.gif
tps20522.doubleverify.com/ Frame EFE7 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20522.doubleverify.com/bsevent.gif?impid=6c9203c85a7a4019a72eb5ea4467585e&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1635041866197997
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/23/2021 2:17:46 AM
bsevent.gif
tps20522.doubleverify.com/ Frame EFE7 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20522.doubleverify.com/bsevent.gif?impid=6c9203c85a7a4019a72eb5ea4467585e&dvp_or2=1&cbust=1635041866198317
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/23/2021 2:17:46 AM
/
google2waycm.netmng.com/cm/ Frame 686F 		0
0
pixel
cm.g.doubleclick.net/ Frame 686F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKOJ8YQtvWskdtqpQzqDsLA&google_cver=1&google_push=AYg5qPIfsTcnzJLAJ--NYcpkP1NEltzzf8x3jhczF9wSUhN-OawjAuNHjSJqE-TF9xlmW9-CziCa7B6h4aepDG6i...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIfsTcnzJLAJ--NYcpkP1NEltzzf8x3jhczF9wSUhN-OawjAuNHjSJqE-TF9xlmW9-CziCa7B6h4aepDG6i_Sa_vm3TiWTH
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIfsTcnzJLAJ--NYcpkP1NEltzzf8x3jhczF9wSUhN-OawjAuNHjSJqE-TF9xlmW9-CziCa7B6h4aepDG6i_Sa_vm3TiWTH
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
MT3 4044 0c7f252 master zrh-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIfsTcnzJLAJ--NYcpkP1NEltzzf8x3jhczF9wSUhN-OawjAuNHjSJqE-TF9xlmW9-CziCa7B6h4aepDG6i_Sa_vm3TiWTH
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Oct 2021 02:17:45 GMT
pixel
cm.g.doubleclick.net/ Frame 686F
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGk7iFPV2t4KwqoqH-ayuIA&google_cver=1&google_push=AYg5qPIC0siQBW7DNYpr7rro9p99cB4TVaT3NEap5Qu3Orhn7dI8fI0_mX6HLeen81-gp5uI_i73FB2Tc3hMghZS...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AUgkwoS5RoilertJR_3LZg2&google_push=AYg5qPIC0siQBW7DNYpr7rro9p99cB4TVaT3NEap5Qu3Orhn7dI8fI0_mX6HLeen81-gp5uI_i73FB2Tc3hMghZSN4RTwFX7ua8Tuw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AUgkwoS5RoilertJR_3LZg2&google_push=AYg5qPIC0siQBW7DNYpr7rro9p99cB4TVaT3NEap5Qu3Orhn7dI8fI0_mX6HLeen81-gp5uI_i73FB2Tc3hMghZSN4RTwFX7ua8Tuw
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Oct 2021 02:17:46 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AUgkwoS5RoilertJR_3LZg2&google_push=AYg5qPIC0siQBW7DNYpr7rro9p99cB4TVaT3NEap5Qu3Orhn7dI8fI0_mX6HLeen81-gp5uI_i73FB2Tc3hMghZSN4RTwFX7ua8Tuw
x-host
tde-deliveryengine-production-7f8fcb5db4-cd9cd
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 686F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAcV47Nw0We1HN1D8IzOBHM&google_cver=1&google_push=AYg5qPLglljF6XhD9HnszNnqcMea9PcKQHUvOBOGMqfUBfoc9JW_iKGNZEwP8eCNbLn12XOSLWE1wbbTTBvNBIDJ2lEF...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAcV47Nw0We1HN1D8IzOBHM&google_cver=1&google_push=AYg5qPLglljF6XhD9HnszNnqcMea9PcKQHUvOBOGMqfUBfoc9JW_iKGNZEwP8eCNbLn12XOSLWE1wbbTTBvNBI...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLglljF6XhD9HnszNnqcMea9PcKQHUvOBOGMqfUBfoc9JW_iKGNZEwP8eCNbLn12XOSLWE1wbbTTBvNBIDJ2lEFiXYGZPCPTg&google_hm=oPS0nt_IQl-HA923M1DiZQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLglljF6XhD9HnszNnqcMea9PcKQHUvOBOGMqfUBfoc9JW_iKGNZEwP8eCNbLn12XOSLWE1wbbTTBvNBIDJ2lEFiXYGZPCPTg&google_hm=oPS0nt_IQl-HA923M1DiZQ==
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLglljF6XhD9HnszNnqcMea9PcKQHUvOBOGMqfUBfoc9JW_iKGNZEwP8eCNbLn12XOSLWE1wbbTTBvNBIDJ2lEFiXYGZPCPTg&google_hm=oPS0nt_IQl-HA923M1DiZQ==
Date
Sun, 24 Oct 2021 02:17:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
gg_pixel
sync.adaptv.advertising.com/ Frame 686F 		14 B
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEBgCNvnUf8ldDhQ6Cwdax80&google_cver=1&google_push=AYg5qPJF7Aa1D9b2l-xi1mnaMG0o34LSHFFnmKKa1vtA0oXHURpf_Rr44DhTwbRV7g-uad1lVDmaMgSMqGEfs0CYNvrma5HJDo3s
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.9.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-9-252.compute-1.amazonaws.com
Software
ribs2.0 /
Resource Hash
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server
ribs2.0
Connection
keep-alive
Content-Length
14
Content-Type
text/plain
pixel
cm.g.doubleclick.net/ Frame 686F
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENQ_14Tk2xAGoTdyPGWKXUQ&google_cver=1&google_push=AYg5qPJ-w5CV0ytvhpJgbaXDYvL-LRPOsMqqvkdTk0bDR-766HgKFVVEOpNuZa5YPsXLVB5QeMT1jRJeTTk-NX81z5PKn3D...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESENQ_14Tk2xAGoTdyPGWKXUQ&google_cver=1&google_push=AYg5qPJ-w5CV0ytvhpJgbaXDYvL-LRPOsMqqvkdTk0bDR-766HgKFVVEOpNuZa5YPsXLVB5QeMT1jRJeTTk-NX81z5PKn...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ-w5CV0ytvhpJgbaXDYvL-LRPOsMqqvkdTk0bDR-766HgKFVVEOpNuZa5YPsXLVB5QeMT1jRJeTTk-NX81z5PKn3DlwITnjQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ-w5CV0ytvhpJgbaXDYvL-LRPOsMqqvkdTk0bDR-766HgKFVVEOpNuZa5YPsXLVB5QeMT1jRJeTTk-NX81z5PKn3DlwITnjQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJ-w5CV0ytvhpJgbaXDYvL-LRPOsMqqvkdTk0bDR-766HgKFVVEOpNuZa5YPsXLVB5QeMT1jRJeTTk-NX81z5PKn3DlwITnjQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dot.gif
s0.2mdn.net/ Frame 686F 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESELwILFnOwPT6umLBXyb0I20&google_cver=1&google_push=AYg5qPJ-zM2FkQLgH1cqXQiL_MHuwEyt2NkSzDalmALP4DfvDn7oIqe8-9kfC7yfsftcckY9KhRW17NSfiPkVvb2aesHzK15aMYJZQ
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Oct 2021 02:17:46 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 686F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkyT_xKEo9wmd44Hns41qePa9QP1CrJw8daJTMozU0DxSQ5V4GxOq06DPlSRD-9FyBz1Da6g
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 0E0B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
98350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame A027 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
98350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 10AE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
98350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
main.css
s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/ Frame 1DDA 		950 B
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/main.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
5bb92cfa6dbeebbd412572b08ebab09a486d7edf8fae9b0caa3ee508663a715a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 02:43:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
410
x-xss-protection
0
last-modified
Wed, 20 May 2020 15:31:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 02:43:10 GMT
Enabler_01_242.js
s0.2mdn.net/879366/ Frame 1DDA 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_242.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 02:40:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37452
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 15:49:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 02:40:52 GMT
O2O_GDCS_18_003_ML_728x090_pkr.js
s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/ Frame 1DDA 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/O2O_GDCS_18_003_ML_728x090_pkr.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
366c4f5bbac08ff7b48f42657b407bb0f8e69a59d4583eaad69d499fb76f2e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 03:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4612
x-xss-protection
0
last-modified
Wed, 20 May 2020 15:31:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 03:51:31 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame 1DDA 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 15:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sun, 23 Oct 2022 15:22:50 GMT
impl_v81.js
www.googletagservices.com/dcm/ Frame 50D1 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17189
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 20:08:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 04:53:50 GMT
impl_v81.js
www.googletagservices.com/dcm/ Frame EFE7 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 04:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17189
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 20:08:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Oct 2022 04:53:50 GMT
B9689862.280584279;dc_ver=81.235;sz=300x600;u_sd=1;dc_adk=3346616624;ord=kfttm2;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.co...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 50D1 		44 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=81.235;sz=300x600;u_sd=1;dc_adk=3346616624;ord=kfttm2;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=39;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
b8c3476159934c82a3b5c8c65eed25e3548f1d23d406926e6c635bc8b5231726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21473
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 1DDA 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_291119599_98522337_-0&ref=25124645_4307561_291119599_98522337_-0
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
view
googleads4.g.doubleclick.net/pcs/ Frame D95C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvM18bQ4RZORLXxPqBl1aFD3tbMIJuQVHZvbGWup13xdmmuZ3f2oQe7hGaPnXWPH7RN2Dp0iGEXLl5Z40Vv54iBuf_XcT7Jco0Oaa5p2i1JkwG1TGqmK-s5MutNj4-zIOaKlrVLLjjE7vW4uSnToiXv4idrJtZFHo2uZNJKpCHLLBKC2GhYU81AvdiM8kFIrkHCvCQ0xMxMS2CHWjxw6aJXPhddFuSQwMe4udSE-QrWKzBt8V8c6qhM6ec44_MLpZ9Nwgymoy2Q_1fkqD0MLoswpnleOb0NzT32LlDnc-oDlKSmL52B6ukvoJ4LXtK_iLVDWeujJYAQmlCigjc06jMEUUKlJBDwFXffLnqO1TMydDVI41VvUtKJ9j6NJyQBLPAxtlwzkGN2FDCwaLRPfYnA4k-L-I_osrTdRuuFmum3Q8syt_pPzTXYL4IvDr0ROWmzxmADRkm-NgbOWOJAE1uS1gTwUIW8g54EHAw5RXgprFXZ6FGRM-e3xaaTwN2EzCGt0jAZx0GRZ29vSxBsjXu-Yhg8Ev0FqxbRlO4Fffv47Gcuk11cg4GWs-apQjQUAvwXalbi03NXg6EwpVR-oS1Imi9SlqbZdUu2RJK_OCXRVLlzaK3yObJGkPlBPiC5liMrI25eiQg1T6bhUR_MKB_SOBRIyukaJGP8EbPiB8dSeto6Lja7NGnwvhLS2R1chhHFtS1PDvshUs18toG5FezjY1v02Q4u5mL3tEudkZSR7S3dis3czlhyxRVhsaRZkS376GaFOygC3d_D8PoX70m9IE34eQObTQ0vK-Uhhe-Ad_zQRaxeosJdG6atm5BGg0l-CBZlMdoyBMELW9QGUNnd2Lj7NHikwRNRlaWnhUIbA_S14_Y7bXxBZGsCCwEyz5PyXTws_xARuiuPKYnZa3Hdxcq5fZtiyF3tC8HwHScYulKrorZR5QN3ird6WuTzH6I_pY9MSW4rblmTwP2t8VSvHJ9qOXTpJOTwZVKmbEpK1QYhFpCR5_nAgbu_eSqvjrobc_GiEYq2uv-c-6KpLRBp8lXJDVRBlNEKDw_vKtjgc8JOv348zAboj7xgXXEIR_n9grjnl7ln7ogemPZID-uq-05dgbeNszD4SHv22ZGQcsNv86yBrYXmF_ytGrD8m7Go82n84e3syvt3K0RuruGDF7QiP8l32aPVn_g7gE5qc_hJ5jCN4jiOnwk&sai=AMfl-YQ8K1EV4k_jhZFy6rAlhRL4m93nmm-4NLiXj0ODrAFwOkr3TgS67onT6tqeR5UMMoGZMDgniZtCI06lR528KenD05BbQyRptr_wX8pJeRaedcnOpgGIsGrKLn1JuE7I6pYw6ZDwUnmhS__1rMeRe0WlwiYUUg&sig=Cg0ArKJSzBXvprzTuHHnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=312&vt=11&dtpt=187&dett=3&cstd=121&cisv=r20211020.95001&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
B9689862.280621528;dc_ver=81.235;sz=320x50;u_sd=1;dc_adk=3499415988;ord=vhvn2b;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame EFE7 		44 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=81.235;sz=320x50;u_sd=1;dc_adk=3499415988;ord=vhvn2b;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=53;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
09a35cd1e34c4e0b0e9107b33b73372270204938985cdd6b8ec40a64a22a8f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21415
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
60005582_20210922043314430_STANDARD_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1DDA 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210922043314430_STANDARD_728x090_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
070d23a2dbc1b53de9924a017b3c6f77eb480dd6fd92a02abb288bbcac1f6e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 17:59:45 GMT
x-content-type-options
nosniff
age
29881
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
22602
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 11:33:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 17:59:45 GMT
60005582_20210922043318272_STANDARD_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1DDA 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210922043318272_STANDARD_728x090_LOOK-02.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
6592128fb1c654121b5bca15d785ca90abe55fee17213a7e30a157576045161d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 13:27:38 GMT
x-content-type-options
nosniff
age
46208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23034
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 11:33:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Oct 2021 13:27:38 GMT
60005582_20210922043322280_STANDARD_728x090_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 1DDA 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210922043322280_STANDARD_728x090_LOOK-03.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
1a0b7aaa441fa78839d8fe68fb43c5d2e83d1bcafc2b212f7fbc93ad69206ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/60575643/20200520083139580/index.html?e=69&leftOffset=0&topOffset=0&c=PEHmF8TeL9&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:54:42 GMT
x-content-type-options
nosniff
age
1384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21264
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 11:33:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Oct 2021 01:54:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame EFE7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=81.235;sz=320x50;u_sd=1;dc_adk=3499415988;ord=vhvn2b;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=53;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:07:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EFE7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4ueRobgKMW3kg9i32-UXVoKGTfBNjFFYCNRKDGCeDpk7skIsKPBGBTiRiPh9hDPfNlbc5hRN5AYmJmR2DnpgQQGm0a-z56U-7nx84h6zYTawVsuJNpx81slnkxM0D9oGetcZZN2e4DIyfMHbO&sig=Cg0ArKJSzAe01fx8uZdwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211020.01747&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=81.235;sz=320x50;u_sd=1;dc_adk=3499415988;ord=vhvn2b;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=53;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame EFE7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280621528&num=&adid=&advid=2276943&adsrv=1&btreg=505086692&btadsrv=doubleclick&crt=156986859&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=81.235;sz=320x50;u_sd=1;dc_adk=3499415988;ord=vhvn2b;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=53;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 15:58:26 GMT
Server
Microsoft-IIS/10.0
ETag
"0fda9262c5d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
8355182992233989945
s0.2mdn.net/simgad/ Frame EFE7 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8355182992233989945
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
4c46f3db0c3a352c7797dc4e327b8a4270f60923d01ee6fc1871316eaff82182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 02:50:21 GMT
x-content-type-options
nosniff
age
170845
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17822
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 22:09:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 22 Oct 2022 02:50:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 50D1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=81.235;sz=300x600;u_sd=1;dc_adk=3346616624;ord=kfttm2;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=39;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Nov 2021 01:07:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 50D1 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXjkHKT3S6JqyviyJ5V6NezHKsbCCZMJYRz6cWAGIhsEmqOkyHo2GLIUWWUV3LeyAtftuK9lcRCyQWwgi8vfzZRUNF9w2k8Op56WgMZZIjRW48xK7o169tFJQXpN6hl7uoo3ALcJKAuNHBy7P3&sig=Cg0ArKJSzDoKJAqPpkvLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211020.25252&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=81.235;sz=300x600;u_sd=1;dc_adk=3346616624;ord=kfttm2;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=39;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame 50D1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280584279&num=&adid=&advid=2276943&adsrv=1&btreg=505086629&btadsrv=doubleclick&crt=156803605&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=81.235;sz=300x600;u_sd=1;dc_adk=3346616624;ord=kfttm2;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=39;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 15:58:26 GMT
Server
Microsoft-IIS/10.0
ETag
"0fda9262c5d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3288
4997871131361703284
s0.2mdn.net/simgad/ Frame 50D1 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4997871131361703284
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
sffe /
Resource Hash
85b6cb290031b78436822ddc6d3b7b992fbc891f84cb5b9b80ef8ed88fc79973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 06:13:17 GMT
x-content-type-options
nosniff
age
590669
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
128499
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 22:08:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Oct 2022 06:13:17 GMT
grumi.js
rumcdn.geoedge.be/5197d759-1b1e-4e18-8e54-2756093af167/ Frame 6E53 		294 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/5197d759-1b1e-4e18-8e54-2756093af167/grumi.js
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-105.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75b9cdabe4245c4f4ef40ac02ffea9efcdda2ffd1c57cf5c5417586ae2b443db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 01:52:16 GMT
content-encoding
br
last-modified
Sun, 24 Oct 2021 01:39:58 GMT
server
AmazonS3
age
1531
etag
W/"6fb0086b77762bfd7c90440ba8edf584"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
dniqpiZHETeR1jEgj8ZTCA0T4xK1frUB
via
1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
Nq6VGTC5OwpqPN10eMSHEdWtkPzw9GcYlT92nwIRHwhGD-qZDv4cEA==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 045C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
141618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6A25 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f97.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 22 Oct 2021 10:57:28 GMT
expires
Sat, 22 Oct 2022 10:57:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
141618
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
dv-measurements1800.js
cdn.doubleverify.com/ Frame FCE7 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 875D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 08:58:57 GMT
expires
Sun, 24 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62329
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame EFE7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed88cce4f37b2ef3967bbced09a02e4b62cd838377acb415753b51a6c95ddadd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements1800.js
cdn.doubleverify.com/ Frame F40C 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1649 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 23 Oct 2021 08:58:57 GMT
expires
Sun, 24 Oct 2021 08:58:57 GMT
content-type
text/html; charset=ISO-8859-1
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
62329
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame 50D1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4898403140fccda174c42f511d9516f5fc0188ce265c6f5da6cdb21d8fd81885

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame EFE7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4ueRobgKMW3kg9i32-UXVoKGTfBNjFFYCNRKDGCeDpk7skIsKPBGBTiRiPh9hDPfNlbc5hRN5AYmJmR2DnpgQQGm0a-z56U-7nx84h6zYTawVsuJNpx81slnkxM0D9oGetcZZN2e4DIyfMHbO&sig=Cg0ArKJSzAe01fx8uZdwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=201&vt=11&dtpt=200&dett=2&cstd=0&cisv=r20211020.01747&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280621528;dc_ver=81.235;sz=320x50;u_sd=1;dc_adk=3499415988;ord=vhvn2b;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=53;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
init
gw.geoedge.be/api/ Frame 6E53 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/5197d759-1b1e-4e18-8e54-2756093af167/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.175.30.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-30-20.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 24 Oct 2021 02:17:46 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
content-length
0
Cookie set $%7BCLICK_URL_ENC%7D
eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohX... Frame 7310
Redirect Chain
  • https://eu.sportradarserving.com/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fIno...
  • https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4y...
14 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/5197d759-1b1e-4e18-8e54-2756093af167/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.46.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-46-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e1c2d8cba21aaca02fd0927c57fa842bf9fe671197aa6b917e3042812634195b

Request headers

Host
eu.sportradarserving.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
zuuid=58a8e0ca-af7d-4a65-8ec1-df7b59093f72; c=1635041866; zuuid_lu=1635041866
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Oct 2021 02:17:46 GMT
Set-Cookie
zuuid=58a8e0ca-af7d-4a65-8ec1-df7b59093f72; path=/; expires=Mon, 24-Oct-2022 02:17:46 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1635041866; path=/; expires=Mon, 24-Oct-2022 02:17:46 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k=1; path=/; expires=Mon, 24-Oct-2022 02:17:46 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_k_lu=1635041866; path=/; expires=Mon, 24-Oct-2022 02:17:46 GMT; domain=sportradarserving.com; samesite=none; secure pvc2=EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS,pEAUKGC6nhT7wCnM4wpMfQ,zA8WDZWNRnPdVLLZEmFBeA,MNjmGSind2a1B1A5UtXktg,zA8WDZWNRnPdVLLZEmFBeA,kvHnb6J8Cc4FRKr7knZHXg,zA8WDZWNRnPdVLLZEmFBeA,U6jq-n_6rENBinJDVjKfvw,zA8WDZWNRnPdVLLZEmFBeA,WPmWukykxPIP5dHUIZplhg,zA8WDZWNRnPdVLLZEmFBeA,iRFxMMc6WnFCJdw8MWRx4Q,zA8WDZWNRnPdVLLZEmFBeA,GC2YtHodDZYicqOLK8mnyQ,zA8WDZWNRnPdVLLZEmFBeA,ojE4Xe9--p0e6jWuZ3FXug,zA8WDZWNRnPdVLLZEmFBeA; path=/; expires=Mon, 24-Oct-2022 02:17:46 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length
5023
Connection
keep-alive

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Date
Sun, 24 Oct 2021 02:17:46 GMT
Location
https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Set-Cookie
zuuid=58a8e0ca-af7d-4a65-8ec1-df7b59093f72; path=/; expires=Mon, 24-Oct-2022 02:17:46 GMT; domain=sportradarserving.com; samesite=none; secure c=1635041866; path=/; expires=Mon, 24-Oct-2022 02:17:46 GMT; domain=sportradarserving.com; samesite=none; secure zuuid_lu=1635041866; path=/; expires=Mon, 24-Oct-2022 02:17:46 GMT; domain=sportradarserving.com; samesite=none; secure
Content-Length
0
Connection
keep-alive
bvw.gif
c.4dex.io/ Frame 6E53 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bvw.gif?adu_code=div-gpt-ad-1472565425637-2&auct_id=4lpl94.yv&bidder=bidswitch-sportradar&brwsr=chrome&buid=0&cat=&deal_id=ADAGIO-SPORTRADAR-WW-SPORT-2021-08-05&deal_pcat=1&dvc=2&env=desktop&h=250&lzy=0&margin=0.1&mt=ban&org_id=1161&os=windows&partid=2021102402&pbjsv=5.18.0-pre&pgtyp=&plcmt=ban_atf&pn=1&pub_id=10603&pv_id=c7240315-035f-4612-8b7f-63ccef855971&site=fakty&sspv=4.3.0-do&subcat=&tgt_tiv=1000&vsbl_thrshd=0.5&w=300&start_ts=1635041866681&evt=start&v=1&tiv=0&vwbl=0&vwbl_ts=0&cfg_vwbl_ratio=0.5&adgjsv=&vwjsv=1617196588512
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:46 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
0
expires
-1
/
aws-fr.bidswitch.net/imp_s2s/0.1689/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BEXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4... Frame 6E53 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws-fr.bidswitch.net/imp_s2s/0.1689/BSWhttps_A_B_Beu.sportradarserving.com_Bnotify_BEXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi__nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa__j7jry-MGrbpX3C__4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5__dC3qN5MDmIl9fzBDBxmXjlhEAI5S__TI__TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ__1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7__sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM__XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw__VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS__TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ__TKyMvupJdMM3lSJOD9vZ0B61o3w__M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS_B_I_WAUCTION__PRICE_X_B/dOVpVegqRbBRIjCatwmlQyfqzySQ2tVvIW7YmNS-g588iwNg2Cb3MOI8Ok5uBEm8zJ0t9G6uO204p7OqO3ME2Fx0kJv-QilAjYXnugW2tDvNxqUarPqr7YB-2inwy7Ccj48VKvFSwJ9xOwTL_7y6IcpmfyxicNOwdCht7Cw7g0T8VG_3pEPHNHVZ7i331wOgKLLm-m_5lDHWdgrKI-ncm0MC4vOBGgBVBMV_FFiq-o8jk4HLQufr64F3DhurBv8a35yym5FTZ__E390AglHp0ECGD3Qao_JI_ttEcyDPiJULTrMYq-o9npdnEr_l1QcjkZSdscKRYlYwtrB1DOLGvAL915J8MM-daGUHVg7rqlN2gOJ0BpqpvpVpDzJ6PQGTxim8tBsMM6fx9UvBrAN53Ge4lJ8BrBDFaGaXtSK6g57_6vhNUbg7l0rFjoll8jnMTRgGc9YC-mv0C8wS4kns4VSPInL5pzZ-CkqKZZD-k855GXxVuj7q2bf18UelpWka9D1yYZ80Ggk7dvNNnmizioWAwGmXR4ORRQi7oKYL3795HQCFg7S7_rEcbNT4CqIZyaiKtQs2mYKCodXbEn4QTINzvBtbdkv5_-MqjXOuylp8mfPLuczIM2VL6H9nwxDFUmgEBxMucbSe2T8ut4aoPmXgw3-wosWgbP3rA5S_gdFO-2Ez8I4g8gelgViAOJKFJephr4py0qcJojd_cw_Hr4nksPMqYvMYrqAsPOo3tj1JGlaOA3sUgncdyndwxWdfXO5KRCsCUrcLdbC7B2gGyL8kW1wrRHq-iFMJIkYbIcQVyD59pnF9qRQ9CkOq3-KP6xtBYJltCNeLY7P7Os_6ooLQW9UyaX_27_H87cOBRZEyxvpj6C10UpwVhXsgOeNo67kHiecQISp8A9E_aboaGkz28SxiMzArABzyx5VqGHZ5RZs2e0q-qd0H3fkG6yhJOJlh_uv-Y-93tpONLEoCNN758yFfXjx9eyt3pFnGSBZFs-JS_OIpkf9-FKKywMW35NRy6YfURQ656X64hmNNNnBgnGwMqyxMMPR9pWNf_V6jihPKb3ZLSphppxMLdTiLv5RrEP2zOMpSIYiEjjjL351PhM48ngbeYLfkc6k0VQUpEIbgbqeDdAKYfAw3y7CdLaFpUEi-Al4T21MwqdZ0qP6ZzfBRF0NHZHbvi65H7Q/
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.176.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-176-85.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:46 GMT
content-length
43
content-type
image/gif
bimp.gif
c.4dex.io/ Frame 6E53 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.4dex.io/bimp.gif?adu_code=div-gpt-ad-1472565425637-2&auction_id=4lpl94.yv&bid_id=33e626688e88151&bidder=bidswitch-sportradar&browser=chrome&buid=0&buids=0&category=&cpm=0.1689&crea_id=409_19621&ctry=DEU&curr=USD&deal_id=ADAGIO-SPORTRADAR-WW-SPORT-2021-08-05&deal_pcat=1&dvc=2&environment=desktop&h=250&lzy=0&margin=0.1&mt=ban&net_cpm=0.13512&org_id=1161&os=windows&partid=2021102402&pgtyp=&plcmt=ban_atf&pn=1&pub_id=10603&pv_id=c7240315-035f-4612-8b7f-63ccef855971&rpmadc_smpl=1&rule_id=1192&site=fakty&sspv=4.3.0-do&subcategory=&tiv=44&url=https%3A%2F%2Ffakty.com.ua%2Fua%2F&vr=0.1&vsbl_thrshd=0.5&w=300
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.81.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.81.95.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:46 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
alt-svc
clear
content-length
43
expires
-1
view
googleads4.g.doubleclick.net/pcs/ Frame 50D1 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXjkHKT3S6JqyviyJ5V6NezHKsbCCZMJYRz6cWAGIhsEmqOkyHo2GLIUWWUV3LeyAtftuK9lcRCyQWwgi8vfzZRUNF9w2k8Op56WgMZZIjRW48xK7o169tFJQXpN6hl7uoo3ALcJKAuNHBy7P3&sig=Cg0ArKJSzDoKJAqPpkvLEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=237&vt=11&dtpt=236&dett=2&cstd=0&cisv=r20211020.25252&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=81.235;sz=300x600;u_sd=1;dc_adk=3346616624;ord=kfttm2;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Ffakty.com.ua%2F$0;xdt=1;crlt=en'2TIco9G;sttr=39;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
server
cafe
dv-measurements1800.js
cdn.doubleverify.com/ Frame 6755 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E0B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg0ObScJ0YfH8OZ-KjuwPiMyD2AkAAAAAOAHgBAI&bg=!_v2l_bnNAAbUs_yW1LM7ACkAdvg8WjrPy2GAd1FkbPTGzsmo7czzA2tTIfh9K4JyN4AyzctHct_VDwIAAADnUgAAAHJoAQcKACvEUpKxXuhzRp48wD2YaPFSBWRWsWeNWqEfvztgAtda3dfZ7KTqSy7qK8enmQMZuZKfTxm1SGbLaRcovB-mLpWnnYXUaCHtE8SFuOF2fxVsa8-I-zWsYTq9y7wjT966PHRfEe89hb185Ui1QFzNuIJ8UT075-lXiYOxD3AoHhFVx_PXHA9Wc8OsQeR3M42iu8XPuq9NUmW-_hN6keRKWV52q0r1fdRVcP7EjR10pFMXA86aQc5m-xMVNg1NAHW-aeuXF6PCPteRZY6ozZ-8t3Rm8WXHoryeAiyTQiZTQLCTZQhTGfleqwFEDeOx1eL8_ASaYCWjbETGgeVx0bYw8bV2KCpbohk3Ei89Iu4hZnxub92M9aoB9uji3-_EhRfI52NavZRy-ixGhRbmLb-OIwVyKMTuyA67IcKYrpx292TbI6iVvhLf260xRzFKuiq3fY342z6lSgTlAT6V6GFEWv7l0D6UuAVllm7aI0NORVN79D5ykoOZyvKgUivAoBo1QDr33EcGgOwyVH1GMFlRsemkxYQwIdLmNR1L5Qtzttn47vAWeFRYFoqvGnF-QX1YzA_zNnBMC3aCS_8t71GYdDlWiL8i9SqmAJKUENCRF1-eFzskUo2qThez699Bb8PJaZDxS8SqnqNqbFgwn3MF0kFzle2ibgixSBSGj04aqoWO57zge7m2oDaBSoDa1aO8kO8ex3hxhdpBaht8lUqw7qi5kXCMGZymzNpqlg_CdmBDcLhX17s_lVn-f1IKJ-Lm5rfpg66Mf9HJcZQv259AIYCx3CHOWn11a9YYRN2zNyADKlFZqA8i_2PmhXZrNHFPsFO7WKpyfULqahWZo1qhgGnC2fXg0fwwpDoNox1LbozT97lA3Lxx3zZtIqSSbimnDwL6KsIvwAGK3aPutDdfFCJUhqFqeXzm56lGcHJSSasaegITDNvrnD1zKcKqQ4q0i7x0BgQiu3-_0pN2Acr6p9WAtXBTgOGCL7LP1s4tJMqxtV6YxeGKo5YzxDBTJ_rVrEAuVCXpB56XTR1jjqSqEyiIMqnC_TXI3U25K1ac94EKqlEoeBe9eNYyasJmHGS34UrhpbFTH_nTVqmBh7xHfoIr97LUCSvTew
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv-measurements1800.js
cdn.doubleverify.com/ Frame 9C13 		495 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements1800.js
Requested by
Host: fakty.com.ua
URL: https://fakty.com.ua/ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.109 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-109.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Oct 2021 09:46:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fef5397bad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91601
visit.js
tps.doubleverify.com/ Frame FCE7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=139&ttfrms=20&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2Tar9EEADTbpTauTau66f%602255abg2edabbc7g556fd72f7%60d3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauF2Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=578&ddur=8&uid=1635041866771616&jsCallback=dvCallback_1635041866771534&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=50&winw=320&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=9&brh=2&sdf=2&dvp_epl=267&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://fakty.com.ua/ua/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0jNsVtZ3bkCnXKx4enWMm8R&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231608&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=442573157.9504115&dvp_tukv=263019960973.4209&dvp_uuid=1069761493.3343345&dvp_strhd=0.3000001907348633&dvpx_strhd=0.3000001907348633&dvp_tuid=121508841991
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
44128c1c8b4398c91e545606ab7357d657e89abb6619493f361d5e5e7d12bc4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/23/2021 2:17:46 AM
visit.js
tps.doubleverify.com/ Frame F40C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=145&ttfrms=4&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2Tar9EEADTbpTauTau66f%602255abg2edabbc7g556fd72f7%60d3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauF2Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=601&ddur=8&uid=1635041866787917&jsCallback=dvCallback_1635041866787662&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=9&brh=2&sdf=2&dvp_epl=267&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://fakty.com.ua/ua/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0i8PL5ZCo27tV76TMSskoGX&DVP_DBM_1=1861733&DVP_DBM_2=22911758&DVP_DBM_3=56620809&DVP_DBM_4=327231221&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=21321694427&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=1876782.6259534594&dvp_tukv=10979267035.492584&dvp_uuid=3246227039.483772&dvp_strhd=0.09999990463256836&dvpx_strhd=0.09999990463256836&dvp_tuid=81340496726
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 /
Resource Hash
bc2ddc10513d713715b5aec59e9db77aaa5e34c416ca480c685d57c7ab0ff96d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/23/2021 2:17:46 AM
activityi;dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F
6517501.fls.doubleclick.net/ Frame 46C4
Redirect Chain
  • https://6517501.fls.doubleclick.net/activityi;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2F...
  • https://6517501.fls.doubleclick.net/activityi;dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~...
416 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6517501.fls.doubleclick.net/activityi;dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMS7G77
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
af83ea416132c93eae2387dc52fd11e82ca3f8ac0c732308f2db71a617b76bb4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6517501.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmt5QsSbQPZEpCCxh8L70iT-N-9ONCzG4m7zOan266Qvwy6S0xYSitlvCDq5uE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 24 Oct 2021 02:17:46 GMT
expires
Sun, 24 Oct 2021 02:17:46 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
336
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 24 Oct 2021 02:17:46 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6517501.fls.doubleclick.net/activityi;dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
associate-segment
segment.prod.bidr.io/
Redirect Chain
  • https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=
  • https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=&_bee_ppp=1
43 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=&_bee_ppp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.123.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-123-64.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:47 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://segment.prod.bidr.io/associate-segment?buzz_key=adtelligent&segment_key=adtelligent-8&value=&_bee_ppp=1
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
/
d.adtelligent.com/segments/ 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtelligent.com/segments/?id=115
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.174.10 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
VertaMedia 1.0
Content-Type
image/gif
Access-Control-Allow-Origin
https://fakty.com.ua
Access-Control-Allow-Credentials
true
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=7200
Content-Length
43
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=822090561&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffakty.com.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D1%81%D0%B2%D1%96%D1%82%D1%83%20%D0%BD%D0%B0%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV%20%7C%20%D0%A4%D0%B0%D0%BA%D1%82%D0%B8%20ICTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adBlocker&ea=inactive&el=%2Fua%2F&_u=SCCAAEABCAAGAE~&jid=&gjid=&cid=437685793.1635041865&tid=UA-126238864-1&_gid=2121756954.1635041865&gtm=2wgak0KMS7G77&z=740712899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 07:15:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
68549
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10AE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg46LScJ0YcyFPJLZ7_UPg6CP6A4AAAAAOAHgBAI&bg=!MTKlMnbNAAbUs_yW1LM7ACkAdvg8WlAHJWN8XNjJH-u4Aw-WKnUi5lHT1Pbv0j4Eui_RYivIsdUBZQIAAAFcUgAAAG9oAQeZAyK5FT_Z5-3H5HyfOJN62_iS0majDPFIMoNfgBc6j4zc5zNLroimLHbrEi7nQ1mvf8yimvV6OzzRFbuuLoG7VEaqQINUncltA_llYSBZhz6XUDexEgMnKH0kkNf6pi3VgqdjF7I5cwoLv9UT8fvV6IXa0rgx0JtozG_saunBVOhNyRZH5Sk1MTh-ZzFozyHaSlY0CTn9nyrC9FVC0Hz7XRDIWGjwp0HYGAdVmxr2JcWDBLMMo5ZwH3GAEUQClKDdM6-3FO4gblbPi59cY17fo1lOE8vJUDkVnw2ZMASP0YW3tV268XmdguzD1shkxALDuburgmKec4aWlFtEh-yTNl5clFy7MyHxXL2QTD3kvTWa6htE_tE57A7HajHXdFnjQXG5VzD3w9Tl3ZCnxiJty7JrLCpqbaXfFPfDuHfbODa6sEYoa1lswPjD4dfcWr6BTEiGQXpSWHTDiRG9KzX8dMsqlgSryk1oTdKEFc9EdmhezDqt9K5LgdjiHrZjhypxKt6i_JqSuWQCt5GHBuckXw2z-6A63QAwjL0tqR21FUm1fsqLAhmQ5pB_eYDhjrrPdo5YtTz-PfoMmymKqKOAPC-PhXfloPlhJ3bBRmBxPRxDqWoYIcMwxhUrTIljelp-Tvkl8m-gRyGef1YbDUbszSSzBkdZd9Z773lZVvtkLYrYQFQ8d7Ti-5G1MlSIXGiZzKbdvg7UR8JCqwmWpJ5YlPYmt4IkeUzKuQGtI88CBldaY5UkAr6eFyPftis4pMP5QcSDJP4FUhaFjLT7ijR0TOD83bcMQPVKBCnntvSetRrejG-jx_I9CtvWOodbUgXIGG-bdU3E3XEaKOy-_2W-YIDS2h0vM_Xy_olb-NnSOCqEf7tnrfHYHiSMbvjTdH-L1jM2FFda1rU_EnkViaJEsT0IJjUVTfgTINl-z2urFnniQvMGXhPg-EVmNzvJj0hNyYPctN87tWMq1mVfWLnq-ols3bcS-HmAHzjS9elxtiJ7u6JMdruRsVcnGw1wz2kOsh7BrpHLTC7TBaeTKkTajUO9SM9gpQ5xnMpi9NXhX8ad90z9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 875D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKyXusVlXPcRqRUmQb4GSLI&google_cver=1&google_push=AYg5qPLh-riKwnF3-DMLFztt9ygJsOOPQQrp4cPoGYfwavN3CCJXZjH-2x7E5VbVP0n88o8pDwCpi3-RdmDYs7iKd3KRGlvGAO_o
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM5OTY1MTI4Njk1MzQ3ODQ0NQ==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEKyXusVlXPcRqRUmQb4GSLI&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEKyXusVlXPcRqRUmQb4GSLI&google_cver=1
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.116.194.21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
presentation-atl1.turn.com
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEKyXusVlXPcRqRUmQb4GSLI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 875D 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFm9rYIK8VNrHy26g4-zeOk&google_cver=1&google_push=AYg5qPKer3SeG172sa0vZ9bwWnhuG-XBqjgXjyZKjtTlhmT9aewD8kRVjsE9z5MV32aQ5hOfoPKRYUQPuIu9LOOcZqixCgbW2oq6
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 875D
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEGk7iFPV2t4KwqoqH-ayuIA&google_cver=1&google_push=AYg5qPKtXAxy1nvl2EPC5BOalftPuloKMv_QIHaNU0-Oq7CZZE1FQo8Q_a_0TEJygOqTXJbIcBT6gT2A674t8Im8...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AUgkwoS5RoilertJR_3LZg2&google_push=AYg5qPKtXAxy1nvl2EPC5BOalftPuloKMv_QIHaNU0-Oq7CZZE1FQo8Q_a_0TEJygOqTXJbIcBT6gT2A674t8Im8lt48hGXSygBq
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AUgkwoS5RoilertJR_3LZg2&google_push=AYg5qPKtXAxy1nvl2EPC5BOalftPuloKMv_QIHaNU0-Oq7CZZE1FQo8Q_a_0TEJygOqTXJbIcBT6gT2A674t8Im8lt48hGXSygBq
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Oct 2021 02:17:46 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=AUgkwoS5RoilertJR_3LZg2&google_push=AYg5qPKtXAxy1nvl2EPC5BOalftPuloKMv_QIHaNU0-Oq7CZZE1FQo8Q_a_0TEJygOqTXJbIcBT6gT2A674t8Im8lt48hGXSygBq
x-host
tde-deliveryengine-production-7f8fcb5db4-cd9cd
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 875D
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESENQ_14Tk2xAGoTdyPGWKXUQ&google_cver=1&google_push=AYg5qPKjC1Yqkl-xedtE7yG32rH_rwRSOzjUv_jHvdaWNENnsTnNlS1j5WHO6v--oSLmxVHnNeEw9hPvFUFDfO0OzG8Q7Kc...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKjC1Yqkl-xedtE7yG32rH_rwRSOzjUv_jHvdaWNENnsTnNlS1j5WHO6v--oSLmxVHnNeEw9hPvFUFDfO0OzG8Q7Kc6JKg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKjC1Yqkl-xedtE7yG32rH_rwRSOzjUv_jHvdaWNENnsTnNlS1j5WHO6v--oSLmxVHnNeEw9hPvFUFDfO0OzG8Q7Kc6JKg
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKjC1Yqkl-xedtE7yG32rH_rwRSOzjUv_jHvdaWNENnsTnNlS1j5WHO6v--oSLmxVHnNeEw9hPvFUFDfO0OzG8Q7Kc6JKg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 875D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEu0zTT7tBAFGkfh2gjZR04&google_cver=1&google_push=AYg5qPJembF33R7K-rzJ1vCipuPRK9ktn6dLsEw9wI34JdHHryferm1gU7tt7xRaDweUIThX7nRh2ZAx...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEu0zTT7tBAFGkfh2gjZR04&google_cver=1&google_push=AYg5qPJembF33R7K-rzJ1vCipuPRK9ktn6dLsEw9wI34JdHHryferm1gU7tt7xRaDweUIThX7nR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4NDY1MzU0MDc1MjU4MTUyNA&google_push=AYg5qPJembF33R7K-rzJ1vCipuPRK9ktn6dLsEw9wI34JdHHryferm1gU7tt7xRaDweUIThX7nRh2Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4NDY1MzU0MDc1MjU4MTUyNA&google_push=AYg5qPJembF33R7K-rzJ1vCipuPRK9ktn6dLsEw9wI34JdHHryferm1gU7tt7xRaDweUIThX7nRh2ZAx-jbSekDvnnHW6itTmLTm
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4NDY1MzU0MDc1MjU4MTUyNA&google_push=AYg5qPJembF33R7K-rzJ1vCipuPRK9ktn6dLsEw9wI34JdHHryferm1gU7tt7xRaDweUIThX7nRh2ZAx-jbSekDvnnHW6itTmLTm
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 875D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIiAhjbkJnDDpmkwkwCOFws&google_cver=1&google_push=AYg5qPJ-44uHCRkPl3EE3frE__giZb451y75RTvRWX8suoIEMjSk74JH5snd_8_qPrs56PvTr42CfjMqSNdxb4NOH...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIiAhjbkJnDDpmkwkwCOFws&google_cver=1&google_push=AYg5qPJ-44uHCRkPl3EE3frE__giZb451y75RTvRWX8suoIEMjSk74JH5snd_8_qPrs56PvTr42CfjMqSNdxb4NOH...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJ-44uHCRkPl3EE3frE__giZb451y75RTvRWX8suoIEMjSk74JH5snd_8_qPrs56PvTr42CfjMqSNdxb4NOHRDygv4d1PI&google_hm=78a57c49479095fe504ac53e
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJ-44uHCRkPl3EE3frE__giZb451y75RTvRWX8suoIEMjSk74JH5snd_8_qPrs56PvTr42CfjMqSNdxb4NOHRDygv4d1PI&google_hm=78a57c49479095fe504ac53e
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPJ-44uHCRkPl3EE3frE__giZb451y75RTvRWX8suoIEMjSk74JH5snd_8_qPrs56PvTr42CfjMqSNdxb4NOHRDygv4d1PI&google_hm=78a57c49479095fe504ac53e
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 875D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEADkKwSsukd4Bn6-YIl8inI&google_cver=1&google_push=AYg5qPLUU_nVKry-SOZxqEXJwg-TicFR7Nz4OxDh9_DO_pLP1QvYILy_N59JzXdZyXDGwF_D3Pj-ToR_mDHmjmgh...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLUU_nVKry-SOZxqEXJwg-TicFR7Nz4OxDh9_DO_pLP1QvYILy_N59JzXdZyXDGwF_D3Pj-ToR_mDHmjmghHrN3ozOxRYw9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLUU_nVKry-SOZxqEXJwg-TicFR7Nz4OxDh9_DO_pLP1QvYILy_N59JzXdZyXDGwF_D3Pj-ToR_mDHmjmghHrN3ozOxRYw9
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Oct 2021 02:17:46 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLUU_nVKry-SOZxqEXJwg-TicFR7Nz4OxDh9_DO_pLP1QvYILy_N59JzXdZyXDGwF_D3Pj-ToR_mDHmjmghHrN3ozOxRYw9
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
KD5lwUgTz4yZ4WwugbwNifjo4TlEOcl6rDp56RZ3c0UqNFxJTxG-ZQ==
attr
cm.g.doubleclick.net/pixel/ Frame 875D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LshPE030DvWY5GkhyLDhCUwij9kb8K-LREgLHwJI-sGIYVY_2XgDiB2wjEbmUNE754d9g5
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 045C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
98350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
visit.js
tps.doubleverify.com/ Frame 6755 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=126&ttfrms=4&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2Tar9EEADTbpTauTau66f%602255abg2edabbc7g556fd72f7%60d3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauF2Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=578&ddur=8&uid=1635041866850804&jsCallback=dvCallback_1635041866850746&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=50&winw=320&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&sdf=2&dvp_epl=267&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280621528&crt=156986859&btreg=505086692&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=442573157.9504115&dvp_tukv=19754944836.43434&dvp_uuid=11421925469.438608&dvp_tuid=364733760048
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
523cc2e07734af5280fd9977203a3dbec5c2f1c128fe3ca9a1dbf93c09010d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/23/2021 2:17:46 AM
visit.js
tps.doubleverify.com/ Frame 9C13 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=119&ttfrms=4&brid=3&brver=93.0.4577.63&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2Tar9EEADTbpTauTau66f%602255abg2edabbc7g556fd72f7%60d3%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau72%3CEJ%5D4%40%3E%5DF2TauF2Tau&srcurlD=0&aUrlD=-1&ssl=https:&dfs=601&ddur=8&uid=1635041866859781&jsCallback=dvCallback_1635041866859284&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1800&tgjsver=1800&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&sdf=2&dvp_epl=267&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280584279&crt=156803605&btreg=505086629&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=1876782.6259534594&dvp_tukv=221633618270.2847&dvp_uuid=1344213077387.0696&dvp_strhd=0.09999990463256836&dvpx_strhd=0.09999990463256836&dvp_tuid=433941319668
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b22bc0cf36519182813e49ab683986f44df53eee72df1d747fe448004e3500f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
10/23/2021 2:17:46 AM
DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
pagead2.googlesyndication.com/bg/ Frame 6A25 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 22 Oct 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
98350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13408
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 22 Oct 2022 22:58:36 GMT
/
google2waycm.netmng.com/cm/ Frame 1649 		0
0
dpixel
cms.quantserve.com/ Frame 1649 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFm9rYIK8VNrHy26g4-zeOk&google_cver=1&google_push=AYg5qPLcOWRgH-LCPQplPn6dJYNjq5Hl8ivyyaRmF2xP-A2WUK4HXIw1eL_1etnKhxIUh2Q-n1HdkOHJo8iZwHqJwf6FLUWw3aiVyw
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1649
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEHA7bFYUHnT5MP9EvUnABcM&google_cver=1&google_push=AYg5qPJBcSBCrKSCIdhjOLYDEwLkFMYIn3kWOp_BTZ3CyClbYFO30GS0Xeun1_6eNIYvFZpm_ZL6Ogu...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEHA7bFYUHnT5MP9EvUnABcM&google_cver=1&google_push=AYg5qPJBcSBCrKSCIdhjOLYDEwLkFMYIn3kWOp_BTZ3CyClbYFO30GS0Xeun1_6eNIYvF...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=CARd_jwATCayprZT_6CHUGF0wko
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=CARd_jwATCayprZT_6CHUGF0wko
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=CARd_jwATCayprZT_6CHUGF0wko
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 1649
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAcV47Nw0We1HN1D8IzOBHM&google_cver=1&google_push=AYg5qPK5kkeRtpXryyMZZvPGBubDDEvRSDxw2-sqmJQgKAAwVFTUTjlLTnR4I_G2ahsWZHgzoGU_uX2KV_o-ES11wjkF...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a0f4b49e-dfc8-425f-8703-ddb73350e265
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a0f4b49e-dfc8-425f-8703-ddb73350e265
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=590374f9-b6f8-48ec-a2ca-e6cef7a052e2&user_group=1&ssp=google&bsw_param=a0f4b49e-dfc8-425f-8703-ddb73350e265
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK5kkeRtpXryyMZZvPGBubDDEvRSDxw2-sqmJQgKAAwVFTUTjlLTnR4I_G2ahsWZHgzoGU_uX2KV_o-ES11wjkFeKk0weiZqQ&google_hm=oPS0nt_IQl-HA923M1DiZQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK5kkeRtpXryyMZZvPGBubDDEvRSDxw2-sqmJQgKAAwVFTUTjlLTnR4I_G2ahsWZHgzoGU_uX2KV_o-ES11wjkFeKk0weiZqQ&google_hm=oPS0nt_IQl-HA923M1DiZQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK5kkeRtpXryyMZZvPGBubDDEvRSDxw2-sqmJQgKAAwVFTUTjlLTnR4I_G2ahsWZHgzoGU_uX2KV_o-ES11wjkFeKk0weiZqQ&google_hm=oPS0nt_IQl-HA923M1DiZQ==
Date
Sun, 24 Oct 2021 02:17:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1649
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEES6AvOtu5SYkfRTB0rDIFI&google_cver=1&google_push=AYg5qPIltcjuf-Wiz4kP_uCx0IyLzLjCwShNNEaDzaYQRa2ajQ9YzFi7TNJiLm3TzR2JrFFmOYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TFBMRDktSC1FSUVL&google_push=AYg5qPIltcjuf-Wiz4kP_uCx0IyLzLjCwShNNEaDzaYQRa2ajQ9YzFi7TNJiLm3TzR2JrFFmOYm_IZXSmuYpa9eCdS8WG1NnvxzimA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TFBMRDktSC1FSUVL&google_push=AYg5qPIltcjuf-Wiz4kP_uCx0IyLzLjCwShNNEaDzaYQRa2ajQ9YzFi7TNJiLm3TzR2JrFFmOYm_IZXSmuYpa9eCdS8WG1NnvxzimA
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0TFBMRDktSC1FSUVL&google_push=AYg5qPIltcjuf-Wiz4kP_uCx0IyLzLjCwShNNEaDzaYQRa2ajQ9YzFi7TNJiLm3TzR2JrFFmOYm_IZXSmuYpa9eCdS8WG1NnvxzimA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1649
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEH8n3RdvmFYgx7sMZoGvZ0c&google_cver=1&google_push=AYg5qPJacvMJGBvlUtPUKHFjUc4H1t1e1Jvke3RMiWXKtROS3Rdvgwc_izSylUNVsXn4aCe_hCZ2e2Beg2KrDyv2dUcsb-pPHp2c
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJacvMJGBvlUtPUKHFjUc4H1t1e1Jvke3RMiWXKtROS3Rdvgwc_izSylUNVsXn4aCe_hCZ2e2Beg2KrDyv2dUcsb-pPHp2c&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYxMjgwMjc0NDc3ODIyMjg0NDA%3D&google_push=AYg5qPJacvMJGBvlUtPUKHFjUc4H1t1e1Jvke3RMiWXKtROS3Rdvgwc_izSylU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYxMjgwMjc0NDc3ODIyMjg0NDA%3D&google_push=AYg5qPJacvMJGBvlUtPUKHFjUc4H1t1e1Jvke3RMiWXKtROS3Rdvgwc_izSylUNVsXn4aCe_hCZ2e2Beg2KrDyv2dUcsb-pPHp2c
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTYxMjgwMjc0NDc3ODIyMjg0NDA%3D&google_push=AYg5qPJacvMJGBvlUtPUKHFjUc4H1t1e1Jvke3RMiWXKtROS3Rdvgwc_izSylUNVsXn4aCe_hCZ2e2Beg2KrDyv2dUcsb-pPHp2c
date
Sun, 24 Oct 2021 02:17:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 1649
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGV8-vluJuGjDPbJ6sssc-I&google_cver=1&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGV8-vluJuGjDPbJ6sssc-I&google_cver=1&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGV8-vluJuGjDPbJ6sssc-I&google_cver=1&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5V...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEGV8-vluJuGjDPbJ6sssc-I&google_cver=1&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5V...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDMzYjE4MC0zNDcwLTExZWMtOTJlZi0wNjNjOTUwY2QxNTY%3D&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7ECjy7HP-1x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDMzYjE4MC0zNDcwLTExZWMtOTJlZi0wNjNjOTUwY2QxNTY%3D&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7ECjy7HP-1xR1t6Lf_hQncW_vlzMayi6i3RZgvHWPjtTwmD8
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 24 Oct 2021 02:17:47 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDMzYjE4MC0zNDcwLTExZWMtOTJlZi0wNjNjOTUwY2QxNTY%3D&google_push=AYg5qPK7sBqxul2EzwWIap2KkMdRNexlGhnZEB-8hix0sIZ6SjMK5Vn7ECjy7HP-1xR1t6Lf_hQncW_vlzMayi6i3RZgvHWPjtTwmD8
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1649 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbvCHiA9YuNrwVNEvuJyHv7F3MSQxa2ExtWGVf3GJSIylhAGxEFOZR4Vk0OlYJ1dImwcf6QA
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame A027 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcWDLScJ0Yay5PJDO3gPk0JzoAwAAAAA4AeAEAg&bg=!y8ilyIzNAAbUs_yW1LM7ACkAdvg8WuctbDVTUD-nIzPsWmg3qNI5KWX6Do9qXyy-tSIRjHuX-k-l5AIAAAGvUgAAAH1oAQcKAEMAvPrFAPRzUTiPtsk9T6C5CjtSj_xH3BXxgVGuzgjAksej4IQCxoBfRTjGr42YL8lFc8TtKmfCC9HFsTPbovPuIlz5mQMOy5NFkBzd0FalVMWdlOLc5aV65n3vWZCJFglA5V0JhugXK10vjM1XP8dxYGMY0wVzsLXylW96r9e8rDxkn2z9NyCAj38pA_kuo-3fhC5lvQX7C7X1vq1OFhwjN2Qhn6Tk9HMb9T78YNjMwTU_fgGElzC5KxgA96ep8l3D4Ar5TcZgPAcSq45cPOv1HujaQ4Q9sB7wuq-aGI07FxIjd0rT7imISoblLLDeElroLLiCynp_CKCLA33xUADBTHwR-dSN7cUltnHP9pm6STaxFZJ0snqS5TNk0woQUYYHfFPr0eTKvYYMaN1navNi2lL2awvVBsC9v3-OfYzZoEFKzCTAeoRRbucK4GYAlazs1p65QibnAHxfS0cjZ6dgKchDY6Xq0xUPY0z0q_LkFp9ngTLUMF-HD7tAhEMk_2VqLp3L4SLE-if2FnoQdlWaKfOpuWfjtQ1RdS5L84j3a6QOp9aiXfozAdJSUXU2PX0YvSAhPgHqDubPLheUq4VbL2QE0vLas2PLdE8RtP_m4XuQlqwG4krgLFUyRhc9COTw-nKNiB-iO41IHobqgGXWHGZmF6G_kTXKLleK84Ek16pNWfP7eqvbxCOADvKYwD-C4TjpJylh7GdF_Yspizfn6thffcqgV5iuEs8D5lxQAh22OqPIUyZI0RUK3diRNlJTH3IOjBW6QjAPr2wRFXnbqTHrXAywcD7WjmP8GktRSZhwMS-Y7QlyGk1va-xyfVfFBsteSKxJGy-3dyk58nKI4QxUlfDeEtBAyubD08swzazPagIMuIYPIPj76pbFwONp0XOQJ-Des3K8vb-26zQdLqAAz9AWl7VeSaBsuyYOyNUqaQK787Rbkj6r641TzBMg_2lVd-uC0uUOq-sWtSIvQh4aeueYQuNOju5yA8PHLC57L3CjKoowOcI04_S3lzHSPcbnwam-4-dHBjqFjWOTzReA_DY6D71ri-Q641sybDla-_r3-iA6RPM4moDV6qYaw8pcHvNsbGk0XoswAIQmLcaL9lDPl58MAO3ii5yA4K53ebo
Requested by
Host: ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
URL: https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.gif
tracker.growthbuddy.app/ Frame 7310 		42 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.growthbuddy.app/i.gif?i=DV-03208677192456309823&dgr=display_programmatic&dch=Sportradar&dca=6380
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.194.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-194-236.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:47 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
usersyncs
tags.feedad.com/1/ Frame 7310 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=58a8e0ca-af7d-4a65-8ec1-df7b59093f72
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.21 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2615.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cloud-trace-context
683b1243de7db3a68f047bc8b66e19a2
cache-control
private
server
Google Frontend
content-type
image/gif
date
Sun, 24 Oct 2021 02:17:46 GMT
content-length
42
expires
Sun, 24 Oct 2021 02:17:46 GMT
merge
ce.lijit.com/ Frame 7310
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=58a8e0ca-af7d-4a65-8ec1-df7b59093f72
  • https://ce.lijit.com/merge?pid=26&3pid=a0f4b49e-dfc8-425f-8703-ddb73350e265
0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=a0f4b49e-dfc8-425f-8703-ddb73350e265
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=a0f4b49e-dfc8-425f-8703-ddb73350e265
Date
Sun, 24 Oct 2021 02:17:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersyncs
api.feedad.com/1.1/web/ Frame 7310 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=58a8e0ca-af7d-4a65-8ec1-df7b59093f72
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cloud-trace-context
5d3773bc9e60a1a157c95fe4a4887f98
cache-control
private
server
Google Frontend
content-type
image/gif
date
Sun, 24 Oct 2021 02:17:46 GMT
content-length
42
expires
Sun, 24 Oct 2021 02:17:46 GMT
youronlinechoices_icon.png
eu.sportradarserving.com/ Frame 7310 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/youronlinechoices_icon.png
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.46.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-46-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Cache-Control
max-age=86400
Last-Modified
Wed, 20 Oct 2021 08:07:36 GMT
Connection
keep-alive
ETag
16347172561319
Content-Length
1319
Content-Type
image/png
EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGh...
eu.sportradarserving.com/mimp/ Frame 7310 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/mimp/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.46.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-46-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
servedby.flashtalking.com/imp/1/152991;5601749;201;jsappend;Sportradar;DESportsFeedSportradarWhitelist300x250/ Frame 7310 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/152991;5601749;201;jsappend;Sportradar;DESportsFeedSportradarWhitelist300x250/?ft_c1=&ftOBA=1&ft_domain=ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com%2F&gdpr=1&gdpr_consent=${GDPR_CONSENT_78}&us_privacy=${US_PRIVACY}&cachebuster=161145.58235790933
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app18.frk11 /
Resource Hash
9f3dc4f48a7a0029c81d6a46c1076c5024244da17edc506aef3e4c253398f06b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:46 GMT
Server
prod-xre-app18.frk11
X-HW
1635041866.dop133.fr8.t,1635041866.cds157.fr8.shn,1635041866.dop133.fr8.t,1635041866.cds203.fr8.sc,1635041866.cds203.fr8.p
Content-Type
text/javascript
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1843
Expires
Fri, 01 Jan 1990 00:00:00 GMT
j-5601749-3529778.js
cdn.flashtalking.com/xre/560/5601749/3529778/js/ Frame 7310 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/560/5601749/3529778/js/j-5601749-3529778.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/152991;5601749;201;jsappend;Sportradar;DESportsFeedSportradarWhitelist300x250/?ft_c1=&ftOBA=1&ft_domain=ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com%2F&gdpr=1&gdpr_consent=${GDPR_CONSENT_78}&us_privacy=${US_PRIVACY}&cachebuster=161145.58235790933
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
5cc4622c9470f0c03160dd59420edaca77a3a1f6b9cbb0248fb70e140d2b4e7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Sep 2021 14:53:12 GMT
Server
Flashtalking (AKA)
ETag
W/"856a0d393aacbad08316a80a141bf255"
Vary
Accept-Encoding
X-Varnish
1028271516
Cache-Control
max-age=384
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Content-Length
23920
Expires
Sun, 24 Oct 2021 02:24:11 GMT
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:47 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Oct 2021 02:17:47 GMT
dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=*;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F
adservice.google.com/ddm/fls/z/ Frame 46C4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=*;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F
Requested by
Host: 6517501.fls.doubleclick.net
URL: https://6517501.fls.doubleclick.net/activityi;dc_pre=CLC6qs394fMCFZSS3godEcwDIw;src=6517501;type=invmedia;cat=t4azj4zi;qty=1;cost=fakty.com.ua;ord=%2Fua%2F;gtm=2wgak0;auiddc=1067915057.1635041867;~oref=https%3A%2F%2Ffakty.com.ua%2Fua%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://6517501.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://fakty.com.ua
Date
Sun, 24 Oct 2021 02:17:46 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
syncframe
gum.criteo.com/ Frame 0615 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=fakty.com.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=fakty.com.ua
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fakty.com.ua/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2333
set-cookie
uid=875bb6fe-2ab0-43e1-8a36-0b93a8d9cdcd; expires=Fri, 18 Nov 2022 02:17:46 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sun, 24 Oct 2021 02:17:46 GMT
content-length
4683
publishertag.prebid.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:47 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:24 GMT
server
nginx
etag
W/"615af4d0-1535c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Oct 2021 02:17:47 GMT
iframe
c.bannerflow.net/scripts/ Frame 90EA 		1 KB
986 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5601749/3529778/js/j-5601749-3529778.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
334b0a97ec6bd9277f5e2e9ccee5c95026a43510900d2b3b3ac8d448c8bdf903

Request headers

:method
GET
:authority
c.bannerflow.net
:scheme
https
:path
/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://eu.sportradarserving.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/

Response headers

date
Sun, 24 Oct 2021 02:17:47 GMT
content-type
text/html
content-md5
O1ygtjalgtxvBklW+VAa0A==
last-modified
Tue, 12 May 2020 17:45:55 GMT
x-ms-request-id
7b7d5558-801e-0098-7b7d-c8cd47000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6a2fb5f5edd3f9ce-PRG
content-encoding
br
score.min.js
js.ad-score.com/ Frame 7310 		309 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5601749/3529778/js/j-5601749-3529778.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
/
Resource Hash
894c264313b9111a1f100d79b9e92ec8c253a0942508d14eedcada6bb192c24a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 22:04:41 GMT
Content-Encoding
gzip
Age
15186
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Sat, 23 Oct 2021 22:04:41 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
mkiV-VAB4nYtUEY0EuhPWmNs3ZyU8Kz8z3uf9HLR-YTU_vkauc1g0g==
Expires
Sun, 24 Oct 2021 22:04:41 GMT
moatad.js
z.moatads.com/betwayglobalftdisplay906661272790/ Frame 7310 		298 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/560/5601749/3529778/js/j-5601749-3529778.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c4eacfcc5aaba64ab7a309dd1fba55f10547d422d299c967e12b26d2a953db72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:47 GMT
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 15:11:53 GMT
server
AmazonS3
x-amz-request-id
5TP91M9QAS1BENYT
etag
"1420adef9d369f9b3a2aeb9f2f7d6946"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=40603
accept-ranges
bytes
content-length
103047
x-amz-id-2
9d/UIFu7yQgfSvcrNWHo+N2xndC2butjAfjss8CgfAKxHIjGZ8blmz5SKBahx8ihe3n7XmQXS1w=
iconc.png
secure.flashtalking.com/oba/icon/ Frame 7310 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:47 GMT
Last-Modified
Sat, 12 Apr 2014 19:14:32 GMT
Server
Flashtalking (AKA)
ETag
W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish
561592233 535945524
Cache-Control
max-age=2012245
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1308
Expires
Tue, 16 Nov 2021 09:15:12 GMT
json
gum.criteo.com/sid/ Frame 0615 		454 B
534 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=fakty.com.ua&sn=ChromeSyncframe&so=0&topUrl=fakty.com.ua&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=fakty.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9ed678762f29adc6d5ba32e6b5531c5d7dca977d265c60c80fa754eadebb1106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=fakty.com.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 24 Oct 2021 02:17:47 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2128
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A25 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWa2HSsJ0YbDkF5LZ7_UPg6CP6A4AAAAAOAHgBAI&bg=!Y2ClYCTNAAbUs_yW1LM7ACkAdvg8Wsw0XubDyxsYnubjzy0E_Nu4a0eH7A5naQgSgtKrOKiNfyZo1AIAAADoUgAAABpoAQeZAwHs7-d9hZj205VMkXoAi0soKX8nFVDcBI0fJXkbamgrLDMokfrVd0mpcEQEQEa_UsQKbsR8Ttrrq7Yw7eYbpLznKeIxtx2mZbAv7eQU-JI7D4b3y0TQhO5MPvSXvX8YR9aL1EzMqPeetsLtnv-0r7sf4d9zK2gWfoGA4sDREBsplM6f-QCp8cPd_mKevCVylo_EpMnJM0VOU1c_oU4SzckFMBaXNHYxuIloCiS06jWckGcCszNuHky0mM3b4SVh-c0zdwG5tdceLvpDCsaYOjOXOrcuj7vqtMa9om96lhFQk3pqhGs-h3I1WQ9IJlSg40tBa1_LF8POKa2Yl1vYgiL3hgxFiSEyQ63v80f-eJ7ta5tLEnvOqzOMVW1DVy0OtXeA2YO5IsUmxG9X5iFnnrKvdkaKivstHSKVl7UvD9xDeEkxTaTIwb6bxxkiZJoJ78_6OiNK1F-7qA6KOBOMvyF18gwPny7Ux28n_5VeDyQyocSIf_R0UDqMyJ5Pt8wKbW56PoHY8NPCv2dbecc5LIBupin6EaE7x55cWW84YvR5JPL17VSOpm3j6oYmiRru6HVUJzrvaORG5keL7p-cjQsbrvUIUS5m6lfYl67tEbQvsjJ7Fkhx7Psd8s6ht5BYZ6_di7mL8Zd1TcBdo_s94ehXyGFLxH__NbHYpMZa56VYMnMZTCRk0zMKdUPgYI0WFx8FkgmCIsvhsndgw2zuX4giwyymVxyP3h74p3pMiG7INkBNDhE-e0CFOgj0gXTvOvapFX0ioUNrz1I0NN7FGcW_VVTSkD9MlgmqpWAT0xrLbXIZYejfO3LU-DmrwwT-Uime8s7w50LbFc7nXQSticW2Nue7P5M_4xTKRxjg-nzWMHOZ-lRfA_QYZ1wX-xt1Mq2csQU3X6eXzUB952VMnZ2A6cSF4EMwixRrbZElw1-tyUlaWSIj2iupKxcCRyjj3QpHQ64v7gjUj5Xrfi6YXm3-DjdfdcfBUGrNqyNAdfEg5polY6VnCxBddcb2DCnCT6MN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 045C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ1W3SsJ0YeX3F5aKjuwP6vGl8AoAAAAAOAHgBAI&bg=!ammlaS3NAAbUs_yW1LM7ACkAdvg8Wl_MBjXwVjIHyfv4LIJma5QdnYxZH2fNUGD5F6VZCd3Tuji_uAIAAAD-UgAAAAxoAQeZAwsaJ_y4RfcFBILIxnA0SkB38Elu23Qlg0a0f7AkC1GuOmPuVPsKnZ6Qf3LXU1oEFN25fOveFzUfcq0h0p3Gn9qoQQUWXQ5BFySUtGcLFKNEfFv2y6OfZ3PKWiva2wwlnivJUAvWwTTyczKhiQls_eRaxMkQMHlox3Eh-rWyxOCgPytSAvdJbZwEZFQ1WeI7gFR6xTmRsp4gn-X8Kw7gclOvA_zyJa25oliNyxtIwZxbF39pei_w0XkPH6WVoG8EM9Uhd0gkmgzqYEhh9OKqPA5HZ-NueW_b_kxOme6uh6z3d0Lf452pioZ_cc2aWgADW1hlRY6XxvY_TrWVsmPL5TpXjm5_4Sjlm1vFWAmIBwHGkPWxd1Pe9yIk0egePuc4jJniMSqKojhqHOTBr8dLihCtmxGvivZ-Bpw9MUE0B5OuFrWjt0wrnAxnG4Xfz1blPBCEcd9Ue-HNeHmaXsx1vFw-NTcvAFR07KWqNloecYzGUXewvL96yRhR2gsCRD5LXmla9KNLwjMhYsaBGOTiUKfcBEGpPubIjmHcECH2R4OQ8ttOWc9JF-VFrCb1xf0nFl6AYPFu3zzY0Ojx7LXdWLguAq7hpn5WwKNF_RcIt4WG8OJQoTYZx9QIFwkxQU0_u5Us4elfbuHDTsS7sxPhGf8Y2qNvDRCEUomLJFVS7aRG0AdozgWQlV24Ojq6nzicaXRy3sXuSvCgRvSTgtVUYzhCvlP-i7s-4r2iJ-pPXn7Gqm_tZv6GR56tUNdIoMfQPyjFQWgHHmi-0_PA4u_q-yt69HjS42Ifmd_VcbhG-k2rz2MVD01eiq7JOhwt4EeDIA7oPlY3LAqrsCPBySRmgfp9x3CgggNoX90jt0cdgBPfhkO4zkuRbHX7cQbxc2tN3u9Y7998xfOI9MJ4w7kbv8sawkTVntVJNgQXjNx8fiw4AXZMDJFOevKtLuoAgzWDi8sQTxfNy82lH1KYhuud3s-6uSAzxqroOFjJkdCZAOaYu30DDU1dN52bxwVguMJUkg-toMju2PYFq8wVYQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 7310 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=BETWAY_GLOBAL_FT_DISPLAY1&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com&lp=https%3A%2F%2Ffakty.com.ua&t=1635041867197&de=273114503311&m=0&ar=fb6a7277fce-clean&iw=665a3d2&q=2&cb=0&ym=0&cu=1635041867197&ll=2&lm=3&ln=1&em=0&en=0&d=152991%3A17602%3A5601749%3A3529778&zMoatMMStrategy=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ffakty.com.ua&id=0&ii=2&bo=fakty.com.ua&bd=fakty.com.ua&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=betwayglobalftdisplay906661272790&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A195&fs=194999&na=101713734&cs=0
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Oct 2021 02:17:47 GMT
cors
data.ad-score.com/data/ Frame 7310 		60 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=tAjrOTtNdSJMzjcLmipPsRhGkblTxQYa-FE7fPshldVrlKDkf03zKFEzH-E0zCOc1lbVTqNw==&pm_ct=e682b8c94ddcb922ff1e893b&pm_pl=1635041867296&pm_td=6&pid=1000791&en=1.1&callback=__pm_glbl_58fiCfP6kwnMAbvFAARS2UoW._gc1&tt=g&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
9384dd9fc80d461454b510f8ac38dc78c212ed3330958e2d52ab07bb6c327a70

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:47 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://eu.sportradarserving.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
60
truncated
/ Frame CB88 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7310 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
6ddb894d-c2dd-4a28-a5bf-f510501dc06c
https://eu.sportradarserving.com/ Frame 7310 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://eu.sportradarserving.com/6ddb894d-c2dd-4a28-a5bf-f510501dc06c
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ Frame 7310 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=tAjrOTtNdSJMzjcLmipPsRhGkblTxQYa-FE7fPshldVrlKDkf03zKFEzH-E0zCOc1lbVTqNw==&pm_ct=e682b8c94ddcb922ff1e893b&pm_pl=1635041867296&pm_td=134&pid=1000791&en=1.1&callback=__pm_glbl_58fiCfP6kwnMAbvFAARS2UoW._gc2&tt=g&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Sun, 24 Oct 2021 02:17:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ Frame 7310 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 7310 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by
Host: eu.sportradarserving.com
URL: https://eu.sportradarserving.com/ul_cb/content/EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS/$%7BCLICK_URL_ENC%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.99 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-99.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 24 Oct 2021 02:17:47 GMT
Last-Modified
Thu, 11 Feb 2021 15:39:51 GMT
Server
Flashtalking (AKA)
ETag
W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish
341936028
Cache-Control
max-age=442
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
5953
Expires
Sun, 24 Oct 2021 02:25:09 GMT
610a763b724914584bfe5833
c.bannerflow.net/a/ Frame 90EA 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/610a763b724914584bfe5833?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426bbbd7be9ea9e6abd9ee63173b0d50fcfde33a491734fd3f1e4af997e28f39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cf-ray
6a2fb5f7aed3f9ce-PRG
link
<https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/977856/1201197/preload.jpg>; rel=preload; as=image
request-context
appId=cid-v1:8ccc0d93-c9cf-4965-a9de-1823f9df557e
preload.jpg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/977856/1201197/ Frame 90EA 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/977856/1201197/preload.jpg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ddc6b2168fc4206d6bde693e44fe3ec45725ccfacae6ca5c32f657b0cd988d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:17:47 GMT
cf-cache-status
HIT
age
51323
content-length
5833
x-ms-lease-status
unlocked
last-modified
Thu, 05 Aug 2021 07:24:10 GMT
server
cloudflare
etag
0x8D957E204A36783
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
559a5538-101e-001c-2505-c8bf46000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6a2fb5f7fef4f9ce-PRG
cf-bgj
h2pri
cors
data.ad-score.com/data/ Frame 7310 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=tAjrOTtNdSJMzjcLmipPsRhGkblTxQYa-FE7fPshldVrlKDkf03zKFEzH-E0zCOc1lbVTqNw==&pm_ct=e682b8c94ddcb922ff1e893b&pm_pl=1635041867296&pm_td=205&pid=1000791&en=1.1&callback=__pm_glbl_58fiCfP6kwnMAbvFAARS2UoW._gc3&tt=g&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Sun, 24 Oct 2021 02:17:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
pixel
c.bannerflow.net/tr/v2/ Frame 90EA 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a763b724914584bfe5833?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Oct 2021 02:17:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6a2fb5f81f00f9ce-PRG
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
cors
data.ad-score.com/data/ Frame 7310 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=tAjrOTtNdSJMzjcLmipPsRhGkblTxQYa-FE7fPshldVrlKDkf03zKFEzH-E0zCOc1lbVTqNw==&pm_ct=e682b8c94ddcb922ff1e893b&pm_pl=1635041867296&pm_td=307&pid=1000791&en=1.1&callback=__pm_glbl_58fiCfP6kwnMAbvFAARS2UoW._gc4&tt=g&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Sun, 24 Oct 2021 02:17:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
v3_266844_811.json
player.adtelligent.com/prebidlink/2725069/ 		158 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2725069/v3_266844_811.json?cb=fakty.com.ua
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/wrapper_hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0087c22fe48679e78168ae8dcf25ee2dc52102fbdb9f0fb55ac1ed2441c1318b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:47 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 09:28:43 GMT
server
nginx/1.18.0
etag
W/"6172844b-27976"
content-type
application/json
access-control-allow-origin
https://fakty.com.ua
expires
Sun, 24 Oct 2021 03:17:47 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
cors
data.ad-score.com/data/ Frame 7310 		1 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=tAjrOTtNdSJMzjcLmipPsRhGkblTxQYa-FE7fPshldVrlKDkf03zKFEzH-E0zCOc1lbVTqNw==&pm_ct=e682b8c94ddcb922ff1e893b&pm_pl=1635041867296&pm_td=409&pid=1000791&en=1.1&callback=__pm_glbl_58fiCfP6kwnMAbvFAARS2UoW._gc5&tt=g&v=e6b1558
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://eu.sportradarserving.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://eu.sportradarserving.com
Date
Sun, 24 Oct 2021 02:17:47 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 50D1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzjznJ8QwNknPioaSG1gnNM60v64enblgXjwQ1uSBA-CnpamJPb_rSSDXVmEdLKvdGtRdpvukfRaDN-dVLC2DU7GSCNi5A1PQO0ubwoI4TIecdHglqMA&sai=AMfl-YQnPOvey9psodPgJWg-VjXmopt5TBWRibHjIImCmhzW3Q1RCbnFv6_EGtPuMpuQQblCbez1eTuqyjElnj2seyg0-5r8TwFjOjTXWVEt5SInvYci0dtefkD_Prrp&sig=Cg0ArKJSzNZ9-cU_kZh5EAE&cid=CAASEuRozeULtSb2oMKGSSRMNQP-ng&id=lidar2&mcvt=1000&p=759,990,1363,1290&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0.73&if=1&app=0&itpl=20&adk=4077173607&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635041865856&rpt=837&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 50D1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEtBe2_Gmd7aiFNeopDb2dhzn0BQxwGlUB9-fmlH4IzsuSnGTDkRr6OIwx2BEdp5A1ugq9xb5TJndiH3pQolL6LvWNpmGj&sig=Cg0ArKJSzAC0ftHDTN0PEAE&id=lidar2&mcvt=1001&p=0,0,600,300&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0.74&if=1&app=0&itpl=32&adk=3346616624&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635041865856&rpt=839&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 7310 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fc.bannerflow.net%2Fscripts%2Fiframe%3Fdid%3D5dc013805badb900016a47c1%26deeplink%3Don%26a%3D610a763b724914584bfe5833%26redirecturl%3Dhttp%253A%252F%252Fservedby.flashtalking.com%252Fclick%252F1%252F152991%253B5601749%253B3529778%253B211%253B0%253Furl%253Dhttps%253A%252F%252Fsports.betway.de%252Fen%252Fsports%252F%253Fs%253Dbw213892%2526a%253DDDR3259481681987463%2526utm_medium%253Ddisplay%2526utm_source%253DSportradar%2526utm_campaign%253DFeed%2526utm_content%253DAlwaysOn&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=512899041&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Doz9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-prb1JxNzs6uFgA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ffakty.com.ua&id=0&ii=2&f=1&j=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com&lp=https%3A%2F%2Ffakty.com.ua&t=1635041867197&de=273114503311&cu=1635041867197&m=569&ar=fb6a7277fce-clean&iw=665a3d2&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A846%3A195&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=108&cd=0&ah=108&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5601749%3A3529778&bo=fakty.com.ua&bd=fakty.com.ua&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=1069120856&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Oct 2021 02:17:47 GMT
bsevent.gif
tps20511.doubleverify.com/ Frame 50D1 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=9fed8a8218b14218b252cb2788b02b57&pltfrm=Linux%20x86_64&cbust=1635041868195719
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/23/2021 2:17:48 AM
json
gum.criteo.com/sid/ 		419 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffakty.com.ua%2F&domain=fakty.com.ua&cw=1&pbt=1&lsw=1
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9de070417ee9ce3e7dbfafdeabee582c7c5891d26f4ddc837792e2bd2e4f389c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 24 Oct 2021 02:17:48 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fakty.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4447
expires
0
692.json
id5-sync.com/g/v2/ 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454178/hb_266844_811.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.234 , France, ASN16276 (OVH, FR),
Reverse DNS
p36.id5-sync.com
Software
/
Resource Hash
462e1ccc24fe81543ba245c2ef6a17bb883a026f3b012dac8e9211b3bd4a1783
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://fakty.com.ua/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://fakty.com.ua
Date
Sun, 24 Oct 2021 02:17:48 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffakty.com.ua%2F&domain=fakty.com.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://fakty.com.ua
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://fakty.com.ua
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1552
date
Sun, 24 Oct 2021 02:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
widget.81c6784b5877a281166d.js
c.bannerflow.net/scripts/ Frame 90EA 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/widget.81c6784b5877a281166d.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a763b724914584bfe5833?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
407837d8c439977d467f0868cc7be102ffbe3e0d354b3375cbf5d60804d98fd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:17:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
iPO6K46q8/CbzZoIAMTVog==
age
7151862
cf-polished
origSize=19905
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 12:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d043c31-a01e-0044-4271-876719000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6a2fb5fe4991f9ce-PRG
cf-bgj
minify
feed.72c1100847dd73ecbd0a.js
c.bannerflow.net/scripts/ Frame 90EA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/feed.72c1100847dd73ecbd0a.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a763b724914584bfe5833?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09a1035ead5512982d8e543a9f0ca11d44a49f301e105236bd0f32cf6da3e120

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:17:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
mCALpUEGzShtLdm5CRhzxA==
age
7408730
cf-polished
origSize=5343
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 12:49:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
28f03ba1-f01e-0082-641b-85ac98000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6a2fb5fe4993f9ce-PRG
cf-bgj
minify
document.e4e483d547.js
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/977856/1201197/ Frame 90EA 		102 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/published/977856/1201197/document.e4e483d547.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a763b724914584bfe5833?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fab94395b66f99fdc9bba708bea730318702f8497ab1875639c784815f4106

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:17:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
5OSD1Ufdjip2ofm+p0oLdg==
age
51323
cf-polished
origSize=108225
x-ms-lease-status
unlocked
last-modified
Thu, 05 Aug 2021 07:24:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
494af8c5-501e-006f-7705-c8e7d5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6a2fb5fe4994f9ce-PRG
cf-bgj
minify
animated-creative.3e2f59a6b242873c0282.js
c.bannerflow.net/scripts/ Frame 90EA 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.3e2f59a6b242873c0282.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/610a763b724914584bfe5833?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21e8894208f8d634fc7efcad5afa5d3bef4a18a9525d01392cddb6b808691c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:17:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3uwMcSr/fpqz/DEHIqBWYw==
age
7408730
cf-polished
origSize=133712
x-ms-lease-status
unlocked
last-modified
Thu, 29 Jul 2021 17:12:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
837205d7-401e-0011-771b-857792000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
6a2fb5fe4995f9ce-PRG
cf-bgj
minify
truncated
/ Frame 90EA 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/webp
60d0815c37670160b4539414.json
c.bannerflow.net/sfeeds/581701278d987c10bca61aed/ Frame 90EA 		15 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/sfeeds/581701278d987c10bca61aed/60d0815c37670160b4539414.json
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/feed.72c1100847dd73ecbd0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6422cc1b8d3ec7610b4d1babfbe5a65b96eb9a0aada81e844423cbe7c80d5d10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=15, stale-if-error=28800, stale-while-revalidate=28800
cf-ray
6a2fb5ff6a03f9ce-PRG
request-context
appId=cid-v1:75ea8019-1544-4ba8-a6db-e73bdcff9d5b
font
c.bannerflow.net/fs/api/v2/ Frame 90EA 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F7b49bac3-4e85-4c34-b3ea-72a1852603f7.woff&t=%20%24%2C%2F012356%40ABCDEHINORSUZkmnortux%C2%A3%E2%82%AC%E2%82%B9
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df35e3fd1bfa989bc9d40d5fbade2bfe0e7fb988075904e0466bf2f686e98cf

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:48 GMT
cf-cache-status
HIT
server
cloudflare
age
6581805
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=7b49bac3-4e85-4c34-b3ea-72a1852603f7-subset.woff
cf-ray
6a2fb600aa86f9ce-PRG
expires
Mon, 08 Aug 2022 22:01:03 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 90EA 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F8586c66f-7c84-4e0e-881c-e8dca530b008.woff&t=%20%26%27%2B.18%40ACEGKSTVacdeghijklmnoprstuvxy%7C%C3%A4%C3%A5%C3%BC%D8%A3%D8%A7%D8%A8%D8%AA%D8%AD%D8%B1%D8%B4%D8%B7%D9%82%D9%83%D9%84%D9%85%D9%88%E0%A4%82%E0%A4%94%E0%A4%97%E0%A4%A4%E0%A4%A8%E0%A4%AE%E0%A4%AF%E0%A4%B0%E0%A4%B2%E0%A4%B6%E0%A4%BE%E0%A4%BF%E0%A5%82%E0%A5%87%E0%A5%8D
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34d57d392d7551efdc28d9b2a0f39e70b87c98a900697f99d8172b10a722c3d

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:48 GMT
cf-cache-status
HIT
server
cloudflare
age
4660122
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=8586c66f-7c84-4e0e-881c-e8dca530b008-subset.woff
cf-ray
6a2fb600aa87f9ce-PRG
expires
Wed, 31 Aug 2022 03:49:06 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 90EA 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F581700858d987c12245d04b2%2F42eeb52d-4ab8-44ad-9b90-6a5b55a7192c.woff&t=%20%27%40ACDEGIJKLNOPRSTYetx%C3%96%D8%A5%D8%B6%D9%85%D9%86%E0%A4%82%E0%A4%95%E0%A4%9C%E0%A4%9F%E0%A4%B0%E0%A4%B8%E0%A4%BF%E0%A5%87%E0%A5%8D
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f360d8445f981c17aebd6ae0f704bef60a817221aac324e8f54d7df4513bbbb5

Request headers

Referer
https://c.bannerflow.net/scripts/iframe?did=5dc013805badb900016a47c1&deeplink=on&a=610a763b724914584bfe5833&redirecturl=http%3A%2F%2Fservedby.flashtalking.com%2Fclick%2F1%2F152991%3B5601749%3B3529778%3B211%3B0%3Furl%3Dhttps%3A%2F%2Fsports.betway.de%2Fen%2Fsports%2F%3Fs%3Dbw213892%26a%3DDDR3259481681987463%26utm_medium%3Ddisplay%26utm_source%3DSportradar%26utm_campaign%3DFeed%26utm_content%3DAlwaysOn
Origin
https://c.bannerflow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:48 GMT
cf-cache-status
HIT
server
cloudflare
age
1667037
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=42eeb52d-4ab8-44ad-9b90-6a5b55a7192c-subset.woff
cf-ray
6a2fb600aa88f9ce-PRG
expires
Tue, 04 Oct 2022 19:13:51 GMT
optimize
c.bannerflow.net/io/api/image/ Frame C1D7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F20cab9ff-0a31-4bdd-aa36-158bf65b11e2.png&w=265&h=244&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4adc40b4647f46439e91c0d4e18b9d1eb31bb4ac508738f30c1d01c21a097709

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:49 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
54072
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a2fb6017ae0f9ce-PRG
content-length
6166
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame C1D7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F4c6de1ad-d601-48a5-9972-5021d9ef3580.png&w=174&h=46&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a66c5283ebe3ee7b19dba7652d6244393e0bc63f30d125e78f5afeff9c372a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:49 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
54072
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a2fb6017ae9f9ce-PRG
content-length
3256
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/ Frame C1D7 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/betway/581701278d987c10bca61aed/images/60247ad2-a231-4d4d-b281-7cee8fd1d189.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 24 Oct 2021 02:17:49 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7YVF1fdK2DQLVpofOPigCA==
age
4456
x-ms-lease-status
unlocked
last-modified
Wed, 02 Jun 2021 09:28:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f921f526-e01e-0008-16a0-8cf729000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
cf-ray
6a2fb6017aeaf9ce-PRG
optimize
c.bannerflow.net/io/api/image/ Frame F77D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F66c5215e-3391-40f5-b752-172bd9c82d61.png&w=346&h=314&q=90&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0d76560b893b128b8c4ef913babdd68aa3325eba9542c2e5e46cb89c575cff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:49 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
51322
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a2fb601eb4af9ce-PRG
content-length
13070
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F77D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fbetway%2F581701278d987c10bca61aed%2Fimages%2F66c5215e-3391-40f5-b752-172bd9c82d61.png&w=346&h=314&q=90&f=webp&rt=contain
Requested by
Host:
URL: widget-83f6f8ff-ca1c-4b17-af0b-50db28ab32c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.12.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0d76560b893b128b8c4ef913babdd68aa3325eba9542c2e5e46cb89c575cff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 24 Oct 2021 02:17:49 GMT
cf-cache-status
HIT
api-supported-versions
2.0
age
51322
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
6a2fb6020b54f9ce-PRG
content-length
13070
server
cloudflare
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
event.png
tps10239.doubleverify.com/ Frame F40C 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10239.doubleverify.com/event.png?impid=3eda1001d175490eb1d0d92ea504d12e&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=58&vdur=327&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=8&tetms=7&msltms=11&vltms=327&sei=289&vetms=27&engms=1&engisel=1&ttfurm=2358&cbust=1635041869141899
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:49 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:49 AM
event.png
tps10278.doubleverify.com/ Frame 6755 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10278.doubleverify.com/event.png?impid=32857f8112a549bc8c75c72d85a07f25&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&dvp_t1stMsgD=29&vdur=265&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=8&tetms=7&msltms=10&vltms=265&sei=290&vetms=29&engms=1&engisel=1&ttfurm=2298&cbust=1635041869144219
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:48 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:49 AM
event.png
tps10278.doubleverify.com/ Frame FCE7 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10278.doubleverify.com/event.png?impid=71b847bb70974ee7b68a50dfc46f152a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=87&vdur=342&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=8&tetms=7&msltms=20&vltms=342&sei=289&vetms=31&engms=1&engisel=1&ttfurm=2392&cbust=1635041869145721
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:48 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:49 AM
event.png
tps10236.doubleverify.com/ Frame 9C13 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10236.doubleverify.com/event.png?impid=3ff9c2ad9beb4eecb2fe2923dc7a45d8&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&dvp_t1stMsgD=19&vdur=266&eoid=8&msrjs=1800&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=8&tetms=7&msltms=11&vltms=266&sei=290&vetms=21&engms=1&engisel=1&ttfurm=2291&cbust=1635041869147752
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:49 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:49 AM
event.png
tps10239.doubleverify.com/ Frame F40C 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10239.doubleverify.com/event.png?impid=3eda1001d175490eb1d0d92ea504d12e&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=10&ismms=8&isumms=7&isvelg=1&nvr=6&isgmmims=7&isgmv4mims=7&elmtp=6&isbxdms=2407&b0=100&b8=2603&adhgt=600&adwdth=300&norwdth=300&norhgt=600&engisel=1&vsos=7&dvp_vsosnmr=16&lftb=2703&sftb=2703&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=907&isuiabvms=907&engalms=7&dvp_dpr=1&dvp_valpct=2&cbust=1635041870140797
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:49 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:49 AM
event.png
tps10278.doubleverify.com/ Frame 6755 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10278.doubleverify.com/event.png?impid=32857f8112a549bc8c75c72d85a07f25&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=8&isumms=8&isvelg=1&nvr=2&elmtp=3&isbxdms=2308&b0=2570&adhgt=50&adwdth=320&norwdth=320&norhgt=50&engisel=1&dvp_vsosnmr=1&lftb=2570&sftb=2570&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=50&cwdth=320&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=8&dvp_dpr=1&cbust=1635041870143585
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:49 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:49 AM
event.png
tps10278.doubleverify.com/ Frame FCE7 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10278.doubleverify.com/event.png?impid=71b847bb70974ee7b68a50dfc46f152a&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=10&ismms=27&isumms=27&isvelg=1&nvr=2&isgmmims=27&isgmv4mims=27&elmtp=6&isbxdms=2427&b0=2658&adhgt=50&adwdth=320&norwdth=320&norhgt=50&engisel=1&dvp_vsosnmr=1&lftb=2658&sftb=2658&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=50&cwdth=320&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=26&dvp_dpr=1&cbust=1635041870145218
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:49 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:49 AM
event.png
tps10236.doubleverify.com/ Frame 9C13 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10236.doubleverify.com/event.png?impid=3ff9c2ad9beb4eecb2fe2923dc7a45d8&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=7&isumms=6&isvelg=1&nvr=6&elmtp=3&isbxdms=2306&b0=100&b8=2500&adhgt=600&adwdth=300&norwdth=300&norhgt=600&engisel=1&vsos=7&dvp_vsosnmr=16&lftb=2600&sftb=2600&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=915&isuiabvms=915&engalms=6&dvp_dpr=1&dvp_valpct=2&cbust=1635041870146387
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:49 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:50 AM
bsevent.gif
tps20511.doubleverify.com/ Frame 50D1 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20511.doubleverify.com/bsevent.gif?impid=9fed8a8218b14218b252cb2788b02b57&mascid=kv4lpm7n9qhtpa06djhirg06ryn2sxg9&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=650&cbust=1635041871163792
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/23/2021 2:17:51 AM
bsevent.gif
tps20522.doubleverify.com/ Frame EFE7 		807 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps20522.doubleverify.com/bsevent.gif?impid=6c9203c85a7a4019a72eb5ea4467585e&mascid=kv4lpm8mk3t4wob5azcswnt6q63qrg0s&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=614&cbust=1635041871198960
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal99.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.11 , Ireland, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
/
Resource Hash
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
860
Expires
10/23/2021 2:17:51 AM
event.png
tps10239.doubleverify.com/ Frame F40C 		67 B
492 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10239.doubleverify.com/event.png?impid=3eda1001d175490eb1d0d92ea504d12e&gdpr=&gdpr_consent=&mascid=kv4lpm7n9qhtpa06djhirg06ryn2sxg9&dvp_masver=1800&eoid=11&cbust=1635041872243867
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 /
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:51 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:52 AM
event.png
tps10278.doubleverify.com/ Frame 6755 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10278.doubleverify.com/event.png?impid=32857f8112a549bc8c75c72d85a07f25&gdpr=&gdpr_consent=&mascid=kv4lpmqo90xen03pzhjpn2v5bzsx0udw&dvp_masver=1800&eoid=11&cbust=1635041872245613
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:51 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:52 AM
event.png
tps10278.doubleverify.com/ Frame FCE7 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10278.doubleverify.com/event.png?impid=71b847bb70974ee7b68a50dfc46f152a&gdpr=&gdpr_consent=&mascid=kv4lpm8mk3t4wob5azcswnt6q63qrg0s&dvp_masver=1800&eoid=11&cbust=1635041872246267
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:51 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:52 AM
event.png
tps10236.doubleverify.com/ Frame 9C13 		67 B
515 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tps10236.doubleverify.com/event.png?impid=3ff9c2ad9beb4eecb2fe2923dc7a45d8&gdpr=&gdpr_consent=&mascid=kv4lpmqy2wk40s0xw4h57xl0bdrkz3hh&dvp_masver=1800&eoid=11&cbust=1635041872247950
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1800.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.154.111.150 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
nycp-hlb33.doubleverify.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:51 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Content-Length
98
Expires
10/23/2021 2:17:52 AM
pixel.gif
px.moatads.com/ Frame 7310 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=512899041&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Doz9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-prb1JxNzs6uFgA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ffakty.com.ua&id=0&ii=2&f=1&j=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com&lp=https%3A%2F%2Ffakty.com.ua&t=1635041867197&de=273114503311&cu=1635041867197&m=5722&ar=fb6a7277fce-clean&iw=665a3d2&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A846%3A195&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5067&cd=108&ah=5067&am=108&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5601749%3A3529778&bo=fakty.com.ua&bd=fakty.com.ua&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=1350160472&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:52 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Oct 2021 02:17:52 GMT
/
tt.onthe.io/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=42093:time[url:%2F,device:desktop,user_id:3d9660d91.124e71932_1635041864650,cdn_version:24]&s=49834b49912a3e9ce336c729aff3d229&1635041874670
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/VQQFD6QvyvUn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fakty.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Oct 2021 02:17:54 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
dc_oe=ChMIjM71zP3h8wIVkuy7CB0D0APtEAAYACDhqf0uQhMI4Z3OzP3h8wIVjk3gCh3ylAh0;met=1;&timestamp=1635041876360;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D95C 		42 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjM71zP3h8wIVkuy7CB0D0APtEAAYACDhqf0uQhMI4Z3OzP3h8wIVjk3gCh3ylAh0;met=1;&timestamp=1635041876360;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 7310 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=BETWAY_GLOBAL_FT_DISPLAY1&ol=512899041&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BZ.jrG%3DzIR*E%24sRK%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Doz9O0QsCUp3NAjXwwClNhIVsVBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-prb1JxNzs6uFgA%3D%3D&sc=1&os=1-Jg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Ffakty.com.ua&id=0&ii=2&f=1&j=https%3A%2F%2Fee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com&lp=https%3A%2F%2Ffakty.com.ua&t=1635041867197&de=273114503311&cu=1635041867197&m=10733&ar=fb6a7277fce-clean&iw=665a3d2&cb=0&ym=0&ll=2&lm=3&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A846%3A195&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10079&cd=5067&ah=10079&am=5067&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=152991%3A17602%3A5601749%3A3529778&bo=fakty.com.ua&bd=fakty.com.ua&gw=betwayglobalftdisplay906661272790&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMMStrategy=-&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=194999&na=1302468376&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu.sportradarserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Oct 2021 02:17:57 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sun, 24 Oct 2021 02:17:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEPRnnwVCpNXvuMnw9uOfL4M&google_cver=1&google_push=AYg5qPJF9hPs-3ok9G4W_yxLaKfMKgOradaffqUQMj6o6OfoXDvTUue-mVJCjJHHRadwWlTL81fSQSiiitR3S4FdHiQnvND3y_aLXg
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEPRnnwVCpNXvuMnw9uOfL4M&google_cver=1&google_push=AYg5qPLw-X82dJluRk30N7hPEPsyWM3AIFzNHv-mF4DJfO8Bc66OxYsMQwwhTMZ6JIvfqpHp6T1wVkcW2SOXmM66O5sHHDDp1Z0tQQ

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings object| twemoji object| wp object| googletag object| vmpbjs object| vpb object| slot_background object| slot_premium_1 object| slot_premium_2 object| slot_premium_3 undefined| slot_top object| slot_footer undefined| slot_m_premium_1 undefined| slot_m_premium_2 undefined| slot_content undefined| slot_catfish undefined| slot_popup undefined| slot_lenta undefined| mobile_content_roll undefined| slot_gorizont object| slot_interstitials object| _io_config object| dataLayer string| pp_gemius_identifier boolean| pp_gemius_disable_gsync function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| __io object| ggeac object| google_js_reporting_queue object| google_tag_manager function| vmpbjsChunk object| _pbjsGlobals object| ADAGIO object| google_tag_data string| GoogleAnalyticsObject function| ga object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| script_helper object| Push_Error_Telegram object| PianoESPConfig object| ATPNs boolean| noBlock number| demwaitjquery function| democracyInit string| _io_uniques_holing_params function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| google_reactive_ads_global_state boolean| $marketing_popup object| gaplugins object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| onYouTubeIframeAPIReady object| Criteo object| gemius_gsconf undefined| $ function| jQuery object| PianoESP object| gaData object| sas object| apntag object| _ADAGIO function| gaPianoESP object| StateMachine function| iFrameResize object| GoogleGcLKhOms object| google_image_requests object| ONFOCUS object| ampInaboxIframes object| ampInaboxPendingMessages object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113

92 Cookies

Domain/Path Name / Value
fakty.com.ua/ Name: __cflb
Value: 02DiuJTyK5AAezcuXwuJJ5uNpNjb6uULzVszdSMBWftiG
.fakty.com.ua/ Name: __io_d
Value: 1_3813806733
fakty.com.ua/ Name: __io_lv
Value: 1635041864650
fakty.com.ua/ Name: __io
Value: 3d9660d91.124e71932_1635041864650
.fakty.com.ua/ Name: __io_session_id
Value: a02d811fe.f742d88a4_1635041864652
.fakty.com.ua/ Name: __io_nav_state42093
Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22fakty.com.ua%22%2C%22previousDomain%22%3A%22%22%7D
fakty.com.ua/ Name: __io_unique_42093
Value: 24
fakty.com.ua/ Name: __io_uh
Value: 1
fakty.com.ua/ Name: __io_visit_42093
Value: 1
.tt.onthe.io/ Name: io_uidd51792b4d5f7e5523e2fa6df873e8051
Value: 24
.tt.onthe.io/ Name: io_user_hash
Value: 3d9660d91.124e71932_1635041864650
.adtelligent.com/ Name: vmuid
Value: 88ccb92d6f15dcb4
.fakty.com.ua/ Name: _ga_57RZ078QNH
Value: GS1.1.1635041864.1.0.1635041864.60
.piano.io/ Name: __cf_bm
Value: dgvonkt18yi2lz7hR2bJiVEbgpS4nn.7MnqOKsGB4jQ-1635041864-0-AU8wMvHimCFez84QyPtyM7K3Yg0eu8wmmy9755O+dTEyT++WYSLJNxa8XjReikMQLq27976eWor7WNoL5+1HjuM=
fakty.com.ua/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
fakty.com.ua/ Name: _pubcid
Value: 7ac91499-c646-473b-a46d-4b5bd8dfe319
.fakty.com.ua/ Name: __gfp_64b
Value: ekG66y9CCcdhcJgqrbpre9l2lLdQ5LyFQxmX4b7u5IP.k7|1635041864
.360yield.com/ Name: tuuid_lu
Value: 1635041865
.fakty.com.ua/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.fakty.com.ua/ Name: _ga
Value: GA1.3.437685793.1635041865
.fakty.com.ua/ Name: _gid
Value: GA1.3.2121756954.1635041865
.fakty.com.ua/ Name: _dc_gtm_UA-126238864-1
Value: 1
.hit.gemius.pl/ Name: Gtest
Value: KlGkZMGGQMGGj2AsURFmYMcissGMXP8c25nSGu7AS81ng11isG..
.fakty.com.ua/ Name: _gat_UA-126238864-1
Value: 1
.openx.net/ Name: i
Value: 7ac91499-c646-473b-a46d-4b5bd8dfe319|1635041865
.360yield.com/ Name: tuuid
Value: 8c8c2100-28eb-471c-bb71-5216a39686ee
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: e59af2ad-be1e-5129-bace-2100dbbae349
.betweendigital.com/ Name: ut
Value: YXTCSQABDYg87b6twBQHuQe74UOor_Yiom3tRQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwnwYaQOmrhRqqbYb+IjI/LQRqus1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG6qEKdWU6r+VKDRWVv/VO/a+hEPPQ==
.hit.gemius.pl/ Name: Gdyn
Value: KlQ3sRGGQMGGj2AsURFmYMcissGMXP8c25nSGu7AS81ng1MiGsRPIQlGvGGpqFD8SsGT8SpGDlnaxFLWXRSG
.rubiconproject.com/ Name: khaos
Value: KV4LPLD9-H-EIEK
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqaPbiaFq+i3eNNf2K+8zQ/D0B7s2Zu2vUbxIbBwKaECAIv3JWV5HEU/rqSXTf1EY/9Kel6TaCVbbKpUjWTmmg0
.fakty.com.ua/ Name: __gads
Value: ID=f18326d55df2a747:T=1635041864:S=ALNI_MaDRCUTW7bZTdmmwJosVWO5iZK-cg
fakty.com.ua/ Name: pnespsdk_ssn
Value: %7B%22%24s%22%3A1635041865156%2C%22visitNumber%22%3A1%7D
fakty.com.ua/ Name: pnespsdk_visitor
Value: 6b7khhp80on5g10e
.fakty.com.ua/ Name: _gat
Value: 1
.adnxs.com/ Name: icu
Value: ChgI4axaEAoYASABKAEwyYTTiwY4AUABSAEQyYTTiwYYAA..
.adnxs.com/ Name: uuid2
Value: 5304773624631642469
.adtelligent.com/ Name: a319130
Value: b781b695-60ef-40d2-b56d-d361b9dfc264
.doubleclick.net/ Name: IDE
Value: AHWqTUmt5QsSbQPZEpCCxh8L70iT-N-9ONCzG4m7zOan266Qvwy6S0xYSitlvCDq5uE
.casalemedia.com/ Name: CMPS
Value: 5231
.casalemedia.com/ Name: CMID
Value: YXTCSlDhKJoRMEtkWzkrlgAA
fakty.com.ua/ Name: hbmp_cap_h
Value: eyJhZGFnaW9fbWtwIjoxfQ==
fakty.com.ua/ Name: hbmp_cap_d
Value: eyJhZGFnaW9fbWtwIjoxfQ==
.casalemedia.com/ Name: CMPRO
Value: 1114
.casalemedia.com/ Name: CMST
Value: YXTCSmF0wkoA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%5J7p]Z!@wnfH8K6pQK`!5=E<*L5?%M/f^mXukz>IGm+xAI7SP(i7#[B2??gIxodhxdP(hw9P-HC_#u#6P)a@@g
.casalemedia.com/ Name: CMRUM3
Value: 2d6174c24a2760CAESEJgUsDnULdNGLj6bjPqlJ9U
.agkn.com/ Name: u
Value: C|0EAApB37KKQd-ygAAAAAAAQAHAAAAAAF3ZGD__x4AAAAAAD79HwAAAAARfT5MAAAAAAidkV8AAAAAHQI99wA
.agkn.com/ Name: ab
Value: 0001%3AoBvQCw8k65oRGylXoSuvQBU0wcrPIzuK
.mathtag.com/ Name: uuid
Value: ef376174-c249-4200-a5e5-b63a4bf7a17b
.mathtag.com/ Name: mt_mop
Value: 4:1635041865
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22014824C2-84B9-4688-A57A-BB4947FDCB66%22%7D
.bidswitch.net/ Name: tuuid
Value: a0f4b49e-dfc8-425f-8703-ddb73350e265
.bidswitch.net/ Name: c
Value: 1635041866
.bidswitch.net/ Name: tuuid_lu
Value: 1635041866
.de17a.com/ Name: guid2
Value: 1.3998388952061943831
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_291119599_98522337_-0&ref=25124645_4307561_291119599_98522337_-0
.sportradarserving.com/ Name: zuuid
Value: 58a8e0ca-af7d-4a65-8ec1-df7b59093f72
.sportradarserving.com/ Name: c
Value: 1635041866
.sportradarserving.com/ Name: zuuid_lu
Value: 1635041866
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1635041866
.sportradarserving.com/ Name: pvc2
Value: EXM1QZypIK5fUyzplkpaJZ0FWet9HHQJpQ9-gODbRsd0vteNmzNKoeTHmXUxrd4JMzDO4bU6Bg-S6TL6TM4KmLufD5YLh6xTCZ-fDIWq5Z0tF39d4Jmw9C0JOyi_nKIKeoz9PIHTFRy-y9GY1M3i4yG4fInohXgeOkHb69969Ok0DPlvi9DaLMVakn2qM57E5zzGhBwFSEWvSU8uqV0xljeNQaswM08ZE-u0sJFa_j7jry-MGrbpX3C_4Z0jfjCD78qouS36cD83aRThbE2tdaN0Vv3J0Q82aYa5ckVyluAju74wuwMkUyHF3olVF0iOPuKraqSoV7FjqmnpgIKB2do2oafObVawdAmAtQq5_dC3qN5MDmIl9fzBDBxmXjlhEAI5S_TI_TH-eJ57447IVrfXzm8R4hCzHOGVVhoKG06rziAl6mQ_1QMnVb08qCXABJ1Ojtx9DOCppO49ORyDSepUdu01UGyq03kG4XjWI4xt1r6PhKWbvZqiZ4Ypw2JosRBBsjbVx-BPam95RZL2AYN8tGuQX23fjWn2HoJhYgqG6bJm7F3DwmmTfTB8oXGqYdZWM8CoqrrLK9bjfJ2DhZT0dBt3VFvj4DM7_sr5ndvYDJntLK8-W5JWWdgAMo2g9aTAa3F7T-WitR1NeWItggLGqG2UXZ1iqNz6lr9dLQWzu1g8RvaiaW4ptbzTXV1LEK2YQbME0nl-T071Ae0bvTEXL1O52DyUNywgoHrAsD0waDPz-mobOxF5MDZIijAALowrwk4Hh5TkOR-5PTa4D7rTYnbZUIoAlti5lbATrqlX-zxOjTvE2OSz7d7iJtXob8dGEJI4c6iRPIrW2dM_XLjPKInLwlztx9jzywHQjbvGOudq9FyA4-h8VHwVRZYw_VTfxFDd-E0cKMyMTf1nrvtUV0MrMa0LyYM13dXU7JjdS_TQJJkP0rObvq6gST0Xv8tyKUdGmaLcmZ4mLjSs8Ajq28Qr4wtntu2lyrNns8JlefVnIHPoHmwRWhrfBLmlYeaWwgCaLoJDOdGJ_TKyMvupJdMM3lSJOD9vZ0B61o3w_M-MN81g2crKKWy-JHtoKBxOxibKAgSQ5fOwesFJIOrW9mj2bjByZiDlNIEm4SKzUzEFZpZICfGD6iNl7R86-mDU89vx-R-osmQfn4v9qGZjuLERZhUQmm2pwZsR8PIbLP8HlAl6WsoN655-Swy4Yo95Gex-XLAUcFTrvtEwFIBCsERUUdLWHFJS,pEAUKGC6nhT7wCnM4wpMfQ,zA8WDZWNRnPdVLLZEmFBeA,MNjmGSind2a1B1A5UtXktg,zA8WDZWNRnPdVLLZEmFBeA,kvHnb6J8Cc4FRKr7knZHXg,zA8WDZWNRnPdVLLZEmFBeA,U6jq-n_6rENBinJDVjKfvw,zA8WDZWNRnPdVLLZEmFBeA,WPmWukykxPIP5dHUIZplhg,zA8WDZWNRnPdVLLZEmFBeA,iRFxMMc6WnFCJdw8MWRx4Q,zA8WDZWNRnPdVLLZEmFBeA,GC2YtHodDZYicqOLK8mnyQ,zA8WDZWNRnPdVLLZEmFBeA,ojE4Xe9--p0e6jWuZ3FXug,zA8WDZWNRnPdVLLZEmFBeA
.fakty.com.ua/ Name: _gcl_au
Value: 1.1.1067915057.1635041867
.lijit.com/ Name: ljt_reader
Value: 78a57c49479095fe504ac53e
.quantserve.com/ Name: d
Value: EHsBCQHHJIEA
.quantserve.com/ Name: mc
Value: 6174c24a-d49d6-e545f-1bf62
.turn.com/ Name: uid
Value: 4399651286953478445
.adform.net/ Name: C
Value: 1
.3lift.com/ Name: tluid
Value: 16128027447782228440
.advertising.com/ Name: APID
Value: UP9433b180-3470-11ec-92ef-063c950cd156
.adform.net/ Name: uid
Value: 6484653540752581524
.sitescout.com/ Name: ssi
Value: 08045dfe-3c00-4c26-b2a6-b653ffa08750#1635041866927
.feedad.com/ Name: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u
Value: 58a8e0ca-af7d-4a65-8ec1-df7b59093f72
.sitescout.com/ Name: _ssuma
Value: e30
.yahoo.com/ Name: A3
Value: d=AQABBEvCdGECEOSeXgrwVybFh3eDmI_OU2MFEgEBAQETdmF-YQAAAAAA_eMAAA&S=AQAAAuLg1wp1HPhH8hi8IlB-Rjs
.bidr.io/ Name: bito
Value: AAB5ek7C6YUAAA2ayPnA6Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.analytics.yahoo.com/ Name: IDSYNC
Value: 18wq~214q
.yahoo.com/ Name: APID
Value: UP9433b180-3470-11ec-92ef-063c950cd156
.yahoo.com/ Name: APIDTS
Value: 1635041867
.criteo.com/ Name: uid
Value: 875bb6fe-2ab0-43e1-8a36-0b93a8d9cdcd
pool.admedo.com/ Name: tuuid
Value: 590374f9-b6f8-48ec-a2ca-e6cef7a052e2
pool.admedo.com/ Name: c
Value: 1635041867
pool.admedo.com/ Name: tuuid_lu
Value: 1635041867
.fakty.com.ua/ Name: cto_bundle
Value: JdCsRl80QkdwcFNGViUyQkpqTlIlMkI4NW8wcVd1a2ptJTJCT2g2SFZ2NXU2bGowJTJGbCUyQlN3eHl3N0xvUG5EdVQlMkJ6OVhkU3JNWmh2dlpkaklqc284QkQ3TWJDMzJ3Vkp6WkxMRVVBemV0JTJGVFIzJTJCSkx5Q3kxNXBIWjFqM2dncDh4c1pMdXZEY0hmYlYyMGlTdTRrcnB6b2g3N0NRbEs5YVlnJTNEJTNE
fakty.com.ua/ Name: cto_bundle
Value: 8exYXF9OcFZ1U1ZRakJ6dnptTVhPaCUyRmllJTJCRUI2dGQlMkZETXNkZnI2VXc5ME5xTndYWkE2UzJTUm1YUkhwNEQ0YkU5N2ozSHVkMXdDclVFejJTVFU4ejglMkJ4REJZUDUlMkZhYnFYY1ByN2dydFpYUDZMR1RyM21kJTJCbnglMkZ1dmJRRFIlMkY0TjhDdlNiUHZqajd2SnpBamphck1vNFJNUjR3JTNEJTNE
fakty.com.ua/ Name: cto_bidid
Value: T4Q9-F9SRmpjamlydVpFZjd2V3lyUXJZWHd0UnNaY25jaThhYnJxUm80eFN2ZCUyRnBFTXpDaVl6ekNDdGVtcDFUJTJGY2JlN0dRVmVuWDZOSkcyUXM4SU0yN0RWeDRKVUZraklMV1lTcTVIV0FBVDZBQTAlM0Q

6 Console Messages

Source Level URL
Text
other error URL: https://fakty.com.ua/ua/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://rumcdn.geoedge.be/e7e53b81-adf0-4ad4-97e3-d9b2b97276a/grumi.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEBgCNvnUf8ldDhQ6Cwdax80&google_cver=1&google_push=AYg5qPJF7Aa1D9b2l-xi1mnaMG0o34LSHFFnmKKa1vtA0oXHURpf_Rr44DhTwbRV7g-uad1lVDmaMgSMqGEfs0CYNvrma5HJDo3s
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g(Line 578)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://js.ad-score.com/score.min.js?pid=1000791&tt=g(Line 155)
Message:
Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
javascript warning URL: https://z.moatads.com/betwayglobalftdisplay906661272790/moatad.js(Line 131)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6517501.fls.doubleclick.net
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adtelligent-d.openx.net
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
analytics.google.com
ap.lijit.com
api-esp-eu.piano.io
api.feedad.com
aws-fr.bidswitch.net
bidder.criteo.com
c.4dex.io
c.bannerflow.net
c1.adform.net
cdn.doubleverify.com
cdn.flashtalking.com
cdn.jsdelivr.net
cdn.onthe.io
cdn3.doubleverify.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
csync.loopme.me
d.adtelligent.com
d.agkn.com
d5p.de17a.com
data.ad-score.com
dm.hybrid.ai
dmx.districtm.io
dsum-sec.casalemedia.com
eb2.3lift.com
ee71aadd238a652334f8dde75fa7f15b.safeframe.googlesyndication.com
eu.sportradarserving.com
fakty.com.ua
fastlane.rubiconproject.com
files.adtelligent.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
js.ad-score.com
ls.hit.gemius.pl
mp.4dex.io
pagead2.googlesyndication.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
player.adtcdn.com
player.adtelligent.com
pool.admedo.com
portal.o2online.de
prebid-eu.creativecdn.com
prebid.a-mo.net
px.moatads.com
r.turn.com
rtb.adxpremium.services
rtb0.doubleverify.com
rumcdn.geoedge.be
s.ad.smaato.net
s0.2mdn.net
script.4dex.io
secure.flashtalking.com
securepubads.g.doubleclick.net
segment.prod.bidr.io
servedby.flashtalking.com
static.criteo.net
stats.g.doubleclick.net
sync.adaptv.advertising.com
sync.adtelligent.com
sync.mathtag.com
t.trafmag.com
tags.feedad.com
tpc.googlesyndication.com
tps.doubleverify.com
tps10236.doubleverify.com
tps10239.doubleverify.com
tps10278.doubleverify.com
tps20511.doubleverify.com
tps20522.doubleverify.com
tracker.growthbuddy.app
tt.onthe.io
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.moatads.com
google2waycm.netmng.com
104.16.12.64
104.16.190.66
104.16.240.21
104.16.87.20
104.18.2.114
104.21.52.113
104.26.2.172
104.26.8.169
108.128.194.236
130.211.115.4
135.125.163.79
142.250.184.194
142.250.184.198
142.250.185.142
142.250.185.162
142.250.185.170
142.250.185.174
142.250.185.72
142.250.185.98
142.250.186.100
142.250.186.110
142.250.186.130
142.250.186.142
142.250.186.34
142.250.186.97
142.250.186.99
142.93.100.57
143.204.98.105
143.204.98.94
143.204.98.98
146.59.10.80
146.59.30.96
147.75.38.124
162.55.6.212
172.217.18.98
172.217.23.97
172.217.23.98
178.250.0.130
178.250.2.131
178.250.2.146
18.156.0.31
18.184.95.242
18.192.155.173
18.197.46.208
185.184.8.65
185.239.173.210
185.239.173.66
185.239.174.10
185.29.132.245
185.33.220.100
185.64.189.112
188.40.114.52
188.42.29.196
193.200.65.5
2.18.232.109
2.18.232.99
2.18.234.21
2.18.235.40
204.154.111.150
209.197.3.19
213.155.156.185
213.174.135.1
213.19.162.61
213.254.244.11
216.239.34.21
216.239.38.21
216.58.212.166
23.37.38.181
3.120.169.248
3.123.176.85
34.95.81.22
35.190.0.66
35.210.53.219
35.244.159.8
37.157.2.234
37.18.16.16
46.228.164.11
46.249.52.249
50.116.194.21
51.195.5.234
52.211.123.64
52.57.243.4
52.73.9.252
54.175.30.20
62.149.0.72
66.155.71.25
69.173.144.138
72.251.249.13
72.251.249.9
74.125.140.154
76.223.111.18
82.113.101.132
91.228.74.189
0087c22fe48679e78168ae8dcf25ee2dc52102fbdb9f0fb55ac1ed2441c1318b
01ef079c94a840d6e100bd22232ded59896fb886466cce136fe70dac22218e56
02d2574ce573a66166f56e18dafee9db53ceade8d4400d0c1bb5b74d618f15d4
049421476187ff482e9322db3224d5b541f5f718a9c416cf0a83f5d7c347081f
062c86af8daafa3c708af8528e02d3c7f7365868e92ff936aeefc42e0bbf91a9
070d23a2dbc1b53de9924a017b3c6f77eb480dd6fd92a02abb288bbcac1f6e7e
071ae33974e54b0b7586b5ecc94a40ab118f7df9a387f351231095b51aafe93e
096fa4d45463023260fe61bceffa036948e6ebba3977796f8839cc7c2b832119
09a1035ead5512982d8e543a9f0ca11d44a49f301e105236bd0f32cf6da3e120
09a35cd1e34c4e0b0e9107b33b73372270204938985cdd6b8ec40a64a22a8f77
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
115d3d222e948b73289c8180d4c821ae08feed8d7c3c62d7abff966e1f890bbb
11dd5b4a7a0d93c9a1611f1477670754410a8301ff16ca4c7ce0c6931062d739
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137eab86e81c1a847b267ccf9cc5d494b5509ac2b7280a37fad2c2344d6ed4e9
13e384a6942116c7a801b79705c199a05bf9b2bd3cae60eb5c8381fe3d5f9952
15505fd37a57356cd3421681a750d66ed36cabb9f91f269b43bc4b9ba7af456d
158edd2a7562d2b16eadda8fb990eb8d20e53837dd1abdfd2c890fcc0980ede0
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
175b36257911c358180606dd88c49ec593dcf1e338b02e4bcc7447324c462287
1a0b7aaa441fa78839d8fe68fb43c5d2e83d1bcafc2b212f7fbc93ad69206ae4
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1b8670df66d3b6f56eaa065c5b0c6a6feb3de324603390466e578b952f9694c5
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
22ddfc3f368ffb43a89bed39032959829662fec2a5896ded7ee2a49e66b6b287
24fb2979cfc748bb773811ebee27a58179c6545ca5d8dc0c910012aa6b2dd4af
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
2671e84a984e4f8571956d3bc91223b89d005988fe7032ce074b6e9d5f7191d7
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
2b5904a7e5230fbe1aa1b0e41f533d6f370377bfdb413bbbd903084d20446d43
2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee
2c7cca61a27e34b923a685d1b6f4ebef8aa335dc818810ead3b06241c55019dc
2cb1bc5422b1cedef4c3e85ee5fd579d2158aa4e7d80408a71478a1bde500495
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
32984b7f223018118636c9e716d5bf8dda69321efbd8f7fe82a5d3b71e018659
334b0a97ec6bd9277f5e2e9ccee5c95026a43510900d2b3b3ac8d448c8bdf903
35587e58d0250f998de657484b0d62897ffbd79180a540b28b4cf55f8952b384
366c4f5bbac08ff7b48f42657b407bb0f8e69a59d4583eaad69d499fb76f2e9e
37a1b3c43465df241f9064360000fe9ef4d1f9541e1e669f021fcfc21a910731
37e08d9b65a63560af55ec12fbaa42b45edcb394ef34728e8d7a120410ca49f5
3b52c9db89bb8a1b78a56df8f5eba21c9bea0c014413438838e633d096e7cdf6
3c2c5e8ce71da5f920b37260c35faad806880a17d60b6b93e35e1200763a6733
3d414a1ce754144604835daa39953420e2b4e3505c15d04421987c9150c4b1b7
3da74baac32c7503f8a14a42065a7668189032e3bc71bc508e75174b2f5d603d
3eb5ce0d0ae9e1342a8ce4e0b58b90c6ad1ffd4b0d7a30861da9b8b360cd3913
407837d8c439977d467f0868cc7be102ffbe3e0d354b3375cbf5d60804d98fd7
426bbbd7be9ea9e6abd9ee63173b0d50fcfde33a491734fd3f1e4af997e28f39
42977b3f1bf3b11d34a40c50c095d65b3ba8631ef4ebb37b950ccd9c401d2181
43aa2768d2495c513fb28d9158d9c5ab43bc76ebcf6fbb632ffa0db5d44d52e7
44128c1c8b4398c91e545606ab7357d657e89abb6619493f361d5e5e7d12bc4f
45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22
45c53129e26a81aafcc2c745c314f0ab43431110abe73bb583a1023d9c7d97ee
462e1ccc24fe81543ba245c2ef6a17bb883a026f3b012dac8e9211b3bd4a1783
47259a5cc6573ccaa3b8de3661b0d208d3b97f84df65181d1d7315059ff2dcc8
48612cad75fed1f907a2bccdb83d59143fb4cdcc0573ab9cb13794ee75ed3b1b
4898403140fccda174c42f511d9516f5fc0188ce265c6f5da6cdb21d8fd81885
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a9957b32061f7444e7f79aa46c9ea6340a24ee75a2e1394b711243342a3a341
4adc40b4647f46439e91c0d4e18b9d1eb31bb4ac508738f30c1d01c21a097709
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c46f3db0c3a352c7797dc4e327b8a4270f60923d01ee6fc1871316eaff82182
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
523cc2e07734af5280fd9977203a3dbec5c2f1c128fe3ca9a1dbf93c09010d2a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5605fccff2c5ff900748d0cc33f71e5c26f94073c4a3bb1bf0e3f93a91341054
5bb92cfa6dbeebbd412572b08ebab09a486d7edf8fae9b0caa3ee508663a715a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cc4622c9470f0c03160dd59420edaca77a3a1f6b9cbb0248fb70e140d2b4e7a
5dd139490465c0d5b42eb905451078a5ee84b5c220d6af5b143af49247a8ecf5
5df35e3fd1bfa989bc9d40d5fbade2bfe0e7fb988075904e0466bf2f686e98cf
5e78db37bf41f76bc3b79ef0041f62dd0c6204d2911c13342ef1daed7583b6be
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
605e87af7a2de7c026d0ddbab42bcfc856e3602a7e92b6455c4aeaa2646e1a9b
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
626705ba798b4ae6d7d952af7fd1152d31e199831419725a06f7cec28bd9bcc6
633b99fd31ca80b5705ab32d98c56000214e526e46a2b9c8ce1137518507b97b
63cc53f922756833d0ef84cd106362b7039e6fc5dcdb93cd9d885d74ee254157
6422cc1b8d3ec7610b4d1babfbe5a65b96eb9a0aada81e844423cbe7c80d5d10
6592128fb1c654121b5bca15d785ca90abe55fee17213a7e30a157576045161d
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
67aa91bbd25022bf061faeb2b19c3329319d4507d0e194cfdac422834326ba0b
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b94a938052d44e3567da9deb8373178db02476071be416ca6ff6c9ad116a739
6d1e5e2ff7dbcea59a65aab6732de54e489ae0ca8c9e1bf1c930aaa4d2fe4953
6e2141eb0bb1516ca29f17d5e3876bafa9290fcabd9ecd78fd37e6f3e30cf640
73ddc6b2168fc4206d6bde693e44fe3ec45725ccfacae6ca5c32f657b0cd988d
75b9cdabe4245c4f4ef40ac02ffea9efcdda2ffd1c57cf5c5417586ae2b443db
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7a66c5283ebe3ee7b19dba7652d6244393e0bc63f30d125e78f5afeff9c372a5
7e7da1cc7366a4d8c2699b70b3ea90c7f411a3d1397cc6b3694032ccee240417
81d4698216e4a5e9a5a74a64165808711894ff3f959368a725b007a75ae3164f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b6cb290031b78436822ddc6d3b7b992fbc891f84cb5b9b80ef8ed88fc79973
85d66463d4ed9c67e5bef34b2c3f376e6f1bc8a139d5ba0c1dc28380d58efc45
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
87bdcffbd289226bb4f47d403ed04d13a622f9b78381ee7dfcff9860c5d96c82
88dfabf2b422562f5dcf638853e845fbd93986987801f306ebc77b5b3039a43d
894c264313b9111a1f100d79b9e92ec8c253a0942508d14eedcada6bb192c24a
89b61f2b45421e297191f5ad8b81f24734f48f4567f18ea803932377dc79e880
89fa0f3ce9b79297603de187422940e9ed29e91470889c598ad8c91e83d25d4b
8a846ba3e7530759c31b4c592a64289dcb316ac08356c642351ff5260aab980f
8e4d457f1a450b38779b8e2e0f6609e61187e82a59d12b37e059da129b2e9a11
925d8e4829911802e13411398ed6334e03ca9924f4158b3fee50f22ada2435a9
9384dd9fc80d461454b510f8ac38dc78c212ed3330958e2d52ab07bb6c327a70
93c01253619df4239803acb12fac8222cbae300a3ea448824f71ed6ffa2153cc
940abe56741c1ecbbb678058b3eec65c46a1af7eb521d60ab4f442f667f770a4
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
943a3f4e9fd8c30a6934f50ac24d6d0f69b5e8abee523e7e289007e8cbb04617
966c00c1dec441732004958b74ba7598ca43cf0756942de041bee9ad4e32a243
9887fe8b9ac67af8b71caa06db396f1f1caae9c6f98232e2086706845049ca92
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99ab91c2e92f52e90acd1a21ca8650a69366a9fc138ff993e0e7dc60379428ac
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c3a161446058805a30cfb13f01db1ea804e2ab2fe686fe210a8dd288f172b33
9de070417ee9ce3e7dbfafdeabee582c7c5891d26f4ddc837792e2bd2e4f389c
9ed678762f29adc6d5ba32e6b5531c5d7dca977d265c60c80fa754eadebb1106
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9f3dc4f48a7a0029c81d6a46c1076c5024244da17edc506aef3e4c253398f06b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05fa972f5c0bd604a872f2e743efd5b7a0b4572f992db1f36fcb66ee91f674d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d68aa42ed93e16665a654e7ab074be67b6def905410670feafef51ac31b771
a2a4949a825ceaed406ce169a352e2094693d08af30a1c70d0831f6ddd234144
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8cec3103446c6f06e3d6085d196e626357a40bd3df47ef7cbb20c158d71b940
aa0dd773a849e0fc56e929a2a62fb8803a6f1d8188cdc120dc5a31577545c239
ae66afab10a5bc2275f2a4539d9d18a8e6be500eb144395542f8ea4dfd5ac717
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aee709a20163222200bc752e28511632b32b441b7de3c92f7952bb12ef2a85ab
af83ea416132c93eae2387dc52fd11e82ca3f8ac0c732308f2db71a617b76bb4
afcc0ff8eaabe3ed345b299d2dce33ad3e80ab424fa7f9d85f66805aceb44295
afdcffb3e87480247681350cc3bd1508855fe6b93b258d08c661ce859dba19e2
b0d247d4ae74ae4879a66a19d19b8dee5f564da1dc7fd58dacf3b9d4acb7ee65
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fc105d78069718d9d068382258ad0c3d44601b57e0446b2d4a69153c10f95a
b21e8894208f8d634fc7efcad5afa5d3bef4a18a9525d01392cddb6b808691c1
b22bc0cf36519182813e49ab683986f44df53eee72df1d747fe448004e3500f0
b293a1370b4ec4aea6a4025137a5d9875099b5153eb276072dd2135dc35d741a
b34d57d392d7551efdc28d9b2a0f39e70b87c98a900697f99d8172b10a722c3d
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b8c3476159934c82a3b5c8c65eed25e3548f1d23d406926e6c635bc8b5231726
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bc2ddc10513d713715b5aec59e9db77aaa5e34c416ca480c685d57c7ab0ff96d
c4eacfcc5aaba64ab7a309dd1fba55f10547d422d299c967e12b26d2a953db72
c4eda54ce596f32832618b470b39b267c439b64ee51808b77ba2dfe58c6b10ed
c57ed6b58e45d0f7b6ad13cbfc538e33cd4d877816264f53267edb8a376fbaf7
c62b5a0536bfb81b392290d8372aae6ae5ab46a82523fb4f5af3f080ed4a3042
c6de4b9d9a3597e46d4f45e97bc642870c22c58fbb93bf8113061e294c2d3281
c7f40891c6cbf0816c7e00d412cdce2a0fd8c0fdd4cfbbd230289d8f04f4449f
c84c4aad06938ac68ac600fd49f8aabab04dd2d01c709ce5a60e1c6032dfa709
c8d01d5a6c345f8ce06301b6dfa0f951d99730f588b5bc534c247610320e0cc0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccac2f702c1e526c20d5b46c2e1da43108e259972fdae17f6f14d247174af9fd
ccacbfe53d43c2c184aff80396600f362d4ec11d5bb01793454528e20abb3dfd
ccfa34fd29bea66df46e991f74e4a9953a98217d43e1d123daf9b56b86a440fb
cefa46043c384463da822f5ebc6994cc57a7c93912e51df3f462d21de4664a1b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0626da885721442f9dad50e5336a6a6745e91c782f389757231726144be20e2
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d374b36b1dbdafa60f6fd3f1446b8346126c3e3a4e9abcb915c768a01e934e7f
d5fab94395b66f99fdc9bba708bea730318702f8497ab1875639c784815f4106
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
dc4a12ed222a82c9d2b9e9e401100fec3a670f5cca303a719e59715717a349b7
dc7ecaf83ccc6c1ebe365230c3b8b0fc5ef4890d3f1257fbe3e2508f8176e6f0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df2325bc96b204dafa7859cd5a13812012c28fc137e581e8125c5b2db7017cd9
e087da78f9b491fc04dbbc7cf46007144c22004e551cd29cc1eaf34321826682
e17748d26dabd3324d4ed2895bfb03a963b3e20bbc5e9517848b927b08703dab
e17c7231cf6dcf47374f5e5cb6c55e0025515edfbbf56bb6be0ccab2ac10195d
e1c2d8cba21aaca02fd0927c57fa842bf9fe671197aa6b917e3042812634195b
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e673e4f17ce8be6398181af64e8955413a55cbcee468802117772067681061d7
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e70792957a2d6b9fe4f3b638d557b304e23215b8031d9e14e2f61be37f008399
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb0d76560b893b128b8c4ef913babdd68aa3325eba9542c2e5e46cb89c575cff
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ecacf404c411c8b49a4a5cd6082e9f210daeee80ce8aa90f507b781fcb2cf543
ecb7d6ebb3fb3d20844a664ea7b23d15d735c4ef47986411b2b41b0bb062d970
ed88cce4f37b2ef3967bbced09a02e4b62cd838377acb415753b51a6c95ddadd
ee953041ca087b42d712c72f6895e177c950b55f49696d2e487fab4dcb2bc1f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef96ca301ea641523081e68e63f2f560638ddced51273eb16d199198d419755d
f360d8445f981c17aebd6ae0f704bef60a817221aac324e8f54d7df4513bbbb5
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f40ff0a02cd9444f106d1e169af6bbfe22a809265e884c4b5b4333598fa4a35a
f66b3508cf085755fa51cda4a81d51b46fe3a9263373a373eae1f7f1d874265f
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319
fbebae5dc212002d898f50978953845ffb983669b5b5907a82bef9b941dd2e2b
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fcc3a01d9c6e486f6c57a64b436de0bcab157a31f88728fff58d495784174509