2plus2.ua Open in urlscan Pro
195.137.240.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://2plus2.ua/
Effective URL:
https://2plus2.ua/
Submission: On April 24 via api (April 24th 2022, 9:21:27 am UTC) from GB — Scanned from GB

Summary HTTP 287 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 42 domains to perform 287 HTTP transactions. The main IP is 195.137.240.82, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 2plus2.ua.
TLS certificate: Issued by R3 on March 21st 2022. Valid for: 3 months.

This is the only time 2plus2.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	195.137.240.82 195.137.240.82	29389 (ASN-UNIAN) (ASN-UNIAN)
55	195.137.240.20 195.137.240.20	29389 (ASN-UNIAN) (ASN-UNIAN)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 9	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
11	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 8	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
2	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
2	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (STACKPATH) (STACKPATH)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:1ec:27::... 2620:1ec:27::cafe:1959	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	185.239.173.66 185.239.173.66	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1 2	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	54.165.214.53 54.165.214.53	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 5	92.122.147.230 92.122.147.230	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.213.110.128 52.213.110.128	16509 (AMAZON-02) (AMAZON-02)
1	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:9000:224... 2600:9000:224a:9c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	44.228.18.69 44.228.18.69	16509 (AMAZON-02) (AMAZON-02)
21	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	51.195.5.40 51.195.5.40	16276 (OVH) (OVH)
287	57

13 195.137.240.82 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

2plus2.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 195.137.240.20 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid4.tsn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.38.197.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (United States) 1 redirects

ASN33438 (STACKPATH, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1959 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.239.173.66 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.214.53 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-214-53.compute-1.amazonaws.com

1x1.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 92.122.147.230 (Milan, Italy) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-230.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.110.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-110-128.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:9c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.228.18.69 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-18-69.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.40 (France)

ASN16276 (OVH, FR)
PTR: p17.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	1plus1.video images.1plus1.video — Cisco Umbrella Rank: 430498 api.1plus1.video — Cisco Umbrella Rank: 245932 1plus1.video — Cisco Umbrella Rank: 203054	4 MB
44	googlesyndication.com 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 96 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	274 KB
24	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 static.doubleclick.net — Cisco Umbrella Rank: 328 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 195 ad.doubleclick.net — Cisco Umbrella Rank: 191	551 KB
22	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 677 cdn.flashtalking.com — Cisco Umbrella Rank: 881	284 KB
13	2plus2.ua 1 redirects 2plus2.ua	140 KB
11	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 52625 ls.hit.gemius.pl — Cisco Umbrella Rank: 13716	48 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 694 static.adsafeprotected.com — Cisco Umbrella Rank: 527 dt.adsafeprotected.com — Cisco Umbrella Rank: 471	94 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 64	3 KB
9	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 4493 ghb.adtelligent.com — Cisco Umbrella Rank: 4856 ghb1.adtelligent.com Failed sync.adtelligent.com — Cisco Umbrella Rank: 3368	35 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1220 e.clarity.ms — Cisco Umbrella Rank: 2377 c.clarity.ms — Cisco Umbrella Rank: 626	25 KB
8	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 6240	19 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	337 KB
7	criteo.com bidder.criteo.com Failed gum.criteo.com — Cisco Umbrella Rank: 381 mug.criteo.com — Cisco Umbrella Rank: 3086	8 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	59 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	112 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 imasdk.googleapis.com — Cisco Umbrella Rank: 411	334 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	137 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	208 KB
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 226 Failed	3 KB
3	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3476 adservice.google.co.uk — Cisco Umbrella Rank: 5401	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 628	59 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 5531	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	428 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	113 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 6120	17 KB
2	1plus1.ua assay.1plus1.ua	23 KB
2	adtcdn.com player.adtcdn.com — Cisco Umbrella Rank: 22438	112 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 639	527 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 252	17 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 209	554 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 6868	351 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 778	356 B
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 19318	374 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6092	171 B
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2408	499 B
1	a-mo.net prebid.a-mo.net Failed 1x1.a-mo.net — Cisco Umbrella Rank: 3612	89 B
1	tsn.ua vid4.tsn.ua	718 B
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1712
0	adnuntius.delivery Failed ads.adnuntius.delivery Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
0	pubmatic.com Failed hbopenbid.pubmatic.com Failed
287	42

	Domain	Requested by
54	images.1plus1.video	2plus2.ua 1plus1.video
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com 2plus2.ua 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
21	cdn.flashtalking.com	fw.adsafeprotected.com cdn.flashtalking.com 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net srcdoc 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com googleads.g.doubleclick.net 2plus2.ua tpc.googlesyndication.com fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com www.googletagservices.com
13	2plus2.ua	1 redirects 2plus2.ua
9	gaua.hit.gemius.pl	1 redirects 2plus2.ua gaua.hit.gemius.pl api.1plus1.video 1plus1.video
9	securepubads.g.doubleclick.net	2plus2.ua securepubads.g.doubleclick.net www.googletagservices.com
8	a4p.adpartner.pro	1 redirects 2plus2.ua a4p.adpartner.pro player.adtcdn.com
7	www.google-analytics.com	www.googletagmanager.com a4p.adpartner.pro www.google-analytics.com 2plus2.ua
7	api.1plus1.video	2plus2.ua 1plus1.video api.1plus1.video client imasdk.googleapis.com
6	dt.adsafeprotected.com	8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
6	www.google.com	2 redirects 2plus2.ua api.1plus1.video tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com 2plus2.ua fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	e.clarity.ms	www.clarity.ms e.clarity.ms
5	ghb.adtelligent.com	player.adtelligent.com player.adtcdn.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	gum.criteo.com	2 redirects static.criteo.net
4	www.googletagservices.com	vid4.tsn.ua 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
4	1plus1.video	2plus2.ua 1plus1.video
4	www.googletagmanager.com	2plus2.ua 1plus1.video www.googletagmanager.com
3	static.doubleclick.net	fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
3	mug.criteo.com
3	8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
3	ib.adnxs.com	player.adtcdn.com googleads.g.doubleclick.net
3	fonts.googleapis.com	2plus2.ua api.1plus1.video 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
2	ad.doubleclick.net	1 redirects 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
2	c.clarity.ms	1 redirects
2	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com
2	fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.gstatic.com	www.google.com 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
2	static.criteo.net	player.adtcdn.com static.criteo.net
2	adservice.google.co.uk	securepubads.g.doubleclick.net
2	sync.adtelligent.com	1 redirects 2plus2.ua
2	pbjs.e-planning.net	1 redirects 2plus2.ua
2	www.facebook.com	2plus2.ua
2	connect.facebook.net	2plus2.ua connect.facebook.net
2	cdn.mouseflow.com	1 redirects 2plus2.ua
2	ls.hit.gemius.pl	gaua.hit.gemius.pl
2	player.adtelligent.com	player.adtcdn.com
2	assay.1plus1.ua	2plus2.ua
2	player.adtcdn.com	2plus2.ua
1	id5-sync.com	player.adtcdn.com
1	static.adsafeprotected.com	8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
1	servedby.flashtalking.com	8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	c.bing.com	1 redirects
1	1x1.a-mo.net	2plus2.ua
1	t.trafmag.com	2plus2.ua
1	onetag-sys.com	player.adtcdn.com
1	adtelligent-d.openx.net	player.adtcdn.com
1	prebid-eu.creativecdn.com	player.adtcdn.com
1	inv-nets.admixer.net	player.adtcdn.com
1	www.google.co.uk	2plus2.ua
1	vid4.tsn.ua	a4p.adpartner.pro
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.clarity.ms	2plus2.ua
1	script.crazyegg.com	www.googletagmanager.com
0	ads.adnuntius.delivery Failed	player.adtcdn.com
0	fastlane.rubiconproject.com Failed	player.adtcdn.com
0	bidder.criteo.com Failed	player.adtcdn.com
0	hbopenbid.pubmatic.com Failed	player.adtcdn.com
0	ghb1.adtelligent.com Failed	player.adtcdn.com
0	prebid.a-mo.net Failed	player.adtcdn.com
287	68

This site contains links to these domains. Also see Links.

Domain
1plus1.video
1plus1.ua
tsn.ua
plus-plus.tv
tet.tv
1plus1.international
biguditv.com
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital
www.facebook.com
www.youtube.com
twitter.com
plus.google.com
vb.me
t.me

Subject Issuer	Validity	Valid
2plus2.ua R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2021-10-22` - `2022-08-14`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
assay.1plus1.ua R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
adpartner.pro R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-01` - `2022-05-02`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
*.tsn.ua Go Daddy Secure Certificate Authority - G2	`2021-10-11` - `2022-11-12`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.a-mo.net Amazon	`2021-08-10` - `2022-09-08`	a year	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://2plus2.ua/
Frame ID: F227EDD6F9A8E7B7F631F049D01DF0CD
Requests: 123 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Frame ID: 6F757CA883AE6898AD9B199D44CA879A
Requests: 44 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 9E3289BBCF99DCDDE8995A88AA853435
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=52007b96-087f-4e83-9f5c-1a2ca6f17d71&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Frame ID: D876A2CED09E819E57D21656263D1713
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=95419707937374220&apuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5&session_pageview=1&session_id=52007b96-087f-4e83-9f5c-1a2ca6f17d71&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Frame ID: 6955FF8418A50245D6EDAB411C2F114C
Requests: 3 HTTP requests in this frame

Frame: https://vid4.tsn.ua/adv/Adpartner/2plus2.html?adId=382581&unitId=1412&showId=e3fd6642-5de6-411d-ba86-39d35c5725a1&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1412%2F382581%2Fe3fd6642-5de6-411d-ba86-39d35c5725a1%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUwNzkyMDc5LCJzaG93X2lkIjoiZTNmZDY2NDItNWRlNi00MTFkLWJhODYtMzlkMzVjNTcyNWExIiwiYWRfdW5pdF9pZCI6MTQxMiwicnVsZV9pZCI6MjQ1NjYsImFkX2lkIjozODI1ODEsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6IjVlZTE5ZmVlLWRiMGQtNDEwZi04NDYwLWJjZjZlYTYxMTRhNSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0%3D%26hash%3Dabb40389e4b68a140d2accf476695048&bannerNum=95419707937374220
Frame ID: A2B0C839313A0EE9D794614DA47571E3
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225ee19fee-db0d-410f-8460-bcf6ea6114a5%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A382581%252C%2522rule_id%2522%253A24566%252C%2522show_id%2522%253A%2522e3fd6642-5de6-411d-ba86-39d35c5725a1%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e3fd6642-5de6-411d-ba86-39d35c5725a1%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Frame ID: E488F1BCF5B6133905580DD74F1918E2
Requests: 1 HTTP requests in this frame

Frame: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6EE2970865BA68B900C0E314B973C64A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 24DF2B96C372CA33747ADEB57E15528A
Requests: 1 HTTP requests in this frame

Frame: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DBD22B8BB1618721C961FE5CCDDF8264
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 95DB1AEB4D8FBFFB20C55133DB831A8C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua
Frame ID: FE8D670BE9C18F3C3AF71D11B5C9EE05
Requests: 2 HTTP requests in this frame

Frame: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 376C0937098DBD334BDDC94A7083713D
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Frame ID: CEC75C03E92A604680E4BE771DB7A6F7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9494CF814E46778D0D7F53AA3FD816C4
Requests: 1 HTTP requests in this frame

Frame: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0EC457F3CEBFEB0DF499E519E9906C4F
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: A4D1EB9891FD6EBD881EF1E55F506BF1
Requests: 11 HTTP requests in this frame

Frame: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DEFE978A2880F0CBA1E0AB5BED2339E8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARigqPHGATAB&v=APEucNXZz9CfUqCz2GNqr69_uzc0JsLnZ6jnkKy_z3QI5kCA0I7IaSsrsJL17UE4Lw44EKC5qB7eGWF5PuhVYyXwKKDnAHfonfD-VMWvY3X_7bRkE20oN08URPEFIKg5HVFJ0hY7e0vEbHFBRYqEyfiQ07PNtmTwfr1kpZq1QzeQDBLW46p7O80
Frame ID: D40E1CD263E21FC40614064C789714FD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FA83B0385AFE8ED7786B79D59C533AF5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3747248EDE0AE9849A7A407DBAA1F419
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: 45E2382E33297A8C6F13A593F705DA8C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: 3DFBABDE857A8401EE691A63358C1EA9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D9BEE2FBEE08914B879CFBD1F211BC27
Requests: 1 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/142364/3459935/index.html
Frame ID: 219EB3A9BEE21B6C110D3F60D5C357BC
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 38C551AB6E96F6400CC3B023470337C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E0ED44BE02A946FD5B711147A816AFD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0C56411AED0B0C54FB18B23D9CDCE2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 27D3A943BE0830F3699C591F7DEAC4B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2+2 - Офіційний сайт каналу онлайнKyivstar

Page URL History Show full URLs

http://2plus2.ua/ HTTP 301
https://2plus2.ua/ Page URL

Detected technologies

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

287
Requests

91 %
HTTPS

46 %
IPv6

42
Domains

68
Subdomains

57
IPs

10
Countries

6990 kB
Transfer

12486 kB
Size

48
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://1plus1.video/groshi
Title: Гроші

Search URL Search Domain Scan URL

URL: https://1plus1.video/sekretnye-materialy
Title: Секретні матеріали

Search URL Search Domain Scan URL

URL: https://1plus1.video/speckor
Title: Спецкор

Search URL Search Domain Scan URL

URL: https://1plus1.video/zateryannyj-mir
Title: Загублений світ

Search URL Search Domain Scan URL

URL: https://1plus1.video/dzhedai-voiny-dorog
Title: ДЖЕДАІ

Search URL Search Domain Scan URL

URL: https://1plus1.ua/

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: http://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://biguditv.com/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://1plus1.video/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: Кар'єра

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: Технічний розділ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.facebook.com/2plus2.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0rUcXe-tsu_MA33brxjDNg?sub_confirmation=1#utm_source=1plus1&utm_medium=social-button-header&utm_campaign=youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/2plus2tvchannel

Search URL Search Domain Scan URL

URL: https://plus.google.com/+2plus2TVchannel

Search URL Search Domain Scan URL

URL: https://vb.me/2plus2

Search URL Search Domain Scan URL

URL: https://t.me/channel2plus2

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2plus2.ua/ HTTP 301
https://2plus2.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js HTTP 301
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js

Request Chain 81

https://gaua.hit.gemius.pl/_1650792079136/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=230&lsdata=NqzWKIQ6MSkzk2CGHTyPL9uQ0WR95GwoyKh_XZTj4jv.U7lTl2ZZnmCdTbWd_ysBP.pkWMIwYMssdbKTVs7Rv1EDtgad/x9vF3Cugj6ILA/&fpdata=DLJsT_EZ_rpa4JNIPW4hImPTtrqR0FU8LcYK.SXkrfT.t7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1650792079136/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=230&lsdata=NqzWKIQ6MSkzk2CGHTyPL9uQ0WR95GwoyKh_XZTj4jv.U7lTl2ZZnmCdTbWd_ysBP.pkWMIwYMssdbKTVs7Rv1EDtgad/x9vF3Cugj6ILA/&fpdata=DLJsT_EZ_rpa4JNIPW4hImPTtrqR0FU8LcYK.SXkrfT.t7&vis=1&fpcap=

Request Chain 105

https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.2617666370189846&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=05f84429-bea5-455d-8af0-5ec18fb59f2e HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.2617666370189846&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=05f84429-bea5-455d-8af0-5ec18fb59f2e

Request Chain 118

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=98b923527c9cf1c5

Request Chain 119

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5

Request Chain 172

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=50F32DAAE38745369AEA0606F542A28C&RedC=c.clarity.ms&MXFR=2745B93786E1681A18A8A8A782E1663E HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=50F32DAAE38745369AEA0606F542A28C&MUID=30D1410E915462BE0D43509E90EF633C

Request Chain 183

https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=eX1f1XxBSnVMNGduWUNNSHdaVm92RGNPMUdUN2J5dldKcFBmZHJ4NW00b2ViemZraUE4cndkVmJ6WXQrejZjTThmbmFUUS9TT0dTQVd6d1JtdXoxMXpFUnd2NDZTeXY1eFQ5REJ5SFFkcWtRZmpYRUlLenhjZW9mcS8zN1dtMy92QUM0OWRmb2VKUTdFcFlhUkoyM2E5UlcwOXNkQUtoWVg2UE9Tbkw5MXFkNVdsdXN2VVRJcFdoWWxMdzZpTVNqV2FpdVphc092U0p3MXBDUzdPUzloRHFKV0c2aDQvREZxa0tvTjFvQ2hyNThyTFl0d3h6bENvQjdFdjI1UEppV0dTZ2pTTkZWd0duaXRvMFl5ZmszaEZPUGF5Zz09fA&cppv=2

Request Chain 222

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1&C=1

Request Chain 224

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmUWkcX7AqFVasCARQeSfwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKMLt8BeC8gcBK5KsOC5brk&google_cver=1

Request Chain 226

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4NzI3NDc5NzcyMjc5MTc0Mw%3D%3D

Request Chain 229

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 240

https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/909788/61792348/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=2plus2.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2F2plus2.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=308918.02146184345&adsafe_preview=${IS_PREVIEW}&adsafe_url=https%3A%2F%2F2plus2.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7da2cd21-403e-af92-c7cf-b77418f260e4,c:aH0IsC,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-6c8bfcf75-62sp2,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t3UDlep+111%7C112%7C1131%7C114%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.909788-61792348%7C181%7C1821%7C19%7C1a1,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:e7afe4de-c3af-11ec-8af4-c64fa91da776,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://servedby.flashtalking.com/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=2plus2.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2F2plus2.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=308918.02146184345

Request Chain 246

https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B26976110.323839980;dc_trk_aid=516312196;dc_trk_cid=163460792;ord=1650792081;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&136493835 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B26976110.323839980;dc_pre=CLHBo92vrPcCFZeHdwodjPQIKg;dc_trk_aid=516312196;dc_trk_cid=163460792;ord=1650792081;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&136493835

Request Chain 272

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=KlxeMHxNZFJxanJCeFJwcUNKNWZVYVJJdys2UllNS214QW5yUkJXNFRRNEs4alBSSUpNZktLekdtM1J3dXM1OE4yYkFWbkwyakFhblp2QTBuRllvQWo1d0svMUl4YS93RUd6VXlmSVFtZFRpQ01qWGpxQ2l5RHhHbnJJTmhMN1habzNvWWlWRFcxckc5elF1bVF2aFNWeE9JS0UrbXIzekRWWkY1UFdDOEM4T2xzVE0zSWFVV0xuaFFEUHlGZG9ZNktuMjVTN3R2VUQ5cXl3QXZ4S01YKzY2UmRnSlZuSlh6M2g3dkR2dE5hUXF3VEUwSEpDajJEUHZWeTdGdStMWHBjZlV2QjV5VTB3ZjdSVE9sMTYvcDhXUWRWQT09fA&cppv=2

287 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
2plus2.ua/
Redirect Chain

http://2plus2.ua/
https://2plus2.ua/

127 KB
30 KB

543ms
300ms

Document
text/html

195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 99f6afe6cc1e8c1f2abac312520d075f400508d736961d09a55e4596bc4e0b2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 24 Apr 2022 09:21:18 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sun, 24 Apr 2022 09:21:17 GMT
Keep-Alive: timeout=15
Location: https://2plus2.ua/
Server: nginx

GET
H/1.1 200
OK app.css
2plus2.ua/css/ 158 KB
32 KB 83ms
83ms Stylesheet
text/css 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/css/app.css
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 39220571548b58ae78a03846bcd8621597323406610ca81923789635ee29e59d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 15:03:29 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H/1.1 200
OK codes-initialization.js Show response
2plus2.ua/js/ 2 KB
1 KB 162ms
79ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/codes-initialization.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Oct 2021 08:57:18 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H/1.1 200
OK logo.svg
2plus2.ua/img/icons/ 574 B
883 B 221ms
75ms Image
image/svg+xml 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/icons/logo.svg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Last-Modified: Wed, 19 Sep 2018 09:53:34 GMT
Server: nginx
Content-Type: image/svg+xml
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 574
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H2 200 e2861f1619973d76f56ed0df427c3c2d.jpg
images.1plus1.video/other-1/ 92 KB
93 KB 403ms
141ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/e2861f1619973d76f56ed0df427c3c2d.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Mon, 14 Mar 2022 09:09:43 GMT
server: nginx
etag: "e2861f1619973d76f56ed0df427c3c2d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 94507
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 98c2160bfdac3da90abbe0f808ea0a72.jpg
images.1plus1.video/other-1/ 144 KB
145 KB 690ms
429ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/98c2160bfdac3da90abbe0f808ea0a72.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: da9cef05bb3578a7a64b84c5c60ffd0c825548b4dfb0096955cfc1ccc408205d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Mon, 21 Mar 2022 10:55:48 GMT
server: nginx
etag: "98c2160bfdac3da90abbe0f808ea0a72"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 147595
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 ceb56f0f3f537ac55cc52a60f7f0e7e7.jpg
images.1plus1.video/other-1/ 149 KB
150 KB 617ms
356ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/ceb56f0f3f537ac55cc52a60f7f0e7e7.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 84832082edd30098694a82d30d83fea657ab39289a655e26a9a080d6c73ce6fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Thu, 10 Mar 2022 13:29:18 GMT
server: nginx
etag: "ceb56f0f3f537ac55cc52a60f7f0e7e7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 152959
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 2248efa20ef583a3c94154fe1b7f7e44.jpg
images.1plus1.video/other-1/ 100 KB
100 KB 402ms
141ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/2248efa20ef583a3c94154fe1b7f7e44.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e8bd6044578f524a466c53fa6636fe598ff060f30bb0f62999bbfd217de1d574

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Mon, 14 Mar 2022 09:07:27 GMT
server: nginx
etag: "2248efa20ef583a3c94154fe1b7f7e44"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 101989
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 04f8ebf84a773b343016380ce20e531c.jpg
images.1plus1.video/other-1/ 39 KB
40 KB 646ms
429ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/04f8ebf84a773b343016380ce20e531c.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7a730972a54f766683f2cfc1b36b839f3f260e7576b4d6ee293bffda0758d608

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Thu, 21 Apr 2022 04:43:35 GMT
server: nginx
etag: "cdda838e8affcff9dd5c744aaef72817"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 40321
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 6de8cd46fafe694d82523077b82fb064.jpg
images.1plus1.video/other-1/ 22 KB
22 KB 668ms
451ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/6de8cd46fafe694d82523077b82fb064.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Wed, 13 Apr 2022 17:04:07 GMT
server: nginx
etag: "d4e63aed867ec770d35150e553ced06c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 22460
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 41d3ecf17d01cdb1556d22528135a0e9.315x280.jpg
images.1plus1.video/news-1/42879/ 33 KB
34 KB 638ms
452ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42879/41d3ecf17d01cdb1556d22528135a0e9.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8a5f83ccfc1e6a9b32277fdfcf3e52cb0a57b292c07f9ac31cad461a40b81901

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Sat, 23 Apr 2022 18:59:29 GMT
server: nginx
etag: "29e95db05ebc8d8f1e42ad0299708bab"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 34121
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 f9d3bcccaade27bb27ba1d85042088bd.315x280.jpg
images.1plus1.video/news-1/42876/ 34 KB
34 KB 564ms
377ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42876/f9d3bcccaade27bb27ba1d85042088bd.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 27982e7b4e78b96feb5d3bace94b6c7290f812363ff7be278e7f0f8f8ccb88e9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Sat, 23 Apr 2022 18:13:14 GMT
server: nginx
etag: "02ee42e2de5a6c7b4f4570a0b668c842"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 34788
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 55c32e2a1cca295b6237b9fbbbde8800.315x280.jpg
images.1plus1.video/news-1/42843/ 21 KB
21 KB 525ms
522ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42843/55c32e2a1cca295b6237b9fbbbde8800.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ec3b661eaa069c3d01cce3146b288964649b25a3649bb456daf5e1fcd2cfedc6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Fri, 22 Apr 2022 22:29:48 GMT
server: nginx
etag: "8cd196d77dece5321c98bb1d85169115"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21290
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 37a51b2a51d9e7fb425a89c11c678065.315x280.jpg
images.1plus1.video/news-1/42873/ 32 KB
33 KB 658ms
655ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42873/37a51b2a51d9e7fb425a89c11c678065.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: fba3d61af1c632ba9227d48dd1306832b8ab257a156588e10d47a84716e6bd80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Sat, 23 Apr 2022 15:55:36 GMT
server: nginx
etag: "cae6c4e75a967f9ac516fdcbeeaccfb5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 33058
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 5a03208cc96c1b22532d8cc0fb9f4358.315x280.jpg
images.1plus1.video/news-1/42840/ 37 KB
38 KB 658ms
655ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42840/5a03208cc96c1b22532d8cc0fb9f4358.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 98856ba2e91c0a9254b14b5fe497aa9327d0b8669ffc36fa0356ac3a35d85d0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Fri, 22 Apr 2022 22:11:33 GMT
server: nginx
etag: "dbff98c8c3b672ec44db4290dafc1ce2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38256
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 6b9c0c88fb2d601bdcddc8a6699e6c65.315x280.jpg
images.1plus1.video/news-1/42837/ 31 KB
32 KB 646ms
643ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42837/6b9c0c88fb2d601bdcddc8a6699e6c65.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 710655c3653cc6ce3edeb1177d656f4680325f257b5595e5df133cd75c3cb990

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Fri, 22 Apr 2022 21:50:36 GMT
server: nginx
etag: "4859b4686132f554d3370cdd3ea0430a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32005
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 d1b6589252e08b597a5270438d538508.315x280.jpg
images.1plus1.video/news-1/42870/ 28 KB
29 KB 523ms
521ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42870/d1b6589252e08b597a5270438d538508.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b09d3edc110b98e6eb7b365405af0c617c945d0f519aa5cf7d319048780ca3d1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Sat, 23 Apr 2022 13:32:31 GMT
server: nginx
etag: "acfae0ed2307180503e1317c8310a265"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 29153
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 50b17325cb0fedd30802e99a64118d7c.315x280.jpg
images.1plus1.video/news-1/42867/ 40 KB
40 KB 658ms
655ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42867/50b17325cb0fedd30802e99a64118d7c.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a252eebaf2dcd374b5b5592def1faca3e67dc221b37ba4661b0c42db2cd7c35e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Sat, 23 Apr 2022 13:31:32 GMT
server: nginx
etag: "ecb3f721644f260f08f390445a431cc5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 40755
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 a4d08bd4994e14c9955313db91f9a5d4.jpg
images.1plus1.video/other-1/ 134 KB
135 KB 527ms
524ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/other-1/a4d08bd4994e14c9955313db91f9a5d4.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Thu, 14 Apr 2022 11:33:41 GMT
server: nginx
etag: "847844816f7853a633ce073538d91224"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 137706
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 33af4205cd548160b7b34fd8c46e6f11.315x280.jpg
images.1plus1.video/news-1/42861/ 25 KB
25 KB 525ms
523ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42861/33af4205cd548160b7b34fd8c46e6f11.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 166fcbb16a3701e24240bf3bf2152b79d16e81653d554412e72f6dca96b832a4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Sat, 23 Apr 2022 11:36:45 GMT
server: nginx
etag: "8842aa4e8327a4ec59aada22b73f98b9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 25640
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 776d5bd7415f516f1bd0591d6ac0d9da.315x280.jpg
images.1plus1.video/news-1/42828/ 27 KB
28 KB 650ms
647ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42828/776d5bd7415f516f1bd0591d6ac0d9da.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 861ea8eb7a9087b8f0287a2a9b71b96e65323ecac53fb0d3d434cb86daa397d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Fri, 22 Apr 2022 14:38:45 GMT
server: nginx
etag: "a26a8540840ec5ffd6c43f346e7924b1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 27933
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 881b2db7245a6d28859ef1834b0ace92.315x280.jpg
images.1plus1.video/news-1/42858/ 42 KB
42 KB 658ms
655ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/news-1/42858/881b2db7245a6d28859ef1834b0ace92.315x280.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8f5b6841687a61f03d74675aecb7dba7dd8c3d7affbc7918e22039ecd4599c07

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Sat, 23 Apr 2022 10:02:47 GMT
server: nginx
etag: "5b96180a387a6f6939da8d355a05f82e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 42523
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
images.1plus1.video/card-5/GRsFFLJ2/ 18 KB
18 KB 519ms
517ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/GRsFFLJ2/3c5c29a352791c18019bdcc02ee5fbc7.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Tue, 22 Feb 2022 17:53:08 GMT
server: nginx
etag: "1fff169ec8591ae472ce69439a5f36a9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18118
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
images.1plus1.video/card-5/ktBGOYx2/ 21 KB
21 KB 518ms
516ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/ktBGOYx2/9a5058bd954e39305ea3ca42fdcd186a.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Fri, 18 Feb 2022 17:38:19 GMT
server: nginx
etag: "e087103a4d5306b33b4a26ca74f46a95"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21081
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 f90d7f24621086ba471318342646e06b.285x285.jpg
images.1plus1.video/card-5/DagrnyGt/ 27 KB
27 KB 441ms
438ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/DagrnyGt/f90d7f24621086ba471318342646e06b.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Fri, 18 Feb 2022 17:27:39 GMT
server: nginx
etag: "ca4ef5c2e2792b2dfb7e7787c80e99f6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 27722
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
images.1plus1.video/card-5/nRAVUWV2/ 30 KB
31 KB 658ms
655ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/nRAVUWV2/8e8cb6e0f36b0d85cd8c6981e4eb4b31.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Wed, 16 Feb 2022 16:37:24 GMT
server: nginx
etag: "da80bf2f888498741dc109276ffe8f47"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 31038
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
images.1plus1.video/card-5/9CmkgJyR/ 25 KB
25 KB 508ms
505ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/9CmkgJyR/68536a5f7c4f28c824ac18907f67e6c0.285x285.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Wed, 16 Feb 2022 16:24:36 GMT
server: nginx
etag: "5bfc6a30c49959728c337dce58dda0a3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 25395
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
images.1plus1.video/playlist-1/140731/ 98 KB
98 KB 519ms
516ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/140731/cdce52f6d8885ef25314a4977eb592c8.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Tue, 18 Jan 2022 14:42:46 GMT
server: nginx
etag: "8bbc0a9d2074e0f2861716372d19b7a8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 100315
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 8789930c322a5a2de04ad202edee81be.490x300.jpg
images.1plus1.video/playlist-1/145042/ 72 KB
72 KB 633ms
630ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/145042/8789930c322a5a2de04ad202edee81be.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Tue, 18 Jan 2022 14:41:33 GMT
server: nginx
etag: "6fe6cd0165380ba7809f27a4e2029504"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 73347
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 5dc777c6a08b8536906fff608805f4ad.490x300.jpg
images.1plus1.video/playlist-1/70286/ 100 KB
100 KB 527ms
524ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/70286/5dc777c6a08b8536906fff608805f4ad.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Wed, 16 Jun 2021 15:26:13 GMT
server: nginx
etag: "61a7a9a574200a699aba40246cff75f8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 101953
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 73f64084c4b6012843a0ad4a723ab950.490x300.jpg
images.1plus1.video/playlist-1/93757/ 84 KB
84 KB 655ms
653ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93757/73f64084c4b6012843a0ad4a723ab950.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Tue, 22 Jun 2021 07:50:02 GMT
server: nginx
etag: "3fcbb749663669f24ae1bf6426c6776a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85576
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
images.1plus1.video/playlist-1/4844/ 97 KB
97 KB 654ms
652ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Tue, 18 Jan 2022 14:44:06 GMT
server: nginx
etag: "a8a6b117d153ff197675175afd73848d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 99044
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
images.1plus1.video/playlist-1/5252/ 161 KB
161 KB 657ms
655ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/512ac948dba8c0ed8ed754631bb4084f.490x300.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Fri, 18 Jun 2021 07:37:16 GMT
server: nginx
etag: "f3aeeec15e404524760bdf792fd61b50"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 164699
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ 59 KB
60 KB 441ms
439ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Thu, 20 Jan 2022 12:33:22 GMT
server: nginx
etag: "8bae3cce1b9ac9a8d0dc652c45b532de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 60741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ 32 KB
32 KB 507ms
505ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Wed, 19 Jan 2022 15:44:36 GMT
server: nginx
etag: "051dae29b6412985e0d02f1883f31c84"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32599
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
images.1plus1.video/playlist-1/4844/ 68 KB
68 KB 527ms
524ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/4844/d3374a1b77fa3b8ce94d5845e061d8f0.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Tue, 18 Jan 2022 14:44:06 GMT
server: nginx
etag: "af334573b8e9890738512cd9a210350e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 69740
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 5ee354d25b6e1328f52453b530bd859f.220x330.jpg
images.1plus1.video/playlist-1/46546/ 18 KB
19 KB 441ms
439ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/46546/5ee354d25b6e1328f52453b530bd859f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Wed, 23 Feb 2022 11:06:28 GMT
server: nginx
etag: "7037a4d516fbc5445a7d1a251f1a5c6f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 18756
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ 86 KB
87 KB 633ms
631ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Wed, 19 Jan 2022 15:43:20 GMT
server: nginx
etag: "90f688b5780469424dc2f50e497a080f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 88537
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H/1.1 200
OK footer-email.png
2plus2.ua/img/ 774 B
1 KB 145ms
74ms Image
image/png 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/footer-email.png
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Last-Modified: Tue, 29 Jan 2019 14:06:43 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 774
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H/1.1 200
OK ads.js Show response
2plus2.ua/js/ 19 B
351 B 137ms
74ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/ads.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Last-Modified: Tue, 29 Jan 2019 14:06:43 GMT
Server: nginx
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 19
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
2plus2.ua/js/vendor/ 85 KB
35 KB 152ms
152ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery-3.2.1.min.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
2plus2.ua/js/vendor/ 42 KB
13 KB 82ms
82ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/owl.carousel.min.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H/1.1 200
OK jquery.mousewheel.min.js Show response
2plus2.ua/js/vendor/ 3 KB
2 KB 87ms
75ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery.mousewheel.min.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H/1.1 200
OK jquery.mCustomScrollbar.concat.min.js Show response
2plus2.ua/js/vendor/ 44 KB
15 KB 159ms
81ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/vendor/jquery.mCustomScrollbar.concat.min.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Nov 2018 12:17:34 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H/1.1 200
OK app.js Show response
2plus2.ua/js/ 19 KB
7 KB 162ms
75ms Script
application/javascript 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://2plus2.ua/js/app.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: f76c9bd7fbdf9ac8175846d7d6664bf0946c38e0431c86468279303a79d9ed99

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Feb 2022 10:05:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 08:07:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 09:21:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 09:21:18 GMT

GET
H2 200 hb_298309_11708.js Show response
player.adtcdn.com/prebidlink/458553/ 374 KB
111 KB 240ms
101ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Apr 2022 17:10:25 GMT
server: cloudflare
etag: W/"6262e181-5d9c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Fi6WGRpEV3IAXx8AeKTKgiQ5N4mfOI9tsAx%2FgIRWFg6%2FqGFw2DZ6B5aMWt9qkTN5NyGFZSsPygdVpD1GJ3OyY0qsNJNV9vfpClDnOrS3kndFeg8ZHcx8griOyCesqYxVBsRYxak%2Bpc0QuksVYbqYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 700dc49c3aa63757-MXP
expires: Sun, 24 Apr 2022 09:36:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 148ms
57ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

482000269a8443d2127483ba8e4a4637673a1779f5fb87bde1c864b766de192c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28647
x-xss-protection: 0
server: sffe
etag: "1195 / 106 of 1000 / last-modified: 1650665455"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Apr 2022 09:21:18 GMT

GET
H2 200 wrapper_hb_298309_11708.js Show response
player.adtcdn.com/prebidlink/458553/ 787 B
1 KB 142ms
77ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/458553/wrapper_hb_298309_11708.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 22 Apr 2022 17:10:25 GMT
server: cloudflare
etag: W/"6262e181-313"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6tbL8IAeSBkICPfp9u64HD3Jk5uTmiyoW2Cm1LagHWHfhf127kSseHqZQm7B6fePbAxAOoLrbSGqYDTtFPZipujsZJFQ%2BVD7y92%2BtRAvL47rsvk5eLAG5ReKdNAO2a2ww0NEfeyT9P4JlO9uZ1KxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 700dc49c3aa93757-MXP
expires: Sun, 24 Apr 2022 09:36:03 GMT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 257ms
78ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 03 Jul 2017 15:36:13 GMT
server: nginx
etag: W/"595a646d-e3b1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
60 KB 156ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b83210f573e877327d53e4a0fc6895117403533f2e72bc4d39030145a7ca09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61099
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Apr 2022 09:21:18 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 186ms
58ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/js/codes-initialization.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11715
expires: Sun, 24 Apr 2022 21:21:18 GMT

GET
H/1.1 200
OK api.gpt.js Show response
api.1plus1.video/static/js/ 12 KB
5 KB 338ms
79ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.gpt.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 13:10:52 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 24 May 2022 09:19:22 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
24 KB 188ms
99ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:48:08 GMT
x-content-type-options: nosniff
age: 383590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:48:08 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2plus2.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 383748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:45:30 GMT

GET
H/1.1 200
OK 12XPPTDu Show response
1plus1.video/video/embed/ Frame 6F75 10 KB
5 KB 346ms
95ms Document
text/html 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f395c29c567db8929b9488fc87a67ff609fdd0908481079f904902c5a2a5a7b9

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 24 Apr 2022 09:21:18 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 vunit Show response
a4p.adpartner.pro/ 12 KB
3 KB 189ms
58ms Script
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=1412&0.4459216193782254
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK pattern.jpg
2plus2.ua/img/ 1 KB
2 KB 75ms
75ms Image
image/jpeg 195.137.240.82
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2plus2.ua/img/pattern.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/css/app.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.82 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/css/app.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Last-Modified: Wed, 10 Oct 2018 15:20:08 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1355
Expires: Sun, 08 May 2022 09:21:18 GMT

GET
H2 200 c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ 512 KB
512 KB 521ms
519ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Wed, 23 Feb 2022 17:22:14 GMT
server: nginx
etag: "8cdf6bac6c3c122e283456481462d852"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 523866
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:18 GMT
expires: Sun, 01 May 2022 09:21:18 GMT

GET
H2 200 pubads_impl_2022042001.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
123 KB 46ms
46ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

e38188d7aeeab09989954d42e1eac3f97f6320a4e6d51cc2dde4ac391289bf08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 18:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126015
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Apr 2023 18:03:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 87 B
108 B 143ms
54ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

12dce315d1b30fafff70b92232490b5b1996e8bebc262cb96da11399f5101707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 09:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Sun, 24 Apr 2022 09:21:18 GMT

GET
H2 200 hbw_master_298309_11708.js Show response
player.adtelligent.com/prebidlink/458553/ 138 KB
30 KB 108ms
31ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458553/hbw_master_298309_11708.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/wrapper_hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 1da6926b2edcc20189e7f8dc68854eacc075ba267c2d77dd851ee8a1749e823b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 17:10:25 GMT
server: nginx
etag: W/"6262e181-227cd"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 26 Apr 2022 09:21:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
392 B 57ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=2plus2.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 26416df163672383736830eedac6dfe555f178f84326e636b42a23b64f0bb6c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Tue, 24 May 2022 09:21:18 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 9E32 5 KB
3 KB 194ms
58ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 8e8903aa6515c92e0d04a42a7a96ef8ef1151845cfda2179cc8672e83d258548

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2713
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:19 GMT
etag: PRIVATE7520710249
expires: Tue, 24 May 2022 09:21:19 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 6F75 171 KB
26 KB 147ms
146ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:05:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 24 May 2022 09:17:32 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 6F75 198 KB
69 KB 221ms
73ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:03:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 24 May 2022 09:17:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 6F75 98 KB
38 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

638b38d93e620d6cbb799c06475f9ecb29f258a775f85c2d1de3b54b4ec6b70c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38820
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Apr 2022 09:21:19 GMT

GET
H2 200 vunit.min.js Show response
a4p.adpartner.pro/apstc/ 48 KB
12 KB 117ms
117ms Script
application/javascript 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.423
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.4459216193782254
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
cache-control: no-store no-transform
last-modified: Tue, 15 Mar 2022 16:47:24 GMT
server: nginx
content-encoding: br
etag: W/"6230c31c-c158"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame D876 0
0 263ms
263ms Document
text/plain 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=52007b96-087f-4e83-9f5c-1a2ca6f17d71&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.4459216193782254
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Sun, 24 Apr 2022 09:21:19 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/vunit/ Frame 6955 5 KB
2 KB 111ms
111ms Document
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=95419707937374220&apuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5&session_pageview=1&session_id=52007b96-087f-4e83-9f5c-1a2ca6f17d71&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=1412&0.4459216193782254
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 74a6c62e817179670e62c48e7c09ac73c811a526cbf854ba9142fdabb9ff2d4a

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 24 Apr 2022 09:21:19 GMT
server: nginx

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 145ms
61ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1e21c2fbe15539a6989e0a1256c9f4e73412e49dd85437305dce8ef7c0aa8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67819
x-xss-protection: 0
expires: Sun, 24 Apr 2022 09:21:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 130ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6389
date: Sun, 24 Apr 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Apr 2022 09:34:50 GMT

GET
H2

200

960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7.js
https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js

53 KB
17 KB

57ms
57ms

Script
application/javascript

23.111.9.38
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 23.111.9.38 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 09:09:45 GMT
server: NetDNA-cache/2.2
etag: W/"65602a38164fd81:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/960ccfd6-74cb-4236-9230-f2f5d1c9d1c7_eu.js
date: Sun, 24 Apr 2022 09:21:19 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H2 410 3674.js
script.crazyegg.com/pages/scripts/0068/ 0
0 186ms
71ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0068/3674.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2BBRKX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Apr 2022 15:47:04 GMT
server: cloudflare
age: 63255
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 700dc49eac482373-ZRH
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 123ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: 7pyBYtaXl9hzh4ro/joLwXRDzqe7YfPDs6t5JU3szwYv4sUkBAM9TB03nBXF2W+rPwmt4EL93Xn+w/R6VGqlkg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 24 Apr 2022 09:21:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 al26fychxj Show response
www.clarity.ms/tag/ 1 KB
1 KB 352ms
168ms Script
application/x-javascript 2620:1ec:27::cafe:1959
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/al26fychxj
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1959 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 676411366e71f04c2ff350ff21efca86e9de93ac0524aff378f6edd6e5e52a30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:18 GMT
x-powered-by: ASP.NET
x-azure-ref: 0jxZlYgAAAAD1idwaLcl9RpCX53QaCMkWUk9NMzBFREdFMDgwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
content-length: 1079
expires: -1

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 85ms
28ms XHR
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bad0f3630b73f5dcb369227282d76dba6fb01d3eab89a8a16acb5e053cbf1f6

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 00:02:11 GMT
server: nginx
etag: W/"6261f083-1178"
content-type: application/json
access-control-allow-origin: https://2plus2.ua
expires: Tue, 26 Apr 2022 09:21:19 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 136 B
378 B 514ms
30ms XHR
application/json 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458553/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: fba6ca9533a68c0f3cd0f7d68490d3ca758ea6f239766cebb7c1eb2f9afbba26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Sun, 24 Apr 2022 09:21:19 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 136
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
403 B 513ms
30ms XHR
image/gif 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=11708&full_page_url=https%3A%2F%2F2plus2.ua%2F&adid=d2zc8j.xa&features=16416&vpbv=N058&lifecycle_tte=1519
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458553/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Sun, 24 Apr 2022 09:21:19 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 92ms
92ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&idsite=6&rec=1&r=718564&h=9&m=21&s=19&url=https%3A%2F%2F2plus2.ua%2F&_id=3229d98544ba6c7a&_idts=1650792079&_idvc=1&_idn=0&_refts=0&_viewts=1650792079&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=302

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6955 49 KB
20 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=95419707937374220&apuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5&session_pageview=1&session_id=52007b96-087f-4e83-9f5c-1a2ca6f17d71&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6389
date: Sun, 24 Apr 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Apr 2022 09:34:50 GMT

POST
H2 200 vunit Show response
a4p.adpartner.pro/ Frame 6955 3 KB
1 KB 65ms
64ms XHR
text/html 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/vunit?id=1412&session_id=52007b96-087f-4e83-9f5c-1a2ca6f17d71&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=95419707937374220&apuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5&session_pageview=1&session_id=52007b96-087f-4e83-9f5c-1a2ca6f17d71&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: 49c8fa573b7dfc3dfc9f16f84e204c0da6b295657e306f348ab74b88c4c38d0a

Request headers

Referer: https://a4p.adpartner.pro/vunit/ls?vunit=1412&bannerNum=95419707937374220&apuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5&session_pageview=1&session_id=52007b96-087f-4e83-9f5c-1a2ca6f17d71&site_visited=1&location=https%3A%2F%2F2plus2.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
cache-control: no-store no-transform
server: nginx
content-encoding: br
content-type: text/html; charset=utf-8

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1650792079136/
Redirect Chain

https://gaua.hit.gemius.pl/_1650792079136/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2...
https://gaua.hit.gemius.pl/__/_1650792079136/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.u...

169 B
422 B

90ms
90ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1650792079136/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=230&lsdata=NqzWKIQ6MSkzk2CGHTyPL9uQ0WR95GwoyKh_XZTj4jv.U7lTl2ZZnmCdTbWd_ysBP.pkWMIwYMssdbKTVs7Rv1EDtgad/x9vF3Cugj6ILA/&fpdata=DLJsT_EZ_rpa4JNIPW4hImPTtrqR0FU8LcYK.SXkrfT.t7&vis=1&fpcap=
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 5e569b0acd80e613b14d26fe3cd79346a8b26fb844fc4e76018112f0af7f40d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:19 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 23 Apr 2022 09:21:19 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:19 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1650792079136/rexdot.js?l=100&id=nGhLmYBVmH9lDxK8n6qDIKPertEG4oNkPFAhnpWOfo3.H7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F2plus2.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=230&lsdata=NqzWKIQ6MSkzk2CGHTyPL9uQ0WR95GwoyKh_XZTj4jv.U7lTl2ZZnmCdTbWd_ysBP.pkWMIwYMssdbKTVs7Rv1EDtgad/x9vF3Cugj6ILA/&fpdata=DLJsT_EZ_rpa4JNIPW4hImPTtrqR0FU8LcYK.SXkrfT.t7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 23 Apr 2022 09:21:19 GMT

GET
H3 200 450887889857312 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 85ms
41ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/450887889857312?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88805
x-xss-protection: 0
pragma: public
x-fb-debug: BywuUAUHxQA3flLhH4LfhX0dO+AXo8XJDcVxJAchzP55q2cx3wqZLRlXU9zACtwQKF0x+1auFSJ7YNxvXwUfgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 24 Apr 2022 09:21:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 170ms
57ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=179405997&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1851487565&gjid=1671779086&cid=347430055.1650792079&tid=UA-3838466-26&_gid=1218911043.1650792079&_r=1&gtm=2wg4k0W2BBRKX&z=1038378220

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 102ms
56ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=179405997&t=pageview&_s=1&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1110063251&gjid=1974141418&cid=347430055.1650792079&tid=UA-113262294-1&_gid=1218911043.1650792079&_r=1&gtm=2wg4k0W2BBRKX&z=1783165185

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 6F75 898 B
2 KB 106ms
92ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1650792079268
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a671ce534bfafe05a922189e73b9acd03afa20088568b5ae3b9809f93be56e02

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:19 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 6F75 118 KB
44 KB 66ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07a757ca2bb1f12e8c1c16db04afcc62303e08f69e38b13d5a13717feaf0fd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44657
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Apr 2022 09:21:19 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 48ms
47ms Ping
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KRRGZR24WG&gtm=2oe4k0&_p=179405997&_z=ccd.NbB&cid=347430055.1650792079&ul=en-us&sr=1600x1200&_s=1&sid=1650792079&sct=1&seg=0&dl=https%3A%2F%2F2plus2.ua%2F&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KRRGZR24WG&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 119ms
34ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3838466-26&cid=347430055.1650792079&jid=1851487565&gjid=1671779086&_gid=1218911043.1650792079&_u=YEBAAAAAAAAAAC~&z=1228489609

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Apr 2022 09:21:19 GMT
content-type: text/plain
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 6F75 49 KB
20 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6389
date: Sun, 24 Apr 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Apr 2022 09:34:50 GMT

GET
H2 200 2plus2.html Show response
vid4.tsn.ua/adv/Adpartner/ Frame A2B0 1021 B
718 B 344ms
75ms Document
text/html 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://vid4.tsn.ua/adv/Adpartner/2plus2.html?adId=382581&unitId=1412&showId=e3fd6642-5de6-411d-ba86-39d35c5725a1&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1412%2F382581%2Fe3fd6642-5de6-411d-ba86-39d35c5725a1%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUwNzkyMDc5LCJzaG93X2lkIjoiZTNmZDY2NDItNWRlNi00MTFkLWJhODYtMzlkMzVjNTcyNWExIiwiYWRfdW5pdF9pZCI6MTQxMiwicnVsZV9pZCI6MjQ1NjYsImFkX2lkIjozODI1ODEsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6IjVlZTE5ZmVlLWRiMGQtNDEwZi04NDYwLWJjZjZlYTYxMTRhNSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0%3D%26hash%3Dabb40389e4b68a140d2accf476695048&bannerNum=95419707937374220
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.423
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 10d2a6ea0bf55991c488f4da1a20347f2b8def032d90c361052f981cb1a66aed

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Sun, 24 Apr 2022 09:21:19 GMT
expires: Sun, 24 Apr 2022 09:26:19 GMT
last-modified: Fri, 08 Feb 2019 09:48:54 GMT
server: nginx
vary: Accept-Encoding
x-1p1-cdn: REVALIDATED; Sun, 24 Apr 2022 09:15:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 134ms
42ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=450887889857312&ev=PageView&dl=https%3A%2F%2F2plus2.ua%2F&rl=&if=false&ts=1650792079453&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1650792079448.1155339871&it=1650792079153&coo=false&rqm=GET

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 24 Apr 2022 09:21:19 GMT

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame E488 0
139 B 59ms
58ms Document
image/gif 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%25225ee19fee-db0d-410f-8460-bcf6ea6114a5%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A382581%252C%2522rule_id%2522%253A24566%252C%2522show_id%2522%253A%2522e3fd6642-5de6-411d-ba86-39d35c5725a1%2522%257D%255D%252C%2522unit_id%2522%253A1412%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e3fd6642-5de6-411d-ba86-39d35c5725a1%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252F2plus2.ua%25252F%2522%257D
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Sun, 24 Apr 2022 09:21:19 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.34/ 53 KB
23 KB 338ms
110ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/al26fychxj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: br
etag: "1d84ac37b962954"
last-modified: Thu, 07 Apr 2022 21:07:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 6F75 108 KB
33 KB 164ms
164ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=4844&l=ua&f=0&auth=1&login_profile=1&_t=1650792079268
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:58:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 24 May 2022 09:19:11 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 164ms
67ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=347430055.1650792079&jid=1851487565&_u=YEBAAAAAAAAAAC~&z=1122142416

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 177ms
64ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3838466-26&cid=347430055.1650792079&jid=1851487565&_u=YEBAAAAAAAAAAC~&z=1122142416

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST c
prebid.a-mo.net/a/ 0
0

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
499 B 135ms
42ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Apr 2022 09:21:19 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 4 KB
773 B 48ms
48ms XHR
application/json 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: fa08cf746d9f4b99c9670550de311d2abe538309aa150c0c3801582f153b4eb9

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Apr 2022 09:21:19 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 492

POST /
ghb1.adtelligent.com/v2/auction/ 0
0

POST translator
hbopenbid.pubmatic.com/ 0
0

POST cdb
bidder.criteo.com/ 0
0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 195ms
66ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Sun, 24 Apr 2022 09:21:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
374 B 121ms
50ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F2plus2.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b2b18464-295f-4880-856c-acda6e460221%2Cfd3296bb-5b3e-4ea8-ad05-13ad92a25c6f%2C3f97177d-f7d1-473d-9ebd-19c6002fdacf%2Cab880a80-d346-4878-b1b3-c28aef3b1233&nocache=1650792079635&pubcid=05f84429-bea5-455d-8af0-5ec18fb59f2e&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=2000x1300%7C300x250%7C300x600%7C1440x180&divids=div-gpt-ad-1563887551234-0%2Cad-slot-1%2Cad-slot-2%2Cgpt-0d0f411b-6ec5-439a-8383-958e063c178b&aucs=%252F82479101%252F2plus2.ua%252FBranding%2523div-gpt-ad-1563887551234-0%2C%252F82479101%252F2plus2.ua%252F2plus2_300x250%2523ad-slot-1%2C%252F82479101%252F2plus2.ua%252F2plus2_300x600_2%2523ad-slot-2%2C%252F82479101%252F2plus2.ua%252Fcatfish%2523gpt-0d0f411b-6ec5-439a-8383-958e063c178b&auid=541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 9e50bfa7ad08391ec756196d372cb6f5e50c9b1974ee3e42e6eb8cf930a0913e

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://2plus2.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/2plus2.ua/ROS?rnd=0.2617666370189846&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2...
https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.2617666370189846&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2...

433 B
842 B

36ms
35ms

XHR
application/json

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.2617666370189846&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=05f84429-bea5-455d-8af0-5ec18fb59f2e
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Server: 46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: fa6b6e3804d27952e60bba62059b44a9aa470d384da576e1af8499d358733b5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://2plus2.ua
expires: Sun, 24 Apr 2022 09:21:19 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 433
x-sid: AMS-746

Redirect headers

date: Sun, 24 Apr 2022 09:21:19 GMT
server: openresty
access-control-allow-origin: https://2plus2.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/2plus2.ua/ROS?ct=1&r=pbjs&rnd=0.2617666370189846&e=2000x1300_0%3A2000x1300%2B300x250_0%3A300x250%2B300x600_0%3A300x600%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F2plus2.ua%2F&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2F2plus2.ua%2F&e_pubcid=05f84429-bea5-455d-8af0-5ec18fb59f2e
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-746

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
249 B 58ms
58ms XHR
application/json 54.38.197.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8047&sizes=1440x180&referer=https%3A%2F%2F2plus2.ua%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-01.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://2plus2.ua
date: Sun, 24 Apr 2022 09:21:19 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 140ms
44ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://2plus2.ua
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST i
ads.adnuntius.delivery/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 448 B
564 B 43ms
43ms XHR
application/json 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=648466&aid2=648467&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458553/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4ff41dff0da924b0ff84aa9092049f579e120b0e5763a2899d77b7f03d709fce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:19 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://2plus2.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 283

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 6F75 56 KB
9 KB 85ms
84ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t850218573320
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 24 May 2022 09:21:19 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 6F75 925 B
606 B 138ms
50ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cd7030765ac761d2d9f1a71728e5801860a4d91c36e74051ceb121237743136

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Sun, 24 Apr 2022 09:21:19 GMT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=98b923527c9cf1c5

35 B
351 B

185ms
60ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=98b923527c9cf1c5
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:20 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=98b923527c9cf1c5
Date: Sun, 24 Apr 2022 09:21:19 GMT
Server: VertaMedia 1.0
Etag: 98b923527c9cf1c5
Content-Length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5

0
407 B

771ms
296ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:19 GMT
Server: VertaMedia 1.0
Etag: 98b923527c9cf1c5
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=5ee19fee-db0d-410f-8460-bcf6ea6114a5
date: Sun, 24 Apr 2022 09:21:19 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A2B0 84 KB
29 KB 139ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: vid4.tsn.ua
URL: https://vid4.tsn.ua/adv/Adpartner/2plus2.html?adId=382581&unitId=1412&showId=e3fd6642-5de6-411d-ba86-39d35c5725a1&link=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F1412%2F382581%2Fe3fd6642-5de6-411d-ba86-39d35c5725a1%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjUwNzkyMDc5LCJzaG93X2lkIjoiZTNmZDY2NDItNWRlNi00MTFkLWJhODYtMzlkMzVjNTcyNWExIiwiYWRfdW5pdF9pZCI6MTQxMiwicnVsZV9pZCI6MjQ1NjYsImFkX2lkIjozODI1ODEsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6IjVlZTE5ZmVlLWRiMGQtNDEwZi04NDYwLWJjZjZlYTYxMTRhNSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0%3D%26hash%3Dabb40389e4b68a140d2accf476695048&bannerNum=95419707937374220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b92acba360e73f87888cefb8b34869639f19e22b777614961f151b0c06bf4863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28699
x-xss-protection: 0
server: sffe
etag: "1195 / 536 of 1000 / last-modified: 1650665358"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Apr 2022 09:21:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6F75 5 KB
665 B 139ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t850218573320

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 09:10:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 09:21:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 09:21:19 GMT

GET
H2 204 g_pbto
1x1.a-mo.net/hbx/ 0
89 B 358ms
116ms Image
text/plain 54.165.214.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1650792079829&eid=720729e0a32d758
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.214.53 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-214-53.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 141ms
50ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 145ms
50ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=2plus2.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 09:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 179 KB
52 KB 1047ms
1046ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1939731011404494&correlator=1148073249725907&eid=31065714%2C31067189%2C31067238%2C31067243%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042001&ptt=17&impl=fifs&iu_parts=82479101%2C2plus2.ua%2CBranding%2C2plus2_300x250%2C2plus2_300x600_2%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=2000x1300%2C300x250%2C300x600%2C1440x180&ifi=1&adks=3753537382%2C3937908213%2C3276604062%2C1425882295&sfv=1-0-38&ecs=20220424&fsapi=false&prev_scp=Project_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_2plus2%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1650792079855&lmt=1650792079&dlt=1650792078255&idt=760&biw=1600&bih=1200&adxs=-200%2C992%2C1015%2C-12245933&adys=50%2C645%2C1025%2C-12245933&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2F2plus2.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=2000x-1%7C300x250%7C300x600%7C1600x-1&msz=2000x-1%7C300x0%7C300x0%7C0x-1&fws=516%2C4%2C4%2C644&ohw=1600%2C300%2C300%2C1600&ga_vid=347430055.1650792079&ga_sid=1650792080&ga_hid=179405997&ga_fc=true&btvi=0%7C0%7C0%7C-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

f1ba16d59fcef7f8c3eb7484d74c1765875f83f9c55d03e63501dbdaf1c71f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53195
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://2plus2.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6EE2 6 KB
4 KB 172ms
53ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:20 GMT
expires: Mon, 24 Apr 2023 09:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 182ms
61ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Apr 2022 09:21:20 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/ Frame 6F75 395 KB
147 KB 138ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QENb_qRrX0-mQMyENQjD6Fuj/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0bd93b8f04e67673a3398c9ded686d08e1dc1ad79a96b958ca573ae3d4ab0d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150075
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 04:06:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Apr 2023 17:10:51 GMT

GET
H3 200 pubads_impl_2022041801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A2B0 362 KB
123 KB 42ms
42ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125970
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 24 Apr 2023 09:09:02 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 24DF 0
18 B 85ms
42ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://2plus2.ua
Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://2plus2.ua
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:20 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 collect Show response
e.clarity.ms/ 0
65 B 107ms
107ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Sun, 24 Apr 2022 09:21:19 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 62ms
61ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.gpt.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11715
expires: Sun, 24 Apr 2022 21:21:20 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 106ms
38ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Apr 2022 09:21:20 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame A2B0 107 B
122 B 135ms
50ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=vid4.tsn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A2B0 107 B
122 B 136ms
52ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vid4.tsn.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A2B0 101 KB
32 KB 397ms
396ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3690888436948231&correlator=3920491060948016&eid=31067189&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=82479101%2C2plus2.ua%2Ccontent_600x350&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=600x350%7C600x300&ifi=1&adks=3470641489&sfv=1-0-38&ecs=20220424&fsapi=false&eri=4&sc=1&cdm=vid4.tsn.ua&abxe=1&dt=1650792080183&lmt=1549619334&dlt=1650792079750&idt=403&biw=-12245933&bih=-12245933&isw=600&ish=354&adxs=0&adys=0&ucis=31pebi268926&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Fvid4.tsn.ua%2Fadv%2FAdpartner%2F2plus2.html%3FadId%3D382581%26unitId%3D1412%26showId%3De3fd6642-5de6-411d-ba86-39d35c5725a1%26link%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F1412%252F382581%252Fe3fd6642-5de6-411d-ba86-39d35c5725a1%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjUwNzkyMDc5LCJzaG93X2lkIjoiZTNmZDY2NDItNWRlNi00MTFkLWJhODYtMzlkMzVjNTcyNWExIiwiYWRfdW5pdF9pZCI6MTQxMiwicnVsZV9pZCI6MjQ1NjYsImFkX2lkIjozODI1ODEsImRhdGFfc291cmNlIjoiIiwicGxhdGZvcm1faWQiOjEsIm9zX2lkIjo1LCJicm93c2VyX2lkIjoxLCJjdXN0b21lcl9pZCI6IjVlZTE5ZmVlLWRiMGQtNDEwZi04NDYwLWJjZjZlYTYxMTRhNSIsInJlZ2lvbl9pZCI6MTEyLCJzdWJfcmVnaW9uX2lkIjowLCJjaXR5X2lkIjowLCJpc19yZWZyZXNoIjpmYWxzZX0%253D%2526hash%253Dabb40389e4b68a140d2accf476695048%26bannerNum%3D95419707937374220&ref=https%3A%2F%2F2plus2.ua%2F&top=https%3A%2F%2F2plus2.ua%2F&frm=24&vis=1&scr_x=-12245933&scr_y=-12245933&psz=600x354&msz=600x0&fws=256&ohw=0&ea=0&ga_vid=914595655.1650792080&ga_sid=1650792080&ga_hid=1869559307&ga_fc=false&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

646c32e35e151665ef859f8cc5c59a909dd3681f4f0857ef19b4e818a87bce50

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLjuqdyvrPcCFdXruwgdEcgL5A&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLjuqdyvrPcCFdXruwgdEcgL5A&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33192
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 24 Apr 2022 09:21:20 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vid4.tsn.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DBD2 6 KB
3 KB 76ms
49ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vid4.tsn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:20 GMT
expires: Mon, 24 Apr 2023 09:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=179405997&t=event&ni=1&_s=2&dl=https%3A%2F%2F2plus2.ua%2F&ul=en-us&de=UTF-8&dt=2%2B2%20-%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=2d7kku&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=347430055.1650792079&tid=UA-3838466-26&_gid=1218911043.1650792079&gtm=2wg4k0W2BBRKX&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fal26fychxj%2F1whovga%2F2d7kku&z=1793299482

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Apr 2022 13:28:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71600
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
25 B 326ms
326ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Sun, 24 Apr 2022 09:21:19 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 6F75 153 KB
53 KB 74ms
73ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/12XPPTDu?autoplay=0&l=ua&logo=plus2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Mar 2019 13:06:09 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 24 May 2022 09:21:05 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A2B0 14 KB
11 KB 153ms
63ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a525aa66d7ff9cd427528325167561440fd6058d7fab4f4b4d2d2de32e71448e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10607
x-xss-protection: 0

GET
H2 200 c7cdf394dc8482759f9077a41e4abf22.custom.jpg
images.1plus1.video/card-5/12XPPTDu/ Frame 6F75 512 KB
512 KB 100ms
99ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/12XPPTDu/c7cdf394dc8482759f9077a41e4abf22.custom.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Wed, 23 Feb 2022 17:22:14 GMT
server: nginx
etag: "8cdf6bac6c3c122e283456481462d852"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 523866
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
DATA 200
OK truncated
/ Frame 6F75 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 6F75 24 KB
24 KB 124ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:48:08 GMT
x-content-type-options: nosniff
age: 383592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:48:08 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ Frame 6F75 44 KB
44 KB 123ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 383750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:45:30 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 6F75 22 KB
6 KB 59ms
59ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Sun, 24 Apr 2022 21:21:20 GMT

GET
H/1.1 200
OK 4844 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 6F75 5 KB
2 KB 102ms
102ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/4844?cid=12XPPTDu&vct=3&_t210276590423
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 843833f27c6fc80007f3d829a57eba1f34767863c3d61f5dc56f9da26c4742d0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:20 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 6F75 41 KB
11 KB 58ms
58ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11182
expires: Sun, 24 Apr 2022 21:21:20 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 6F75 33 KB
13 KB 124ms
80ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Tue, 24 May 2022 09:17:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6F75 376 KB
126 KB 174ms
74ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128368
x-xss-protection: 0
expires: Sun, 24 Apr 2022 09:21:20 GMT

GET
H2 200 7685b7308bb44288c4f399496048c4df.220x330.jpg
images.1plus1.video/playlist-1/945/ Frame 6F75 59 KB
60 KB 933ms
933ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/945/7685b7308bb44288c4f399496048c4df.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Thu, 20 Jan 2022 12:33:22 GMT
server: nginx
etag: "8bae3cce1b9ac9a8d0dc652c45b532de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 60741
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
images.1plus1.video/playlist-1/5312/ Frame 6F75 32 KB
32 KB 1426ms
1426ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5312/74a4f00b1034d1e5de44c52c5afaf1fd.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Wed, 19 Jan 2022 15:44:36 GMT
server: nginx
etag: "051dae29b6412985e0d02f1883f31c84"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 32599
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
images.1plus1.video/playlist-1/5252/ Frame 6F75 86 KB
87 KB 1063ms
1063ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5252/c9b0c9a776f78f3b56b9024ff259bf6d.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=eacbf4335f801d7aa63e99545d1ca27c74a15fff
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Wed, 19 Jan 2022 15:43:20 GMT
server: nginx
etag: "90f688b5780469424dc2f50e497a080f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 88537
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 228b454045e09c310f5527498a6a5ce1.220x330.jpg
images.1plus1.video/playlist-1/120214/ Frame 6F75 81 KB
82 KB 1423ms
1423ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/120214/228b454045e09c310f5527498a6a5ce1.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Mon, 08 Nov 2021 14:27:00 GMT
server: nginx
etag: "71bf4a961435d1e5ba11acad363e4916"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 83351
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/10772/ Frame 6F75 14 KB
14 KB 1638ms
1637ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/10772/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 27 Oct 2017 07:02:21 GMT
server: nginx
etag: "26ad09546b4e87969d932db4f3ddc063"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13879
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
images.1plus1.video/playlist-1/7441/ Frame 6F75 43 KB
43 KB 1578ms
1577ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7441/59c27a9e093f1ea64707f67133bcd71f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Wed, 26 Aug 2020 15:55:10 GMT
server: nginx
etag: "2a81b5e2906718ff87f0cab7caa5818e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 44174
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 6377a284bdacb578df4878bc8331958f.220x330.jpg
images.1plus1.video/playlist-1/7444/ Frame 6F75 42 KB
43 KB 1278ms
1277ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7444/6377a284bdacb578df4878bc8331958f.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Wed, 26 Aug 2020 15:52:34 GMT
server: nginx
etag: "ffb806c41dc466bdf688de555519a6ee"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 43433
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
images.1plus1.video/playlist-1/7442/ Frame 6F75 53 KB
53 KB 1278ms
1277ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7442/c86c98626e6650b7cc45b9399ba831a7.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Wed, 23 Oct 2019 08:24:22 GMT
server: nginx
etag: "05c80966c5cb92f8fc27ec548a7ea448"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 54238
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
images.1plus1.video/playlist-1/103957/ Frame 6F75 74 KB
74 KB 1203ms
1202ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/103957/55f1bedc694d3cc5486c48c37f4c37cc.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Wed, 03 Feb 2021 13:04:39 GMT
server: nginx
etag: "f6b24d693a392d33eccdd561badd41d4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 75576
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/9960/ Frame 6F75 14 KB
14 KB 1422ms
1421ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/9960/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 27 Oct 2017 07:02:02 GMT
server: nginx
etag: "d341bae25e9d8c82ed89d493016581f7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 14487
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 1757fcb6a34daa11f893254fee0138b4.220x330.jpg
images.1plus1.video/playlist-1/7446/ Frame 6F75 42 KB
43 KB 1708ms
1707ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/7446/1757fcb6a34daa11f893254fee0138b4.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Wed, 26 Aug 2020 15:50:23 GMT
server: nginx
etag: "f2333e2ee23e5c2e678d7020c404c167"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 43372
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/46079/ Frame 6F75 16 KB
17 KB 1690ms
1689ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/46079/220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 27 Oct 2017 07:19:12 GMT
server: nginx
etag: "49f87d8676cf58992125d43f8dfe90bd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 16618
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/41551/ Frame 6F75 9 KB
9 KB 1637ms
1636ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/41551/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 27 Oct 2017 07:17:24 GMT
server: nginx
etag: "c6748e2cfd7e4055f74da8f1ff19ffa4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 8833
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
images.1plus1.video/playlist-1/659/ Frame 6F75 37 KB
38 KB 1851ms
1850ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/659/12b3926bb861a8b9a74c7c08aa0b50c5.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 26 Jun 2020 10:56:32 GMT
server: nginx
etag: "e245ad3d562db3f3947df4042e215baa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 38340
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/44376/ Frame 6F75 14 KB
14 KB 1846ms
1845ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/44376/220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 27 Oct 2017 07:18:50 GMT
server: nginx
etag: "396db528b829a5251e8fc08d8ff63368"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 14386
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/41106/ Frame 6F75 13 KB
14 KB 1761ms
1761ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/41106/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 27 Oct 2017 07:17:14 GMT
server: nginx
etag: "0320d58c71f341a6792beac800431198"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13823
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/48/ Frame 6F75 12 KB
12 KB 1862ms
1862ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/48/200x335.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 27 Oct 2017 06:54:58 GMT
server: nginx
etag: "2fc219c3f164ac38c04373b9337a23ee"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11853
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
images.1plus1.video/playlist-1/126226/ Frame 6F75 47 KB
47 KB 1778ms
1778ms Image
image/jpeg 195.137.240.20
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/126226/56bed3dbc2477b78fa6cf738a9952f4e.220x330.jpg
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.20 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Tue, 09 Mar 2021 11:43:06 GMT
server: nginx
etag: "63d497ab8c8f34bcf71c318a6f3101bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 48068
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sun, 24 Apr 2022 09:21:20 GMT
expires: Sun, 01 May 2022 09:21:20 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 6F75 281 B
353 B 57ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 93d9d927f3bc739d7673652c574bf52e2f57f832c0cec2f10d20e1d737e1b97c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Tue, 24 May 2022 09:21:20 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 95DB 5 KB
3 KB 59ms
58ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 0d52ea2ba28cd3875257f7ef6e1b07c5be8205f0f62ca027dd5a7d6ea468b751

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2719
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:20 GMT
etag: PRIVATE7520710249
expires: Tue, 24 May 2022 09:21:20 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A2B0 17 KB
6 KB 2643ms
2554ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 09:21:23 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=50F32DAAE38745369AEA0606F542A28C&RedC=c.clarity.ms&MXFR=2745B93786E1681A18A8A8A782E1663E
https://c.clarity.ms/c.gif?CtsSyncId=50F32DAAE38745369AEA0606F542A28C&MUID=30D1410E915462BE0D43509E90EF633C

42 B
391 B

41ms
41ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=50F32DAAE38745369AEA0606F542A28C&MUID=30D1410E915462BE0D43509E90EF633C
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:20 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 975B2F530C334E018C04D363D0831FD5 Ref B: LON04EDGE0814 Ref C: 2022-04-24T09:21:20Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=50F32DAAE38745369AEA0606F542A28C&MUID=30D1410E915462BE0D43509E90EF633C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 136ms
54ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f180d52d5b722250d977629249155fca68b8d939bb323e0982c15631d797776e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10443
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FE8D 13 KB
5 KB 181ms
61ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=2plus2.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5134
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:20 GMT
server-processing-duration-in-ticks: 2394
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 container.html Show response
fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 376C 6 KB
3 KB 123ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vid4.tsn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:20 GMT
expires: Mon, 24 Apr 2023 09:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1650792080626/ Frame 6F75 2 B
201 B 58ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1650792080626/redot.js?l=107&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1650792080854%7C_SP%3D12XPPTDu%7C_SPD%3D2plus2.ua%7C_SPV%3D100%7C_SPR%3D655x370%7C_SC%3D12XPPTDu%7CcurrentDomain%3D2plus2.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D4844%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D655x370%7C_SCT%3DChomu%20ne%20varto%20vikladati%20fotografiyi%20ukrayinskoyi%20tehniki%20ta%20vijskovih%20v%20internet%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DNWS_2P2%7C_SCD%3D210%7C_SCTE%3DVideo%7C_SCPD%3D20220223%7C_SCTY%3D12%2F00%7CcontentType%3Dnegative%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2F12XPPTDu%3Fautoplay%3D0%26l%3Dua%26logo%3Dplus2&ref=https%3A%2F%2F2plus2.ua%2F&screen=1600x1200r1000&col=24&window=655x370&ltime=77&lsdata=Bal75g44QhLTRpBFgZLR_zKWDBVcGDWyZ5zwUYQzfM7.J7A_YJFJuZg9hBObYyBbXvEEJENH9_3K7fPjD0jNPi1GRdnW/KZsFzNXSL3hW9/&fpdata=-TURNEDOFF&vis=1
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:20 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Sat, 23 Apr 2022 09:21:20 GMT

GET
H3 200 bridge3.512.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame CEC7 631 KB
205 KB 127ms
43ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155044da3bf9c8ad13a0788720b187d7d78971f4acc628e695c5c52aa31469c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 307330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209646
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 19:59:10 GMT
expires: Thu, 20 Apr 2023 19:59:10 GMT
last-modified: Wed, 20 Apr 2022 19:54:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6F75 44 KB
17 KB 139ms
51ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Apr 2022 09:21:20 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6F75 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2366ms
2366ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 09:21:23 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9494 37 KB
13 KB 124ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 24 Apr 2022 09:36:10 GMT

GET
H2 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 376C 84 KB
30 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 18:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 24 Apr 2022 18:01:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FE8D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=2plus2.ua&sn=ChromeSyncframe&so=0&topUrl=2plus2.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=eX1f1XxBSnVMNGduWUNNSHdaVm92RGNPMUdUN2J5dldKcFBmZHJ4NW00b2ViemZraUE4cndkVmJ6WXQrejZjTThmbmFUUS9TT0dTQVd6d1JtdXoxMXpFUnd2NDZTeXY1eFQ5REJ5SFFkcWtRZmpYRUlLenhjZW9mcS8zN1...

415 B
623 B

225ms
39ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=eX1f1XxBSnVMNGduWUNNSHdaVm92RGNPMUdUN2J5dldKcFBmZHJ4NW00b2ViemZraUE4cndkVmJ6WXQrejZjTThmbmFUUS9TT0dTQVd6d1JtdXoxMXpFUnd2NDZTeXY1eFQ5REJ5SFFkcWtRZmpYRUlLenhjZW9mcS8zN1dtMy92QUM0OWRmb2VKUTdFcFlhUkoyM2E5UlcwOXNkQUtoWVg2UE9Tbkw5MXFkNVdsdXN2VVRJcFdoWWxMdzZpTVNqV2FpdVphc092U0p3MXBDUzdPUzloRHFKV0c2aDQvREZxa0tvTjFvQ2hyNThyTFl0d3h6bENvQjdFdjI1UEppV0dTZ2pTTkZWd0duaXRvMFl5ZmszaEZPUGF5Zz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6292c1309f3d1ec36d29eadbab333681e7b40b31e1ca87fe0b121ada81fdc3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4668
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:20 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=eX1f1XxBSnVMNGduWUNNSHdaVm92RGNPMUdUN2J5dldKcFBmZHJ4NW00b2ViemZraUE4cndkVmJ6WXQrejZjTThmbmFUUS9TT0dTQVd6d1JtdXoxMXpFUnd2NDZTeXY1eFQ5REJ5SFFkcWtRZmpYRUlLenhjZW9mcS8zN1dtMy92QUM0OWRmb2VKUTdFcFlhUkoyM2E5UlcwOXNkQUtoWVg2UE9Tbkw5MXFkNVdsdXN2VVRJcFdoWWxMdzZpTVNqV2FpdVphc092U0p3MXBDUzdPUzloRHFKV0c2aDQvREZxa0tvTjFvQ2hyNThyTFl0d3h6bENvQjdFdjI1UEppV0dTZ2pTTkZWd0duaXRvMFl5ZmszaEZPUGF5Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1919
content-length: 541
expires: 0

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
197 B 58ms
57ms XHR
text/plain 185.239.173.66
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458553/hbw_master_298309_11708.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.173.66 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Sun, 24 Apr 2022 09:21:20 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H2 200 3402864653013247709_17655856817315917845.jpeg
static.doubleclick.net/dynamic/5/368727536/ Frame 376C 62 KB
62 KB 136ms
43ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/368727536/3402864653013247709_17655856817315917845.jpeg

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c62b53c850ed7a4b49afd96c9a30288917d295c8a64ab6beea8da69291b8cd49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 22:04:14 GMT
x-content-type-options: nosniff
age: 559026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63224
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 18:04:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 22:04:14 GMT

GET
H2 200 2388134090628874685_14709488864631812190.jpeg
static.doubleclick.net/dynamic/5/368727536/ Frame 376C 57 KB
57 KB 239ms
146ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/368727536/2388134090628874685_14709488864631812190.jpeg

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d416b44096111e19fb6150f8304cd39b580f6fa9b1c49a4f6937de4d924b570a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 05:34:33 GMT
x-content-type-options: nosniff
age: 13607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58667
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 18:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Apr 2023 05:34:33 GMT

GET
H2 200 15321003226878738309_16148699831622989002.jpeg
static.doubleclick.net/dynamic/5/368727536/ Frame 376C 53 KB
53 KB 180ms
88ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/368727536/15321003226878738309_16148699831622989002.jpeg

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e99085c8cdfa85075b2de5790539cc5ab06de9d5d401232b6bc2440362f3037b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 05:08:20 GMT
x-content-type-options: nosniff
age: 533580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53858
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 18:10:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Apr 2023 05:08:20 GMT

GET
H3 200 17358737545053659026
tpc.googlesyndication.com/simgad/ Frame 376C 4 KB
4 KB 131ms
46ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17358737545053659026

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464db0771f1ab3055cab31a882499224a1aff66a2e59a89ab4fdda18f5f5ab71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 11:25:11 GMT
x-content-type-options: nosniff
age: 510969
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4257
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 09:11:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Apr 2023 11:25:11 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 376C 0
0 82ms
81ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXfxQkBZlYrjmDtXX7_UPkZCvoA61qNfEaYXVuqSWDqu66uGODhABIP3_hSNgu4aAgNAKoAHtvKPPAcgBCakC6vCDEzIfsj7gAgCoAwHIA8sEqgSLAk_QS03FOlU-7mGHbVZ5rgGptIL1EfSmXxlKAIfEcrwLTqU564gGsBwQ-NKSQQjajjCAFDiUSlqVTCRQuaSsiK7E2atqrehJ91SKQePf08X3l69XAcfGQou8GnOrRegfzw24Jlk70vS1WLRpuJXGBPjrSSXz_RShxH5EVncC5MeRfmd-_cM2Wk_1HhaAK1KRc-dpsnAUC6yOCQZ4SY_aLSL0CgdaFmL611VUwpcrlzQ8E_6W8tfffsdJhhAb_YST4g7uLiJVZR-euZcGJf_t1cCSHcSUvF-EpyRJR9zOAPJISO7Xd_VBAYUi8QXEUUaXxYajO6_vDPGqsOvzhU759FgXAnOzc_jap99iBsAE-LKfoN0D4AQBkgUECAQYAZIFBAgFGASgBi6AB_vC3LACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJ2ADdIICQiA4YAQEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=E2_KqDiQSzM&uach_m=[UACH]&template_id=494
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 376C 19 KB
8 KB 120ms
41ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:12:43 GMT

GET
H3 200 container.html Show response
8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0EC4 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:20 GMT
expires: Mon, 24 Apr 2023 09:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame A4D1 222 KB
61 KB 154ms
49ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 168603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A4D1 16 KB
6 KB 149ms
44ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 168603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A4D1 96 KB
29 KB 225ms
120ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 168603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A4D1 5 KB
3 KB 146ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 168603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame A4D1 42 KB
13 KB 241ms
136ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 168603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
DATA 200
OK truncated
/ Frame A4D1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b091c5af06d5b4f964b9051ca828039ce57fe76901e18dda9a85a0b9fff3511e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DEFE 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042001.js?cb=31067243

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:20 GMT
expires: Mon, 24 Apr 2023 09:21:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2378730259558725807
tpc.googlesyndication.com/simgad/ Frame A4D1 25 KB
25 KB 42ms
41ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2378730259558725807?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnoTRARifRdfFyj_N9rCAAwTIpaXw

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17009d2a581f38e48caaa8e0bf2f247150076d1e96fd708a353f787cbb0f49bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 20:04:45 GMT
x-content-type-options: nosniff
age: 393395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 07:29:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Apr 2023 20:04:45 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4D1 3 KB
3 KB 60ms
59ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 6691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Mon, 25 Apr 2022 07:29:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A4D1 344 B
368 B 41ms
40ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 58935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 24 Apr 2022 16:59:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A4D1 0
0 86ms
85ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0pHhjxZlYprrOeue7_UPp8m8gASZ0r_aaY-Y3t39D9vZHhABIP3_hSNgu4aAgNAKoAHUl_rzAsgBAuACAKgDAcgDCKoEhwJP0EhjPtguufOjgp82AB9s3nyc1ycj2gAL5U6qYejAJfLNveTUrxZzpt1pPDxKFMbcsjOnor0L0OIXIVhiNHhSGZPSMRurmenoa4QX7kpfP2IiCvd_wdy8qoQ4zjb1Y7-ZpvN31RD0zDVFfxTT7v-2f4MITfybRL5gwqv6o_Y8-8BPeMMX8yjlfCuriU0gt1iM_Apwh0InYs4B7lrpz32R4_yc6emKQDdybn0JoFFVhpYBB0acE-Fb6PA9ok0xJHwrqNQhZyuqbOlEJVpKHI06yszaB9pa5MntofuB9KiQs5zJMiI97GrZgSnhIYHCP8sIp4abKlRdeHRoyVOxVvpcz8ipGrBjqMAEuvzVk_4D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB5TohYwBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQs-ct0ggJCIDhgBAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTkxMzgyNDc2NTM3NTQ1MzMY1dsW&sigh=B07C9d0yexs&uach_m=[UACH]
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D40E 624 B
529 B 143ms
53ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARigqPHGATAB&v=APEucNXZz9CfUqCz2GNqr69_uzc0JsLnZ6jnkKy_z3QI5kCA0I7IaSsrsJL17UE4Lw44EKC5qB7eGWF5PuhVYyXwKKDnAHfonfD-VMWvY3X_7bRkE20oN08URPEFIKg5HVFJ0hY7e0vEbHFBRYqEyfiQ07PNtmTwfr1kpZq1QzeQDBLW46p7O80

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0EC4 27 KB
16 KB 163ms
72ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjQrHVByd1AfikYnHdUx3Xl4HU872nleCFKDDmNdCcXgmtowPI6HrNxsCTevdub3Wn896Rt_OUxk-H9cuUyno3ce5C28me1nk3P_C6Iq7qXb_Bu6Ogj2k9wwbwNr8GcVmks7odhk7BNUG5cqRHIbUPk3Kdag&dbm_d=AKAmf-BRlQ0XwiFFV9trlkGm1uKxdx0o-i96unt1-Ft_ASNoKCRDwJ-QiytrYppVmjm2kDB8qo5-NE04R446BZNi3t4rF0xMEAVB4vA4ROP_xsOWp10j4HYb7b8rGZNnCmZLMWvgfTECFRN77XevLQcqEjirkI7ZUf10_VmzlnryV_owxdClLlf5rm6oqQ5VjF45gJmtxJfQxMcm1tltGHctUqsIys3SWpEZ9B2V-foUK2xNQo_kS56jIwteVuI691I-91qF9jkxlbdUuHoYB2VjcvDF2I-0o9fd2ir6LaWuKQHuMVyKa5A4xhM4OF1w5uRm43zgCKTpUzSbAwBUZZMXaY9En6EsyB4_6DxVZZGi9_xu102na7NZ-lK2TzDYIlbptkDCGoxuW0ZkXJ2WdVnYclugbiKQexlOs8riCIFQ_eM2DO7MYY5zCOmApHeI4INhpdrbavO4Qd7b2CSNdMsShtid5pjKo7Z4G61vh-STpUz0xJWBss1om4BRKjgYgh8AsgL2926_nffm1_HE-GAZPfA8GRIGhcRpd3d9mxgTHsqWbvXy9XIcegWRbuXLDI3OS6hOt1OELPT2WXCaj-ARelocpUCaiU9z87PoxKK7ojkammeK3TyMzz12Rk4-4_nKKVE4-490OpBGvhJbOsKXyZhP9rqkEgnNtuL4Ukfu60gpAHbJAJQS4aJztYX2oCLxJuXppGZ9Az0UmHzSFXLXYMrGRkV0rwNflB7jg5O5NQaXJ1A1u7DGVDB1hHmgJRthxWRSy2W3-TIhJ1jE-p9lWSPO38D_nubIlXcQvETNJTj-ZDv_hgoQjqwLHIVTJ4uXntXccjV1c3mtciqhHVDhRbk80PJCaIOCfE8qHik1W0c4CJ2WdJNC7U2KqILTkidXsdxMTCeFuTDjF3EqNDCeFwGRR1LTWLmQcbb2xiUAKL4kwffAQjKO3ob9D2fIern0RWNQ1HjaojozcLW7FuuGpb-UK41TAhI72JMWeq5PIXH8xLIp7wBANOQoaF1Q4kCeE4kn2ohQpNmJga3Y5imZyS-yfOTMl-1PjkeketwLJ9JTWODl-QtEjvRwdWGYY4O1WaZtfHian9V9-1UCpKzmHnNf_ggdetpp7PpFGctBvpvv9IZQUOnkafzWPA105t0O01o9WrMrBnPsUlUL9_SGZ5oZNeMZKwKm_41silU9QjFThNvliJBwDteph-n583ruvfp8N2BZlXQA_l9EtVtsQWhkrbesPZJrCmph4tV-HnddcSflhNjJLobsPHqKRFwvh6wY9shpFNPWIvQFjFjEj71JCHXR9NjUpejt7bPMNh4APJK7TaKKUn8wa7GdswerffcyTTx8ZWiFbgHxSc-FzICFXZHorWu5eOi0XZkIZBCuyTitXRjYb5b8U9n7PpFUZpi61o4V1_EC-AJ4bkoyAS7nal2R9a8WKv9wmrlNlc3DDOQCgn1LhpGg2pkUti0mhZAy3y5-HtzxXyRNxxSxiEXTUq1qXvRF6Fh5Cp2X26mSA76ZOClPi3gdQ89i0CiEoAx-UI4ddIMWK6ssoLQLFn6jZo1YGgGYmY6GsnU_3A1_MRu5n4ak--4rNjX39FIww-4FxXXUinWl4H7ZcvLGO1D0_6DU8RVxQ4zmgH97YD_ZnErG1962WPshhvoyg0ikvDQ4xGX6_XP1B94-Ke0AxzZ674rfQlFa52Alxm_sPVqalBV0xbJfbh3RfJ70_cjeTuP6SCoykqT1P5x4ihjQEppbQJSc3M9DWDN6KwNR1dTqoR2Qf3ArQ5R5x5YvRQ172hzbKd8Il5DajyUqaKtyqNYzcpo44GApyBuQfWzUPaKyP0ekQ-1ffIxyQGE3UFiymanhXBrgiWw6LCYI82Qt_U93ypz7FcfciZjqV9PYsT53hpzIp25aWEOx2EdHJjovrjLl4iKnrZ5ZB0iauWSWccjddIjor-bbylWJRef06XTUIQPSnRJti7-j6Q3Ag_jxGjZ7bHr42j0Lp7ecMSqTy1CSTaFuTW4h3rfoL6n-mgQwxPNVVCURwr5a3rwy7JLMpbAFkJv6P_-XeWUWGXpNil2_6Pn9VWBVpAybvSXxbzCx_liq3aKe2vk5lO5m3TkuhkdZSPrQEKyf39FM2axfLxbwiFkL4aWkJ6qBSfh84TfKF5x788oHZ7L7eBk8W8hpRgGaehSaENyEiRsmW_n5WdR3TbsPCcdUeXS2IDiLwEjMwJb8L8WvFLII9fUFCslhLTzMwGc2we33o-lxoYN0tZZJH8H6p1AMlIqaqPN7x6kr269P5AeE3RjknwLgIbBNSwFLMZXWuVIaKKEqJy6Dwb-_MTLU2-m14Bi5hME00rEZnN_MuP-A7brJuWJKANCMSHM-roTFNq6i0aDRhzqlwlHKzIM4jPDgxghL2vp83a8nMlGfJ6lu9vegq73KH9fz3f7BAJRjqTQERHkY3QyIxP2gO52PpWGNBIv0KQE2jFCYsIQmVHLIzbs2kqlLZc4yiPNNkysHGYvMccVvr3Xw6xc4GyOcAaV11t9hBlY-CkZq0VCpp-GZXxRDY9Zv-ih9hZRoQto-EfVmfrbzPk7q93x_jbGC6IlqxTp3TrJNPGduFfBRpqZgMX5W9izg7LZXUJY5ea6G9EaSMDACBnHzGYbqKoCmE35hwhBY-V0bQ16_Kh84a0E7cTuZXuLquKzmzDNGKmt7QwgOaoG6UU5FiCxvvx5DbyKNUGUFh_yTlzLD9g22RwwHgebWbYmL7UOsdMtaRswcipR_TQazvouFz7TjUPRaiMZZfj29N-NFP8GfYhMoe6jaUHvxyunRkl9sOP_lcqr2BVxztPbbgnvMebWp4Un4QEJJNl6A4o-uIoeL8FdkBV3nzLkVcUYxdUv6_W_bH8k0ADCYnvFzxQugaZvJuv-qI8374u7v-sXCUZYGixzjiXqVTuQAhLyLA3Az780HOyi-MMbd18ObqNeMWxGZFBcIhLshGuM_CdwvPf9riuGFoYzwgaPdOGBlZ247ioWsvRGkzNSmPr0M6c-3p25WNnje77-7VmE5-9Idz4y47ue-LTBNRDnjQC3vRJP1cvZl1DbBZKpIQkN22O2hQ51dCnQh00KacNJ0zjedVuS5KgscWRY9BiQBQ8WVmcncIM_64TOpCHCAQ3I8tsaQTOwxckIXg4fmEL8Fou44HbmjOcJvcCA2dwYLxjVAl3M3ohE0jOI3oJD8SEeTiV55LoCcENsVUQoIzXowwUgUle28X4F_-lrRN8E6STTH_37ewStC66pkUoVwbSQSSCGI4SHMHWUABZo8NilDvdUnkE5jEkG9vftmP6xr8qktG3tU24ePWOibEAZq2B3Gj_8sTOfJFHsxMy0Ozmh51jGv9JQIYOgK-md1r62uSr9dQm04GMBGIWKbkc2M37PvOhRn6aIJcInYPqSg_dCYl8D090pI_PFy7NaIc-TBLnUZ44yVdPsJlCHuPrE7oHJIqfKoY3kaeO8JPFncGvNzLhoDrw3TRMyTXr0&cid=CAQSLQCNIrLMRL8z8qZPDB5dk2uuSLR75m0EbxPZSE5IhDm851JfxZl3wrXNHLLi5Q&rfl=1%2Chttps%253A%252F%252F2plus2.ua%252F%240

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e5bd2a2e1f478dd665bfe6044c620d18726b81823ceb958ee6bf61a3e204e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16475
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EC4 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dvqh4LhpwdP97Rq6YFTZgH2TnANf2wpZQlxIAqbbiXP2U0rfRjxh5nVVBsPMbdSwl0Z5eVgiLGszRpZwv4-gkQ2WaxTAWwE_3YpVPAZI7k8-0S4sk

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 0EC4 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:19:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EC4 119 KB
36 KB 138ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 09:21:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 0EC4 15 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:15:44 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA83 143 B
426 B 115ms
42ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 09:09:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 376C 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:19:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 376C 119 KB
36 KB 154ms
86ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 09:21:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DEFE 8 KB
892 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 07:58:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 09:21:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 09:21:21 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame DEFE 2 KB
904 B 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:12:24 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DEFE 0
0 85ms
85ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbAdRjxZlYpvrOeue7_UPp8m8gAS6k9zzYLCXwdz_D8CNtwEQASD9_4UjYLuGgIDQCqABlYeM1gHIAQmpAgndJQolirU-4AIAqAMByAPLBKoElQJP0JiuoynUjGAfPBK5SkM2jb-t_xpaOvxx2RZxpcJIxl-KWSoAGJ2wyBSVBoPVAlU7xTWTUYMnNocbeo5jIGGiV8lDjQjJGfR-gfwzkGLNa2PYTRQON5J2287yX63bNX4jFH35HebhEU8M6iWLv08R_AfkFb0Ny9ELPDjWLPVNjl2IW-fStYH-ZvtthJxz59VyaITDjNN5rGJB7ZvNBa_voY8EGR5x2x-3PSBh35k1W7lPEbOoCmopw65Z7p2wlnfOHmMtU-fMuUnG18yi7SEDMm6nILJyzgBmDo09J8L0pAAoe4CJUzi1Gnu7QEi8QNyZkHTfhLYBqN9uY5IsBocP3z1bPMwEIJ-stUCJK7XSoVEymnQjwASNk62RqgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH0_jzqQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRC2u4wB0ggJCIDhgBAQARgdgAoDyAsBuBOIBNgTCtAVAYAXAbIXHgocCAASFHB1Yi05MTM4MjQ3NjUzNzU0NTMzGNXbFg&sigh=NbtShaOzJPQ&uach_m=[UACH]&template_id=520
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame DEFE 19 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:12:43 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame DEFE 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:19:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEFE 119 KB
36 KB 124ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 09:21:21 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame DEFE 15 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:15:44 GMT

GET
H3 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame DEFE 30 KB
12 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 14:06:22 GMT

GET
DATA 200
OK truncated
/ Frame DEFE 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame CEC7 753 B
1 KB 103ms
102ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=2plus2.ua&r=YUhSMGNITTZMeTh5Y0d4MWN6SXVkV0V2&w=655&h=370&c=12XPPTDu&d=web&p1v=0&pid=4844
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a5422702826b8124b5783d90b9d768b669b41e10247ee353ecc7bf7854436ded

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:21 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A4D1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

172ms
86ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 2plus2.ua
URL: https://2plus2.ua/
Protocol: H3
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sun, 24 Apr 2022 09:21:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D40E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1&C=1

43 B
1012 B

118ms
117ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARigqPHGATAB&v=APEucNXZz9CfUqCz2GNqr69_uzc0JsLnZ6jnkKy_z3QI5kCA0I7IaSsrsJL17UE4Lw44EKC5qB7eGWF5PuhVYyXwKKDnAHfonfD-VMWvY3X_7bRkE20oN08URPEFIKg5HVFJ0hY7e0vEbHFBRYqEyfiQ07PNtmTwfr1kpZq1QzeQDBLW46p7O80
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 24 Apr 2022 09:21:21 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 24 Apr 2022 09:21:21 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D40E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmUWkcX7AqFVasCARQeSfwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1

43 B
892 B

105ms
105ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARigqPHGATAB&v=APEucNXZz9CfUqCz2GNqr69_uzc0JsLnZ6jnkKy_z3QI5kCA0I7IaSsrsJL17UE4Lw44EKC5qB7eGWF5PuhVYyXwKKDnAHfonfD-VMWvY3X_7bRkE20oN08URPEFIKg5HVFJ0hY7e0vEbHFBRYqEyfiQ07PNtmTwfr1kpZq1QzeQDBLW46p7O80
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:21 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 24 Apr 2022 09:21:21 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF59hoMm9jy5Q0dTIvHdiH4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D40E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKMLt8BeC8gcBK5KsOC5brk&google_cver=1

43 B
1020 B

52ms
52ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKMLt8BeC8gcBK5KsOC5brk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ07blARigqPHGATAB&v=APEucNXZz9CfUqCz2GNqr69_uzc0JsLnZ6jnkKy_z3QI5kCA0I7IaSsrsJL17UE4Lw44EKC5qB7eGWF5PuhVYyXwKKDnAHfonfD-VMWvY3X_7bRkE20oN08URPEFIKg5HVFJ0hY7e0vEbHFBRYqEyfiQ07PNtmTwfr1kpZq1QzeQDBLW46p7O80

Protocol

HTTP/1.1

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:21 GMT
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a2e9c86b-2cf3-4030-99cc-c66a86f48ad7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKMLt8BeC8gcBK5KsOC5brk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D40E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4NzI3NDc5NzcyMjc5MTc0Mw%3D%3D

170 B
188 B

135ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4NzI3NDc5NzcyMjc5MTc0Mw%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:21 GMT
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5d103a5c-4b90-4574-92f6-61f5e0f342b5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU4NzI3NDc5NzcyMjc5MTc0Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 0EC4 25 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjQrHVByd1AfikYnHdUx3Xl4HU872nleCFKDDmNdCcXgmtowPI6HrNxsCTevdub3Wn896Rt_OUxk-H9cuUyno3ce5C28me1nk3P_C6Iq7qXb_Bu6Ogj2k9wwbwNr8GcVmks7odhk7BNUG5cqRHIbUPk3Kdag&dbm_d=AKAmf-BRlQ0XwiFFV9trlkGm1uKxdx0o-i96unt1-Ft_ASNoKCRDwJ-QiytrYppVmjm2kDB8qo5-NE04R446BZNi3t4rF0xMEAVB4vA4ROP_xsOWp10j4HYb7b8rGZNnCmZLMWvgfTECFRN77XevLQcqEjirkI7ZUf10_VmzlnryV_owxdClLlf5rm6oqQ5VjF45gJmtxJfQxMcm1tltGHctUqsIys3SWpEZ9B2V-foUK2xNQo_kS56jIwteVuI691I-91qF9jkxlbdUuHoYB2VjcvDF2I-0o9fd2ir6LaWuKQHuMVyKa5A4xhM4OF1w5uRm43zgCKTpUzSbAwBUZZMXaY9En6EsyB4_6DxVZZGi9_xu102na7NZ-lK2TzDYIlbptkDCGoxuW0ZkXJ2WdVnYclugbiKQexlOs8riCIFQ_eM2DO7MYY5zCOmApHeI4INhpdrbavO4Qd7b2CSNdMsShtid5pjKo7Z4G61vh-STpUz0xJWBss1om4BRKjgYgh8AsgL2926_nffm1_HE-GAZPfA8GRIGhcRpd3d9mxgTHsqWbvXy9XIcegWRbuXLDI3OS6hOt1OELPT2WXCaj-ARelocpUCaiU9z87PoxKK7ojkammeK3TyMzz12Rk4-4_nKKVE4-490OpBGvhJbOsKXyZhP9rqkEgnNtuL4Ukfu60gpAHbJAJQS4aJztYX2oCLxJuXppGZ9Az0UmHzSFXLXYMrGRkV0rwNflB7jg5O5NQaXJ1A1u7DGVDB1hHmgJRthxWRSy2W3-TIhJ1jE-p9lWSPO38D_nubIlXcQvETNJTj-ZDv_hgoQjqwLHIVTJ4uXntXccjV1c3mtciqhHVDhRbk80PJCaIOCfE8qHik1W0c4CJ2WdJNC7U2KqILTkidXsdxMTCeFuTDjF3EqNDCeFwGRR1LTWLmQcbb2xiUAKL4kwffAQjKO3ob9D2fIern0RWNQ1HjaojozcLW7FuuGpb-UK41TAhI72JMWeq5PIXH8xLIp7wBANOQoaF1Q4kCeE4kn2ohQpNmJga3Y5imZyS-yfOTMl-1PjkeketwLJ9JTWODl-QtEjvRwdWGYY4O1WaZtfHian9V9-1UCpKzmHnNf_ggdetpp7PpFGctBvpvv9IZQUOnkafzWPA105t0O01o9WrMrBnPsUlUL9_SGZ5oZNeMZKwKm_41silU9QjFThNvliJBwDteph-n583ruvfp8N2BZlXQA_l9EtVtsQWhkrbesPZJrCmph4tV-HnddcSflhNjJLobsPHqKRFwvh6wY9shpFNPWIvQFjFjEj71JCHXR9NjUpejt7bPMNh4APJK7TaKKUn8wa7GdswerffcyTTx8ZWiFbgHxSc-FzICFXZHorWu5eOi0XZkIZBCuyTitXRjYb5b8U9n7PpFUZpi61o4V1_EC-AJ4bkoyAS7nal2R9a8WKv9wmrlNlc3DDOQCgn1LhpGg2pkUti0mhZAy3y5-HtzxXyRNxxSxiEXTUq1qXvRF6Fh5Cp2X26mSA76ZOClPi3gdQ89i0CiEoAx-UI4ddIMWK6ssoLQLFn6jZo1YGgGYmY6GsnU_3A1_MRu5n4ak--4rNjX39FIww-4FxXXUinWl4H7ZcvLGO1D0_6DU8RVxQ4zmgH97YD_ZnErG1962WPshhvoyg0ikvDQ4xGX6_XP1B94-Ke0AxzZ674rfQlFa52Alxm_sPVqalBV0xbJfbh3RfJ70_cjeTuP6SCoykqT1P5x4ihjQEppbQJSc3M9DWDN6KwNR1dTqoR2Qf3ArQ5R5x5YvRQ172hzbKd8Il5DajyUqaKtyqNYzcpo44GApyBuQfWzUPaKyP0ekQ-1ffIxyQGE3UFiymanhXBrgiWw6LCYI82Qt_U93ypz7FcfciZjqV9PYsT53hpzIp25aWEOx2EdHJjovrjLl4iKnrZ5ZB0iauWSWccjddIjor-bbylWJRef06XTUIQPSnRJti7-j6Q3Ag_jxGjZ7bHr42j0Lp7ecMSqTy1CSTaFuTW4h3rfoL6n-mgQwxPNVVCURwr5a3rwy7JLMpbAFkJv6P_-XeWUWGXpNil2_6Pn9VWBVpAybvSXxbzCx_liq3aKe2vk5lO5m3TkuhkdZSPrQEKyf39FM2axfLxbwiFkL4aWkJ6qBSfh84TfKF5x788oHZ7L7eBk8W8hpRgGaehSaENyEiRsmW_n5WdR3TbsPCcdUeXS2IDiLwEjMwJb8L8WvFLII9fUFCslhLTzMwGc2we33o-lxoYN0tZZJH8H6p1AMlIqaqPN7x6kr269P5AeE3RjknwLgIbBNSwFLMZXWuVIaKKEqJy6Dwb-_MTLU2-m14Bi5hME00rEZnN_MuP-A7brJuWJKANCMSHM-roTFNq6i0aDRhzqlwlHKzIM4jPDgxghL2vp83a8nMlGfJ6lu9vegq73KH9fz3f7BAJRjqTQERHkY3QyIxP2gO52PpWGNBIv0KQE2jFCYsIQmVHLIzbs2kqlLZc4yiPNNkysHGYvMccVvr3Xw6xc4GyOcAaV11t9hBlY-CkZq0VCpp-GZXxRDY9Zv-ih9hZRoQto-EfVmfrbzPk7q93x_jbGC6IlqxTp3TrJNPGduFfBRpqZgMX5W9izg7LZXUJY5ea6G9EaSMDACBnHzGYbqKoCmE35hwhBY-V0bQ16_Kh84a0E7cTuZXuLquKzmzDNGKmt7QwgOaoG6UU5FiCxvvx5DbyKNUGUFh_yTlzLD9g22RwwHgebWbYmL7UOsdMtaRswcipR_TQazvouFz7TjUPRaiMZZfj29N-NFP8GfYhMoe6jaUHvxyunRkl9sOP_lcqr2BVxztPbbgnvMebWp4Un4QEJJNl6A4o-uIoeL8FdkBV3nzLkVcUYxdUv6_W_bH8k0ADCYnvFzxQugaZvJuv-qI8374u7v-sXCUZYGixzjiXqVTuQAhLyLA3Az780HOyi-MMbd18ObqNeMWxGZFBcIhLshGuM_CdwvPf9riuGFoYzwgaPdOGBlZ247ioWsvRGkzNSmPr0M6c-3p25WNnje77-7VmE5-9Idz4y47ue-LTBNRDnjQC3vRJP1cvZl1DbBZKpIQkN22O2hQ51dCnQh00KacNJ0zjedVuS5KgscWRY9BiQBQ8WVmcncIM_64TOpCHCAQ3I8tsaQTOwxckIXg4fmEL8Fou44HbmjOcJvcCA2dwYLxjVAl3M3ohE0jOI3oJD8SEeTiV55LoCcENsVUQoIzXowwUgUle28X4F_-lrRN8E6STTH_37ewStC66pkUoVwbSQSSCGI4SHMHWUABZo8NilDvdUnkE5jEkG9vftmP6xr8qktG3tU24ePWOibEAZq2B3Gj_8sTOfJFHsxMy0Ozmh51jGv9JQIYOgK-md1r62uSr9dQm04GMBGIWKbkc2M37PvOhRn6aIJcInYPqSg_dCYl8D090pI_PFy7NaIc-TBLnUZ44yVdPsJlCHuPrE7oHJIqfKoY3kaeO8JPFncGvNzLhoDrw3TRMyTXr0&cid=CAQSLQCNIrLMRL8z8qZPDB5dk2uuSLR75m0EbxPZSE5IhDm851JfxZl3wrXNHLLi5Q&rfl=1%2Chttps%253A%252F%252F2plus2.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:18:04 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0EC4 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 08:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 08:56:20 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA83
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

171ms
125ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 09:21:21 GMT
expires: Sun, 24 Apr 2022 09:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 09:21:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 376C 15 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 09:15:44 GMT

GET
DATA 200
OK truncated
/ Frame DEFE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a481a4e3dd0dc343f9755f1b4c106cb60517eb3c7045f76661194b4c1ac089a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
fw.adsafeprotected.com/rjss/servedby.flashtalking.com/909788/61792348/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/ Frame 0EC4 232 KB
71 KB 140ms
44ms Script
application/javascript 52.213.110.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/servedby.flashtalking.com/909788/61792348/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=2plus2.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2F2plus2.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=308918.02146184345&adsafe_preview=${IS_PREVIEW}
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.110.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-110-128.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c7b5c0cedf74b0080aad07a3625c6a8bbeaeccb542c34945a471bad17be79943

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:21 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3747 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 347101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Apr 2022 08:56:20 GMT
expires: Thu, 20 Apr 2023 08:56:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame DEFE 28 KB
28 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 385754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:12:07 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame DEFE 14 KB
14 KB 47ms
47ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

977d7a1f66defb437e71c15dab19d4fdd7cc0d4ad9da121d26e4436b7c8a97eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:15:45 GMT
x-content-type-options: nosniff
age: 385536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13872
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:20:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:15:45 GMT

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 45E2 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: 2plus2.ua
URL: https://2plus2.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Apr 2023 09:15:47 GMT

GET
DATA 200
OK truncated
/ Frame 376C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e138514a035a3eede51af12aaa091a24057001e65336092ee6c42f491bde863e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3747 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:20:32 GMT

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DFB 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
URL: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Apr 2023 09:15:47 GMT

GET
H/1.1

200
OK

/ Show response
servedby.flashtalking.com/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/ Frame 0EC4
Redirect Chain

https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/909788/61792348/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/?ftx=&fty=&ftadz=&ftscw=&ft_cu...
https://servedby.flashtalking.com/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=2plus2.ua&...

1 KB
2 KB

157ms
37ms

Script
text/javascript

209.197.3.19
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=2plus2.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2F2plus2.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=308918.02146184345
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app12.lhr11 /
Resource Hash: f4ee26c487a7725e60a0e76b47c368e1130e6b817be36cd0a63068b1c77d9eab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 09:21:21 GMT
Server: prod-xre-app12.lhr11
X-HW: 1650792081.dop045.lo4.t,1650792081.cds207.lo4.shn,1650792081.dop045.lo4.t,1650792081.cds249.lo4.sc,1650792081.cds249.lo4.p
Content-Type: text/javascript
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 1466
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:21 GMT
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://servedby.flashtalking.com/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=2plus2.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2F2plus2.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=308918.02146184345
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame D9BE 80 KB
21 KB 246ms
80ms Script
application/javascript 2600:9000:224a:9c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:9c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 02:32:42 GMT
content-encoding: gzip
age: 1666120
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: fiNemdx_Ewcdn68IdDR8CEcd52oII9LMzisIyZfX2Ec7Z9Ovct4fLg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EC4 43 B
215 B 570ms
178ms Image
image/gif 44.228.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=909788&asId=7da2cd21-403e-af92-c7cf-b77418f260e4&tv=%7Bc:aH0Iu6,pingTime:-2,time:113,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:727,beZ:729,mfA:731,cmA:732,inA:733,inZ:737,prA:737,prZ:745,si:749,poA:750,poZ:774,cmZ:774,mfZ:774,loA:782,loZ:785,ltA:840,ltZ:840%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:113,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,bkn:%7Bpiv:%5B106~1%5D,as:%5B106~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3UDlep+111%7C112%7C1131%7C114%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.909788-61792348%7C181%7C1821%7C19%7C1a1,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:90,readyFired:false%7D&br=c
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.18.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-18-69.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:22 GMT
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3747 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWuPZkRZlYqWjDsaQ3gOznITYAgAAAAA4AeAEAg&bg=!MzClMHTNAAYXWUUuN1k7ACkAdvg8Wm_it33dbKkJni26ii69nlVAaHZISZfTcM6qOvViMeb44wvEmgIAAADkUgAAAANoAQcKACASA90wXlFF7gGvm6OK0mcOICHTkKCi75RhO0OV7Z4ykZkC4CrvQXeXDzNrlklUYHcBNKaCsX3CChVXqlc1QEai8epmIHdtrUoHn4penb2NIfiMDY3HTgW-20ALIqdHVXG6OVBLWAQrj4_8fV22_RNOaF1Uq7aKwk-n7A4n6NJyaw0ZPA7WumzF7NvyZ_vWSzW5L3g3ZvHni8ieCUKLMIyaYH2bweACJ0sEDN4fX1c7mjUTCmBOpmSRLOEAviTVyBnT2_065IpdvRuLWTdSt-OJ0IgkhMwDecXezeOvDg7Ywhga7lyZUbfX-RS37CA9GFkjWuxvxxnW0YPHEfBVlutYMkSN8awV9srbASah6kjGVTMDzAaSYg7TrDznSS4AlGKXZyzpbdZKWFANo3-VTWK-uDFzSjvpdX0Vax-ktDYSg0gF32UUtdTErjLl1I5DVRdHqsULFFthVYhe03bjK9FMrwCZO-A2J085xSsqHJg4hy_ZQvo6NLGr02LkC01oAl_aMESk35g0AimtiOnhI2SXrM0xsw6YkUNuT86qzhu-GMbmvXqIWg3AL-Foy7h_V_al6tMHu0Xbzxze--AOPakmZqWl75NuouimrNJqJv4_JzAfXKuet-cJVNHsN2mQZizzl9tGPFmGXZvXMIcH5sY-UQKSNflpRkR46pXBEqbT2SPKW5b8mny21S0i_vETuXzhTSYvprrIS3_sFFFOosrYaQZo2242VbkBUhPbO5sHF8WbFZLbu82NiPQO2SLehhxjq1L8_6hP8Io_mPjRAvQWnJJmkS3SrNDh_zcnqnFmixMFJF2RRG3WSsjsXJHEaHoAkxpwnUxBBUJLwl1XBzPIaD3sIsaOEf_9APbPTZx6LnNrWFFq5vOcQLJYy4ZDgS0qOamylsqLn3ucisME79wJhyP21Mtv0Sugv_PL7IsX8zkXXqAZ9jd_3-KzsaauC8jq8fP9KXIbEUxQA2JjBzOhl7hC_3L7-GaJ_PfOnQx5-iXMHrbkqNahQWyNNQfj4bQNEss

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK j-6184580-3459935.js Show response
cdn.flashtalking.com/xre/618/6184580/3459935/js/ Frame 0EC4 81 KB
20 KB 145ms
33ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/618/6184580/3459935/js/j-6184580-3459935.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/909788/61792348/imp/1/171905;6184580;201;js;HPH;HPHScibidsPXYZProspectingDRCT300x250CPMPCCDoBHVDSPLYPROG1/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=2plus2.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2F2plus2.ua%2F&gdpr=&gdpr_consent=&gdpr_pd=&cachebuster=308918.02146184345&adsafe_preview=${IS_PREVIEW}&adsafe_url=https%3A%2F%2F2plus2.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7da2cd21-403e-af92-c7cf-b77418f260e4,c:aH0IsC,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-6c8bfcf75-62sp2,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:3,fm:t3UDlep+111%7C112%7C1131%7C114%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.909788-61792348%7C181%7C1821%7C19%7C1a1,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:e7afe4de-c3af-11ec-8af4-c64fa91da776,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 1187c5e668566271def1b0bcbc461bf267258f8152bab4ceb03ddb5a1d114ea2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: H69ESR05G9XDC2F1
X-HW: 1650792081.dop005.lo4.t,1650792082.cds077.lo4.shn,1650792082.dop005.lo4.t,1650792082.cds088.lo4.c
Connection: Keep-Alive
Content-Length: 20041
x-amz-id-2: f78YgTtz8TC5Q35fAcKAx6+fYzYRbh7tXBDnMyzi3nzECNSHowqHlO146+928SbSAv8rFUI59/Q=
Last-Modified: Mon, 14 Mar 2022 11:26:45 GMT
ETag: W/"5eab7c7a29d32c6c9e2903b54d4cb564"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=926
Accept-Ranges: bytes

GET
H/1.1 200
OK index.html Show response
cdn.flashtalking.com/142364/3459935/ Frame 219E 3 KB
2 KB 34ms
34ms Document
text/html 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142364/3459935/index.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/618/6184580/3459935/js/j-6184580-3459935.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 56f6e8d69901893c8cb7045b9b2fc54918220a0f4bb9fe1ab3b55b8a83f0fb0a

Request headers

Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=771
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 823
Content-Type: text/html
Date: Sun, 24 Apr 2022 09:21:22 GMT
ETag: W/"ec553dee2099b8792fc0fe667a1b81f0"
Last-Modified: Tue, 25 May 2021 08:43:23 GMT
X-HW: 1650792081.dop005.lo4.t,1650792082.cds077.lo4.shn,1650792082.dop005.lo4.t,1650792082.cds288.lo4.c
x-amz-id-2: QbEDrDE3ygzjhpjf0xPJt7Lmtu661MmSW71KUDUE+gnCfXTNrJEC3rutk1ALlFQdqrVaziztqto=
x-amz-request-id: BV1KS27EC6ZTPZAT

GET
H3

200

B26976110.323839980;dc_pre=CLHBo92vrPcCFZeHdwodjPQIKg;dc_trk_aid=516312196;dc_trk_cid=163460792;ord=1650792081;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/ Frame 0EC4
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B26976110.323839980;dc_trk_aid=516312196;dc_trk_cid=163460792;ord=1650792081;dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B26976110.323839980;dc_pre=CLHBo92vrPcCFZeHdwodjPQIKg;dc_trk_aid=516312196;dc_trk_cid=163460792;ord=1650792081;dc_lat=;dc_rdid...

42 B
63 B

149ms
64ms

Image
image/gif

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B26976110.323839980;dc_pre=CLHBo92vrPcCFZeHdwodjPQIKg;dc_trk_aid=516312196;dc_trk_cid=163460792;ord=1650792081;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&136493835

Requested by

Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N4022.2512303AFFIPERF_GBR_4022/B26976110.323839980;dc_pre=CLHBo92vrPcCFZeHdwodjPQIKg;dc_trk_aid=516312196;dc_trk_cid=163460792;ord=1650792081;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&136493835
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0EC4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82461ffe02bd7ae989addc91633e3856de009b1bd016048f27310b299bf018fa

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EC4 43 B
216 B 191ms
178ms Image
image/gif 44.228.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=909788&asId=7da2cd21-403e-af92-c7cf-b77418f260e4&tv=%7Bc:aH0IAd,pingTime:-3,time:492,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:21%7D,%7Bpiv:0,vs:o,r:r,w:300,h:250,t:488%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:492,n:487,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,bkn:%7Bpiv:%5B480~1%5D,as:%5B480~na.na%5D%7D%7D,%7Bsl:o,t:487,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:bf,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t3UDlep+111%7C112%7C1131%7C114%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.909788-61792348%7C181%7C1821%7C19%7C1a1,idMap:18*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.18.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-18-69.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:22 GMT
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK style.css
cdn.flashtalking.com/142364/3459935/ Frame 219E 3 KB
2 KB 30ms
29ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142364/3459935/style.css
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459935/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 62852aeecf3ada73c9677f1ac137b21b7f0c2c9cc42fbe03267b65ccf619cb0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: S5JMJ184X0CXVM0V
X-HW: 1650792081.dop005.lo4.t,1650792082.cds077.lo4.shn,1650792082.dop005.lo4.t,1650792082.cds288.lo4.c
Connection: Keep-Alive
Content-Length: 833
x-amz-id-2: TMNRxtxxqAq7x7QmuXKbFRMnLCWv28qvCVF6c4uBfdprnZoM1tdA3TqsutKXzBZm+d5FU6MGOqU=
Last-Modified: Tue, 25 May 2021 08:43:23 GMT
ETag: W/"7e269fc572a0da08a8a5faa403bde005"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=847
Accept-Ranges: bytes

GET
H/1.1 200
OK TweenMax.min.js Show response
cdn.flashtalking.com/frameworks/js/gsap/latest/ Frame 219E 114 KB
39 KB 60ms
30ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/gsap/latest/TweenMax.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459935/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: H8DWZSEP5FACPWTP
X-HW: 1650792081.dop005.lo4.t,1650792082.cds077.lo4.shn,1650792082.dop005.lo4.t,1650792082.cds288.lo4.c
Connection: Keep-Alive
Content-Length: 39675
x-amz-id-2: 3MZlu53+OSwSudU0HLDsjpWdtW2XvVQC8appwk5jxWU3itkE9F4p1jtRVWCaHUk8BUIywFzySmQ=
Last-Modified: Thu, 24 Oct 2019 20:28:46 GMT
ETag: W/"1cdb51ec2f59b803cdcda4ded3c188f8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=85696
Accept-Ranges: bytes

GET
H/1.1 200
OK html5API.js Show response
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 219E 95 KB
31 KB 85ms
29ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459935/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: 0EJC7662VFZ4VBFX
X-HW: 1650792082.dop205.lo4.shc,1650792082.dop205.lo4.t,1650792082.cds211.lo4.c
Connection: Keep-Alive
Content-Length: 31158
x-amz-id-2: a7BXo/lqmvO9vDnddZE3CB5bpRHOHb10avDEVdo1M9CrvCt/0KrTh2v1QtdSaKDFD7CgGdqIyOw=
Last-Modified: Thu, 13 May 2021 15:35:29 GMT
ETag: W/"db3a9e799b66fd834e149105a04e7840"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=66352
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
cdn.flashtalking.com/frameworks/js/jquery/ Frame 219E 85 KB
30 KB 88ms
30ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/jquery/jquery-3.3.1.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459935/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: 74D929454B013AFF
X-HW: 1650792082.dop206.lo4.shc,1650792082.dop206.lo4.t,1650792082.cds083.lo4.c
Connection: Keep-Alive
Content-Length: 30305
x-amz-id-2: Pp4GPMgCUOWwu0ynbks6w8o9PWw7BubzD0J7L2JPMqKFPMB/5oYp1ybY8r0c8jqnuI8kQ/o6X7Y=
Last-Modified: Wed, 24 Jan 2018 19:55:39 GMT
ETag: W/"a09e13ee94d51c524b7e2a728c7d4039"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=52926
Accept-Ranges: bytes

GET
H/1.1 200
OK main.js Show response
cdn.flashtalking.com/142364/3459935/ Frame 219E 6 KB
2 KB 88ms
30ms Script
application/x-javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142364/3459935/main.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142364/3459935/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c169ba758ad19844dfca92b94cb4cab61992e9b4418dfc3ab516e2fe5c9cbad4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: 4PRPZ9CK7237H25S
X-HW: 1650792082.dop044.lo4.shc,1650792082.dop044.lo4.t,1650792082.cds247.lo4.c
Connection: Keep-Alive
Content-Length: 1510
x-amz-id-2: pRjkyMtjW3YMQSBb5dKl2F6zWGoXT6vO6TkcwGAmY2DmLVF3KonCBZ1QFTf0Bbym/AntwiF6DbQ=
Last-Modified: Tue, 25 May 2021 08:43:23 GMT
ETag: W/"164514f4c3913c8e902cb66c23038e5b"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=800
Accept-Ranges: bytes

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EC4 43 B
215 B 178ms
178ms Image
image/gif 44.228.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=909788&asId=7da2cd21-403e-af92-c7cf-b77418f260e4&tv=%7Bc:aH0IC0,pingTime:-10,time:603,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1650792082260%7C%7C12a865690f6fb3482b4632e629ddbf7a%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C966572888ee974d402da058cd3f3ac05%7C%7C53b526f437472fecc03a5cfbbec74f36%7C%7C71b37aa16b164662c5cec21944bf694c%7C%7Cebc97be73fe4a98f9036855371b8fc23%7C%7Ce2cbba8ab190224dee552f0462f0a87c%7C%7C1629390669%7D
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.18.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-18-69.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:22 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK manifest.js Show response
cdn.flashtalking.com/142364/3459935/ Frame 219E 1 KB
1 KB 33ms
33ms Script
application/x-javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142364/3459935/manifest.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 06fc34b63fe0f6767b473542cb33dab84ce40c020f13ea0275c5e9c17a468eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: 4PRVR05ZKGB833F7
X-HW: 1650792082.dop206.lo4.shc,1650792082.dop206.lo4.t,1650792082.cds043.lo4.c
Connection: Keep-Alive
Content-Length: 333
x-amz-id-2: LSQTiG/OcW2rBUozwG8V7m4A90mAq1gLAWQxkI+/ssbuYVkBkgdEpGAI9/iLwhHZYmyRy0Bxprk=
Last-Modified: Tue, 25 May 2021 08:43:23 GMT
ETag: W/"c6d892669a17a9f18219b84b176d57b9"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=54
Accept-Ranges: bytes

GET
H/1.1 200
OK mv26817429.json Show response
cdn.flashtalking.com/142364/ Frame 219E 2 KB
1 KB 30ms
30ms XHR
application/json 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142364/mv26817429.json?cb=664994452
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7fe73c52d7875e308d647ecd2a33a3724be9e4939d498743babc9a2cdbbd5335

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: 6SJ71DWVKK1XBVG6
X-HW: 1650792082.dop206.lo4.shc,1650792082.dop206.lo4.t,1650792082.cds043.lo4.c
Connection: Keep-Alive
Content-Length: 333
x-amz-id-2: ZKhn6LwcqujMaDFehxODVapOlHV5SuZhj0Rhqm1dNi2rkX0//68JK/xUnEWcftnShQSUw/YBOZs=
Last-Modified: Thu, 24 Feb 2022 16:39:27 GMT
ETag: W/"43358b01759f503ada7545c6668a7333"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=304
Accept-Ranges: bytes

GET
H/1.1 200
OK Q122Feb_Sportage_Green_DM_F1_Img_300x250.jpg
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 30 KB
31 KB 30ms
29ms Image
image/jpeg 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122Feb_Sportage_Green_DM_F1_Img_300x250.jpg
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: dd5fe16c4ed8b425108f0d516e939c08dbc3da1b6948df7c0d258da7d1dbf9d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 24 Feb 2022 16:39:26 GMT
x-amz-request-id: 21AMT6GRAGQVZXZE
ETag: W/"f8040045ef69baa3acb54447c4592da5"
Access-Control-Max-Age: 3000
X-HW: 1650792082.dop206.lo4.shc,1650792082.dop206.lo4.t,1650792082.cds043.lo4.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1160
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 31111
x-amz-id-2: AiOgIEW4rvRMezWHaT3C4MZH5ITP2Q1b9TrvlOS8nuCmZBVj8M4e7H3Zt7Xri/afBk4Aw0rdTj4=

GET
H/1.1 200
OK Q122Feb_Sportage_Green_DM_F1_Txt_300x250.png
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 4 KB
5 KB 32ms
30ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122Feb_Sportage_Green_DM_F1_Txt_300x250.png
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 269a853888e0ce61aac4a002bc0cbc8b0e3eb039626d9f1b7604f8d955c1892d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 24 Feb 2022 16:39:26 GMT
x-amz-request-id: F9PRW301FC6TB64H
ETag: W/"d7fd3bbb1ea8a7cdfe2828f7b7b97e0a"
Access-Control-Max-Age: 3000
X-HW: 1650792082.dop205.lo4.shc,1650792082.dop205.lo4.t,1650792082.cds204.lo4.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=369
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4218
x-amz-id-2: XTy7anwfmqS/x9bZB9sG3jOOHDVKjR86ybmNWQ9spfD8WptZqZwYqYSjJSfMgZvXHXH37i7hAs8=

GET
H/1.1 200
OK LineA_white.png
cdn.flashtalking.com/142364/3459935/images/ Frame 219E 903 B
958 B 34ms
31ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/3459935/images/LineA_white.png
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 16a2d8535199012d0ee978a3cf2d96567bff38ba5914df081651257c6def256c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: PSH2GBZ025ZAYXR5
X-HW: 1650792082.dop044.lo4.shc,1650792082.dop044.lo4.t,1650792082.cds247.lo4.c
Connection: Keep-Alive
Content-Length: 269
x-amz-id-2: FDUdCtVneJSKbqBUGeIPO4ffv0mEUZ+SrmeI/vgoRCmO2sWzgvenCMYuiKDGy56nGZGFcfh90AQ=
Last-Modified: Tue, 25 May 2021 08:43:22 GMT
ETag: W/"98e64d0ed9cba8b61c70a31740d31dd1"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=717
Accept-Ranges: bytes

GET
H/1.1 200
OK LineB_white.png
cdn.flashtalking.com/142364/3459935/images/ Frame 219E 2 KB
2 KB 35ms
32ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/3459935/images/LineB_white.png
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: f515fa3b78a4dee7d5a9c9009d2f3be56d32d1287fee739d987162c8c025a6a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: XP6KS0XQNEFYPK4D
X-HW: 1650792081.dop005.lo4.t,1650792082.cds077.lo4.shn,1650792082.dop005.lo4.t,1650792082.cds288.lo4.c
Connection: Keep-Alive
Content-Length: 1447
x-amz-id-2: 2TiLFK5tlWHQ5RlFhMIAN6slwA7L2t5goGLoEN4IOurKiLIuXvM4vd09YlrFf5xs83n38g8VID0=
Last-Modified: Tue, 25 May 2021 08:43:23 GMT
ETag: W/"c9295a83b78a4c977fd46ed2c5a9823b"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=369
Accept-Ranges: bytes

GET
H/1.1 200
OK kiaLogo_white.png
cdn.flashtalking.com/142364/3459935/images/ Frame 219E 1 KB
2 KB 35ms
32ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/3459935/images/kiaLogo_white.png
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2e341e5cdddebc5c6a4bfe3c5f6d9afc56f061668a058de2d29e4a08fd765b23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Tue, 25 May 2021 08:43:23 GMT
x-amz-request-id: AT7DSHKNR0C33JH2
ETag: W/"8a0c438563750f88a41dc63e0931ed2a"
Access-Control-Max-Age: 3000
X-HW: 1650792082.dop006.lo4.shc,1650792082.dop006.lo4.t,1650792082.cds087.lo4.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=313
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1509
x-amz-id-2: Et1Lj+c0CyhUpL9tqsBt5G5nhLFSPM3At9niuvdrmn9xc5EplrswSc0owkKraONqEk+6LbSL004=

GET
H/1.1 200
OK Q122Feb_Sportage_Green_DM_F2_Img_300x250.jpg
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 28 KB
28 KB 96ms
31ms Image
image/jpeg 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122Feb_Sportage_Green_DM_F2_Img_300x250.jpg
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 3ec66e146304975d80b82ba2c1398b599f92f8ce0eb82ba037767404ea376673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 24 Feb 2022 16:39:26 GMT
x-amz-request-id: F9PRB8MMG1CPB92M
ETag: W/"63415feaaf8285e8f0093800b92d7f73"
Access-Control-Max-Age: 3000
X-HW: 1650792082.dop205.lo4.shc,1650792082.dop205.lo4.t,1650792082.cds062.lo4.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=799
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 28250
x-amz-id-2: L5Vc5PLIei59iB7hq3YF8NT+MIxGAHpbdEJ6CGZi4PT6Q7ed0XTyurompHi+3lH+rg4dBi3b8gE=

GET
H/1.1 200
OK Q122Feb_Sportage_Green_DM_F2_Txt_300x250.png
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 7 KB
7 KB 61ms
31ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122Feb_Sportage_Green_DM_F2_Txt_300x250.png
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: bbac62bc6bedc78287284e92948ad46f708f45a745bd6da4bec7127eca24514b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 24 Feb 2022 16:39:26 GMT
x-amz-request-id: 868E2R0A5BFW6TRN
ETag: W/"a5f6f765a077f7757187f00247724902"
Access-Control-Max-Age: 3000
X-HW: 1650792082.dop205.lo4.shc,1650792082.dop205.lo4.t,1650792082.cds325.lo4.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=501
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 6702
x-amz-id-2: juMqFCt4uU7crax8941t45UAmlpQN1c7y5Ao44Qcwr0eJheEk7EC0dwLvBJmYrIE/+f4F+Z8yy4=

GET
H/1.1 200
OK Q122Feb_Sportage_Green_DM_F3_Img_300x250.jpg
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 28 KB
28 KB 64ms
30ms Image
image/jpeg 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122Feb_Sportage_Green_DM_F3_Img_300x250.jpg
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: b8aa92c5736920d857a50bde9563221b0cb35ae7b2b109782c8f51e493a09aab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: ZB2JVV27JP3ECXWT
X-HW: 1650792082.dop044.lo4.shc,1650792082.dop044.lo4.t,1650792082.cds247.lo4.c
Connection: Keep-Alive
Content-Length: 28322
x-amz-id-2: bfqp2cdaYFjW2c+eWG8dCW97cSE/Vb98UUTAdocEilmaVCTe1cgdPEgYl0oOVlxOeeUsgG5V+Wg=
Last-Modified: Thu, 24 Feb 2022 16:39:26 GMT
ETag: W/"959053d123c767c2d36123ba9b667575"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1078
Accept-Ranges: bytes

GET
H/1.1 200
OK Q122Feb_Sportage_Green_DM_F3_Txt_300x250.png
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 5 KB
5 KB 63ms
29ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122Feb_Sportage_Green_DM_F3_Txt_300x250.png
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c51a8bd285c64c6b38ef08a271bba5a8e3a4a55cf7bdd457da49b11536cca063

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: CHJ3RC6Z4RX2D5VA
X-HW: 1650792081.dop005.lo4.t,1650792082.cds077.lo4.shn,1650792082.dop005.lo4.t,1650792082.cds288.lo4.c
Connection: Keep-Alive
Content-Length: 4174
x-amz-id-2: +9wy3kBBkyrvLH7AcJjH8H4Exuqok5MWY7YHhgmJ2h8tgeibq8bDmd5VqCiRl5O6mfyTUISajbE=
Last-Modified: Thu, 24 Feb 2022 16:39:26 GMT
ETag: W/"6be00f8e6dd2e45ed3f7a1b636b95411"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=28
Accept-Ranges: bytes

GET
H/1.1 200
OK Q122Feb_Sportage_Green_DM_F4_Img_300x250.jpg
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 30 KB
31 KB 66ms
32ms Image
image/jpeg 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122Feb_Sportage_Green_DM_F4_Img_300x250.jpg
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: dd5fe16c4ed8b425108f0d516e939c08dbc3da1b6948df7c0d258da7d1dbf9d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Thu, 24 Feb 2022 16:39:26 GMT
x-amz-request-id: 35XFGDMKBRTNWEYQ
ETag: W/"f8040045ef69baa3acb54447c4592da5"
Access-Control-Max-Age: 3000
X-HW: 1650792082.dop006.lo4.shc,1650792082.dop006.lo4.t,1650792082.cds256.lo4.c
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=327
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 31111
x-amz-id-2: BFCL9yJoxHwrum2nGgaaj3cIfWEql/OFKstZT4P9SqE17aOUWO1NxCKxoqUYgXF1UoTooy/CjE4=

GET
H/1.1 200
OK Q122Feb_Sportage_Green_DM_F4_Txt_300x250.png
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 4 KB
4 KB 71ms
29ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122Feb_Sportage_Green_DM_F4_Txt_300x250.png
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6f96e439379f62c4d31c7f1c7767c50db6b3ca6442dcd50fee328dd53231b734

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: B4SE1G1WX5ZX71VB
X-HW: 1650792082.dop206.lo4.shc,1650792082.dop206.lo4.t,1650792082.cds043.lo4.c
Connection: Keep-Alive
Content-Length: 3244
x-amz-id-2: bo4vtf2tYV8JWSp73WXXOowcm2rCVX1XfOfa2B+BRfgA7c4uh3DT6RoA/IhGCLmwPmp+QC8rYfk=
Last-Modified: Thu, 24 Feb 2022 16:39:26 GMT
ETag: W/"f04209024b8df22ace7f4e83f1593888"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=259
Accept-Ranges: bytes

GET
H/1.1 200
OK Q122_CTA_Square_DM_300x250.png
cdn.flashtalking.com/142364/instantAssets/ Frame 219E 10 KB
9 KB 86ms
30ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142364/instantAssets/Q122_CTA_Square_DM_300x250.png
Requested by: Host: 8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
URL: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: dbf23fd93369a90039de26b63e7a566560cb609c4a33003704e4ed989629f947

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142364/3459935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 09:21:22 GMT
Content-Encoding: gzip
x-amz-request-id: ZYVF13EAEXQ2W627
X-HW: 1650792082.dop053.lo4.shc,1650792082.dop053.lo4.t,1650792082.cds322.lo4.c
Connection: Keep-Alive
Content-Length: 8654
x-amz-id-2: 48zJOLQjCGS/K4knyl8mHY/YtcpwEa46X8Vl1GN++Brh1+bDiMfhfqkz4YP3aIMwfK1EmATDmQw=
Last-Modified: Thu, 24 Feb 2022 12:11:41 GMT
ETag: W/"9fcf3f24852bde2d36c5e698e9472113"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=152
Accept-Ranges: bytes

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DEFE 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWhoOIt0gyjLH-VYqYkY6_72xj1JtdjI8-p39l2vWl5kImiIO4OU3dqB9Qb2MYrJegh_NDIXrpSJB--rLb6bsKgwlvSmpvRRCnICvMEFty-rZTt_RImQ&sai=AMfl-YTpopqIUjRoW9bIrYMmdejN02hErU35Imp_magy_UUIBpFeU1osmha0HD6qpIQ05fTqxbavYCrMySxvU64B6JdgoaEJFnvlhBzBgRDC&sig=Cg0ArKJSzI6baJDYGgJoEAE&cid=CAQSLQCNIrLMRL8z8qZPDB5dk2uuSLR75m0EbxPZSE5IhDm851JfxZl3wrXNHLLi5Q&id=lidar2&mcvt=1001&p=1020,80,1200,1520&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1425882295&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650792080961&rpt=481&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 437ms
436ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Sun, 24 Apr 2022 09:21:22 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 181ms
60ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://2plus2.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 24 Apr 2022 09:21:22 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1547
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F2plus2.ua%2F&domain=2plus2.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=KlxeMHxNZFJxanJCeFJwcUNKNWZVYVJJdys2UllNS214QW5yUkJXNFRRNEs4alBSSUpNZktLekdtM1J3dXM1OE4yYkFWbkwyakFhblp2QTBuRllvQWo1d0svMUl4YS93RUd6VXlmSVFtZFRpQ01qWGpxQ2l5RHhHbnJJTm...

425 B
669 B

44ms
43ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=KlxeMHxNZFJxanJCeFJwcUNKNWZVYVJJdys2UllNS214QW5yUkJXNFRRNEs4alBSSUpNZktLekdtM1J3dXM1OE4yYkFWbkwyakFhblp2QTBuRllvQWo1d0svMUl4YS93RUd6VXlmSVFtZFRpQ01qWGpxQ2l5RHhHbnJJTmhMN1habzNvWWlWRFcxckc5elF1bVF2aFNWeE9JS0UrbXIzekRWWkY1UFdDOEM4T2xzVE0zSWFVV0xuaFFEUHlGZG9ZNktuMjVTN3R2VUQ5cXl3QXZ4S01YKzY2UmRnSlZuSlh6M2g3dkR2dE5hUXF3VEUwSEpDajJEUHZWeTdGdStMWHBjZlV2QjV5VTB3ZjdSVE9sMTYvcDhXUWRWQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

3fc80a4275a667dde0d32d69271ccadc001f81150cb53f5f29ff4bd3adad7426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:22 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4905
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:22 GMT
location: https://mug.criteo.com/sid?cpp=KlxeMHxNZFJxanJCeFJwcUNKNWZVYVJJdys2UllNS214QW5yUkJXNFRRNEs4alBSSUpNZktLekdtM1J3dXM1OE4yYkFWbkwyakFhblp2QTBuRllvQWo1d0svMUl4YS93RUd6VXlmSVFtZFRpQ01qWGpxQ2l5RHhHbnJJTmhMN1habzNvWWlWRFcxckc5elF1bVF2aFNWeE9JS0UrbXIzekRWWkY1UFdDOEM4T2xzVE0zSWFVV0xuaFFEUHlGZG9ZNktuMjVTN3R2VUQ5cXl3QXZ4S01YKzY2UmRnSlZuSlh6M2g3dkR2dE5hUXF3VEUwSEpDajJEUHZWeTdGdStMWHBjZlV2QjV5VTB3ZjdSVE9sMTYvcDhXUWRWQT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://2plus2.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2018
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
527 B 176ms
48ms XHR
application/json 51.195.5.40
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/458553/hb_298309_11708.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.40 , France, ASN16276 (OVH, FR),

Reverse DNS

p17.id5-sync.com

Software

Resource Hash

83f8c16016791765cdc9d1d94bde2de44a69d367caa3febf2ff2f63298e242d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://2plus2.ua
Date: Sun, 24 Apr 2022 09:21:22 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 107ms
36ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 24 Apr 2022 09:21:22 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1125
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 38C5 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:00 GMT
expires: Mon, 24 Apr 2023 09:21:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E0E 783 B
534 B 52ms
51ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5021e76e8419684c03958d2ae1c65c18c10891b061c1a8b63cdf09ef4a55434

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oO/+CBkQzua9aYeq3/yoSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://2plus2.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-oO/+CBkQzua9aYeq3/yoSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:23 GMT
expires: Sun, 24 Apr 2022 09:21:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A0C5 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vid4.tsn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:00 GMT
expires: Mon, 24 Apr 2023 09:21:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 27D3 783 B
535 B 50ms
50ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

122e02e5c07f3ce3812bafeaf2a6416ab69d9a25f35c00a97eaafa014809d649

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9jxyUTQQkgYyuBBcL1j0wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vid4.tsn.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-9jxyUTQQkgYyuBBcL1j0wQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 09:21:23 GMT
expires: Sun, 24 Apr 2022 09:21:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EC4 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPanWvSI4QX5u4VatrZyU9d3STpBaPrW63yjejli2bciOOCqUFunbleHTytW_YLRpqvjbrHE6yVgEsbPmhOogvVt6t8T3_s9oIIjZiGEnk_JoWLyY5fg&sai=AMfl-YTi4JeqRJJunA_9JdCCol7iD3963mVFoYtosVKKsV-qgEPGvuHuUduUNqpnplG22GEuL6DNmg-y-GBsU8UHPAMzltqUrRfaQtTm_M-j&sig=Cg0ArKJSzItgI5SfGe25EAE&cid=CAQSLQCNIrLMRL8z8qZPDB5dk2uuSLR75m0EbxPZSE5IhDm851JfxZl3wrXNHLLi5Q&id=lidar2&mcvt=1000&p=645,992,895,1292&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3937908213&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650792080930&rpt=1204&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame 38C5 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:20:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7E0E 0
0 91ms
91ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042001&jk=1939731011404494&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 27D3 0
0 88ms
88ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041801&jk=3690888436948231&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame A0C5 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:20:32 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EC4 43 B
215 B 178ms
178ms Image
image/gif 44.228.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=909788&asId=7da2cd21-403e-af92-c7cf-b77418f260e4&tv=%7Bc:aH0IRb,time:1544,type:e,im:%7Bpci:%7Btdr:1472%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1544,n:487,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,bkn:%7Bpiv:%5B480~1%5D,as:%5B480~na.na%5D%7D%7D,%7Bsl:o,t:487,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:bf,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1056~0%5D,as:%5B1056~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:182,fm:t3UDlep+111%7C112%7C1131%7C114%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.909788-61792348%7C181%7C1821%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.18.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-18-69.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:23 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 38C5 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9rL8ZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A0C5 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ckA3uQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 09:21:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 108ms
107ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042001&jk=1939731011404494&bg=!AQKlAkbNAAYXWUUuN1k7ACkAdvg8WqgFXlfKjsaJKwHJqN2MbLDDgT846VY0OX-BW1vCHYhQfeRCJgIAAAB0UgAAAAFoAQcKADNXIv0lTFM112cNshq_d6hzYggJHZI5iQMxsIigtuBZ0sxlBtXYUvoAVY6GsCnnnwoUulOZAo7oJlyXA0CAiD9w1xHu7ci8SYIK22mCzEu5gtGed6PJwptGWdUigyrydAAukMYIDbFAxjbXzbrTDfjx8uTmk04FGUI6CUh61wov6txpiZhqxEC_zOGTtXEBaDBO6nDps76zRhiqztuDLODW5ITJ5c00_FC8gmuFMaS3rwpDHuuXxNtofVkeGhN4qJ8GeJ9ebBhTdYqwLF0DTTnePuf8CSh4ojO0HXi1qvj27Dvc1PZvnDw6-ItPLUnpb8ctvm_KdTlIWbDLWpYsKaSy6afqXiy45K2VTaYmAvN6mw8rrfYLKR9FAk9rpWHoPFCDAQdK2Bs7xRDLA6t8MGjqkC4Aa3FNuIOxIYphxtt6kxW-sgdkAGZ8Y3WIdzhaEkzEy-SEhRT6qvmXlgOQPT03XSYlh4iEZthqxzfcg2PbV-6zK-CqiHh0WmVBlBvESDXq3PaTbIUDp_mJIrsyG-XUEU3n4MMO-AbRq6fU1K2sPtVyhVKgoCPbZMgq1Svj92909WxyV9vP6j4OHIkp8EJYsavfERaVq0JWC2cuvQzcHsThxUx_4tRlJwjobEYGP1w4SbVspVxKuVUQrOkbKRONv3XnWcJhvcwASfh6ih9OCRleQz2mGXrrNZATbBY5dnyjIzf-ZCEzlgYELMkN8pL6tSese85LB0AgHnv7HA0xsRkyuq-CeGO_8GZIJ8D44gmqp3VP10KvaG7W_sf4M2tgXxkLi9IJ1ochn7i3Y6EOXVl1WpBh7WUczo76UeduPrxGa7OMOTlesnxbkm9-4qu8EhVntKfTppvWeVMANwPrq8xfo6KdSSjVMKrE87BsHcFRnkA8BrCZ_eQVy_mDtErhkY_TO8aKXVH2wuKgmMoorGI6NAo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://2plus2.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A2B0 0
0 109ms
109ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041801&jk=3690888436948231&bg=!BAelB0PNAAYXWUUuN1k7ACkAdvg8Wi2GYpu0H-coj6cl_Xt19ARSiTNQUgCK1Kh0xXfPpwRzerLNsQIAAABlUgAAAAJoAQcKAFGui4gX1LJGk2dRJJAQ-kLwl4fcpx_AAIzUiRX9eLyfxuWZG9v6fGAyC3H1gwFE-1ZTxilZW8BQ1_Fw--Z36nQ3PmE_w5ZAB2YTiV9g8onzYCaZArVdw2ZZCuAHJ83M4tWadIsYbQ9nMLp1CuSwRiT7NGhg4T0g8UtzJbCQm96WS3g3WFQ6NM6CGDj8_wjEtQPNeunc61e0grBzutFxyC51Brzjh4_ICS3ECMl4stN5UgnnKrsAQgtHDmZDNcmVOmPgv5bSOMYL-Vi1NVrqte8w1TmmqxEEWNY-AdlsJZ-KsSrhul6HnWphLz4s1Coi6ZvbAB-oEQc-ouhHpuwbVkQmb75pKcg4x30ZeohajpcxhZ1veonDN7oK0yJa0hCbX5wwEyyUROTr6MLDpv0bkVPgZSxDiveu4Rq3ZL6hr7TaGnGNm9JXri7h0syMQB1vk48u84DeiC2Cfpd106aa_3c5W75vbQbPPP7JLXXadBYbEK1zTe1YagG1v70GgQ4VQlF7zZPOosm4VtDtWQwSYeqjjUahuR9kiGW0Zauz2PuRwAC8Otn0-kZgnDlEyJ5NVI3MPrgeTrxZwY3M8kOz9RycWbqpaJ_C2HG2UUwbkwH2rKYmbE-UcGwh1c6r_SO2y6VLQmQIvOa9csHBZP4niUTCC70Dx1zkmhErEXfUvhczeOq-KyiDQxx07eXpW-EPN0UvLIk0FSVow5wlEaHMg8lp84blo6PlUa7UOPurnxGhIWdD5pPpN6v1HJGD3LNPvuWxfNRCTZXyKeLn3yz3HKtvuYw82jKsJdaY57ElWDPzoSIz0pJvXzuDu-x2rO0Bnjp4B-z4kRNI-l1i2dK8m6sKQuNU4Gsk_09ccTXt_15ZIgOXsmzngIAtoHCya-3bJf9gkbMpKR9VDI7ix8keI-7QAz41YuvRfZPQfPaEF8L2XYPgYBMPW3NBVaYpMTkmBnBo5MEhA-nuqIhTiMbLiVTkl6orzI1WsZ0f_Ah9x6UAuZkdyj4hVAQVyRqhukD-DHQyV06i4ER9MeE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://vid4.tsn.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EC4 43 B
215 B 179ms
179ms Image
image/gif 44.228.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=909788&asId=7da2cd21-403e-af92-c7cf-b77418f260e4&tv=%7Bc:aH0J8I,pingTime:1,time:2631,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:21%7D,%7Bpiv:0,vs:o,r:r,w:300,h:250,t:488%7D,%7Bpiv:100,vs:i,r:,t:1630%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1630,n:487,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,bkn:%7Bpiv:%5B480~1%5D,as:%5B480~na.na%5D%7D%7D,%7Bsl:o,t:487,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:bf,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1142~0,1~100%5D,as:%5B1143~300.250%5D%7D%7D,%7Bsl:i,t:1630,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:bf,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:180,fm:t3UDlep+111%7C112%7C1131%7C114%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.909788-61792348%7C181%7C1821%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.18.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-18-69.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:24 GMT
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0EC4 43 B
215 B 179ms
178ms Image
image/gif 44.228.18.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=909788&asId=7da2cd21-403e-af92-c7cf-b77418f260e4&tv=%7Bc:aH0J8I,pingTime:1,time:2631,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:21%7D,%7Bpiv:0,vs:o,r:r,w:300,h:250,t:488%7D,%7Bpiv:100,vs:i,r:,t:1630%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1630,n:487,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:20,wc:0.0.1600.1200,bkn:%7Bpiv:%5B480~1%5D,as:%5B480~na.na%5D%7D%7D,%7Bsl:o,t:487,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:bf,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1142~0,1~100%5D,as:%5B1143~300.250%5D%7D%7D,%7Bsl:i,t:1630,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:bf,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:180,fm:t3UDlep+111%7C112%7C1131%7C114%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.909788-61792348%7C181%7C1821%7C19%7C1a1,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.228.18.69 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-18-69.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 09:21:24 GMT
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 107ms
107ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://2plus2.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://2plus2.ua
date: Sun, 24 Apr 2022 09:21:25 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: ghb1.adtelligent.com
URL: https://ghb1.adtelligent.com/v2/auction/

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=5039201394

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&eid_pubcid.org=05f84429-bea5-455d-8af0-5ec18fb59f2e%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=fd3296bb-5b3e-4ea8-ad05-13ad92a25c6f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&slots=1&rand=0.4289548847558291

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=10&eid_pubcid.org=05f84429-bea5-455d-8af0-5ec18fb59f2e%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=3f97177d-f7d1-473d-9ebd-19c6002fdacf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&slots=1&rand=0.20578698326384393

Domain: ads.adnuntius.delivery
URL: https://ads.adnuntius.delivery/i?tzo=0&format=json

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=15&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=05f84429-bea5-455d-8af0-5ec18fb59f2e%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=fd3296bb-5b3e-4ea8-ad05-13ad92a25c6f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x250%23ad-slot-1&slots=1&rand=0.41426410685484916

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2153570&size_id=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=05f84429-bea5-455d-8af0-5ec18fb59f2e%5E1&rf=https%3A%2F%2F2plus2.ua%2F&tg_i.pbadslot=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=3f97177d-f7d1-473d-9ebd-19c6002fdacf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F2plus2.ua%2F2plus2_300x600_2%23ad-slot-2&slots=1&rand=0.8298643281788185

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
2plus2.ua/	1970-01-20 02:33:19	Name: XSRF-TOKEN Value: eyJpdiI6ImtEQmh6R0hLTkMrbkZWWCs0a1YwcHc9PSIsInZhbHVlIjoiTW9Wbk5UdnlVdXgxZE9XVWRoaTVMc01Lek9aXC9kS0dLSzg0U1gycDRnZFk3VTdKM0dqZllhV3NZNXhJQjZLZ2ciLCJtYWMiOiIzNTY2YTQ2ODg4ZDk5MmE3YzhmZjYwY2IwZWJhNjc0MWJjOThjMDJjYzYwOGFkMzExYzBlYjJiOTRkMWY3ZmEwIn0%3D
2plus2.ua/	1970-01-20 02:33:19	Name: 2plus2_session Value: eyJpdiI6ImQ1eWd0QXZ5SHNEeFE3dmJWWWR5Qnc9PSIsInZhbHVlIjoiNGxhNURRTWtXRHpwT1RDZW1jNHd6ZkFKTXpDbmdnRVl6QzZVeW56R0V2dzJKaW5iUmNCdmx4RVB1bVloNk04aSIsIm1hYyI6IjM0NTFjMzRmMGU0NGUxOGZjMGU2MGE3Y2I4NmIzZGRlYmRlMmZmNjM2YjQxZjdlYTlmYzU3YWRhYzNmMDEzMGYifQ%3D%3D
.1plus1.video/	1970-01-20 20:04:24	Name: _opov_sid_ Value: 9a6di8ia4nvg7q5rd5ih0vj3be
2plus2.ua/	1970-01-20 02:33:13	Name: session_id Value: 52007b96-087f-4e83-9f5c-1a2ca6f17d71
2plus2.ua/	1970-01-20 02:33:13	Name: session_pageview Value: 1650792079.1
2plus2.ua/	1970-01-20 03:16:24	Name: site_visited Value: 1650878479.1
2plus2.ua/	1970-01-21 06:19:52	Name: lapuid Value: 5ee19fee-db0d-410f-8460-bcf6ea6114a5
2plus2.ua/	1970-01-20 11:59:07	Name: _pk_id.6.87d8 Value: 3229d98544ba6c7a.1650792079.1.1650792079.1650792079.
2plus2.ua/	1970-01-20 02:33:13	Name: _pk_ses.6.87d8 Value: *
.2plus2.ua/	1970-01-20 12:02:00	Name: __gfp_64b Value: DLJsT_EZ_rpa4JNIPW4hImPTtrqR0FU8LcYK.SXkrfT.t7\|1650792078
a4p.adpartner.pro/	1970-01-20 03:59:36	Name: apuid Value: 5ee19fee-db0d-410f-8460-bcf6ea6114a5
a4p.adpartner.pro/	1970-01-21 06:19:52	Name: apudmg Value: 1
.2plus2.ua/	1970-01-20 02:34:38	Name: _gid Value: GA1.2.1218911043.1650792079
.2plus2.ua/	1970-01-20 02:33:12	Name: _gat_UA-3838466-26 Value: 1
.2plus2.ua/	1970-01-20 02:33:12	Name: _gat_UA-113262294-1 Value: 1
.2plus2.ua/	1970-01-20 20:04:24	Name: _ga_KRRGZR24WG Value: GS1.1.1650792079.1.0.1650792079.0
.2plus2.ua/	1970-01-20 20:04:24	Name: _ga Value: GA1.1.347430055.1650792079
www.clarity.ms/	1970-01-20 11:18:48	Name: CLID Value: e48913e5a27d4f298444ff71ac5d0a4a.20220424.20230424
.2plus2.ua/	1970-01-20 04:42:48	Name: _fbp Value: fb.1.1650792079448.1155339871
1plus1.video/	1970-01-21 04:50:00	Name: _opov_hid_l Value: 2ff393a3-5074-5304-9742-b0b29f89d59d
.facebook.com/	1970-01-20 04:42:48	Name: fr Value: 05cDQi9xLOpj6iA8O..BiZRaP...1.0.BiZRaP.
2plus2.ua/	1970-01-20 03:16:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.2plus2.ua/	1970-01-20 11:18:48	Name: _pubcid Value: 05f84429-bea5-455d-8af0-5ec18fb59f2e
.admixer.net/	1970-01-20 04:42:48	Name: am-uid Value: 9d0da8045900472a89ec76210d0128d0
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 15:52:24	Name: E Value: AG3KiEh1iuA3a19o
.2plus2.ua/	1970-01-20 11:18:48	Name: _clck Value: 1whovga\|1\|f0w\|0
.2plus2.ua/	1970-01-20 02:34:38	Name: _clsk Value: 2d7kku\|1650792080196\|1\|1\|e.clarity.ms/collect
.adtelligent.com/	1970-01-20 04:02:28	Name: vmuid Value: 98b923527c9cf1c5
.adtelligent.com/	1970-01-20 04:02:28	Name: a307558 Value: 5ee19fee-db0d-410f-8460-bcf6ea6114a5
.hit.gemius.pl/	1970-01-20 12:02:00	Name: Gdyn Value: KlQupRMGQMGGMqUEDWLFoilissGM81ooL6nxmGBaQBsLwpaiGsRP0QlGvGGpRRg8SmGT8SpGDlUUgVXoaQG.
.criteo.com/	1970-01-20 11:54:48	Name: uid Value: 2ca3f4af-2bad-41b6-8e64-a0a16d7d6314
.c.bing.com/	1970-01-20 11:54:48	Name: SRM_B Value: 30D1410E915462BE0D43509E90EF633C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:54:48	Name: MUID Value: 30D1410E915462BE0D43509E90EF633C
.c.clarity.ms/	1970-01-20 02:33:12	Name: ANONCHK Value: 0
.2plus2.ua/	1970-01-20 11:54:48	Name: __gads Value: ID=5caea74b019b4222:T=1650792079:S=ALNI_MYlSexYlMg24UASQqMsWtkdQm666Q
.doubleclick.net/	1970-01-20 11:54:48	Name: IDE Value: AHWqTUke9JTqlqA6IeDCAW89pgU-8Bu3bZSz5G8OjlblxgjvTuaDx0cEiWafQtYYUyg
.adnxs.com/	1970-01-20 04:42:48	Name: uuid2 Value: 5587274797722791743
.adnxs.com/	1970-01-20 04:42:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVOjw#%%!]tbPl1M>e)ZlrFUfJ+tGXxpO^B>#2?q`2rLIwfH[L^Zc_^@@:`dXmm?cWmF3If)y3KL9D3I?*phT:?y
.doubleclick.net/	1970-01-20 02:33:15	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 04:42:48	Name: CMPS Value: 709
.casalemedia.com/	1970-01-20 02:34:38	Name: CMST Value: YmUWkWJlFpEA
.casalemedia.com/	1970-01-20 11:18:48	Name: CMID Value: YmUWkcX7AqFVasCARQeSgwAA
.casalemedia.com/	1970-01-20 04:42:48	Name: CMPRO Value: 337
.casalemedia.com/	1970-01-20 11:18:48	Name: CMRUM3 Value: 2d626516912760CAESEF59hoMm9jy5Q0dTIvHdiH4
.2plus2.ua/	1970-01-20 11:54:48	Name: cto_bundle Value: hEfvAl9WV2tHd0JHSmpVZndsVFhDVHAyJTJGSzh0amZEblYlMkJOUDQxOFFHV1BSblJYeGpnNmw5VHNRaVZBdFFTU1d3ak13RDF0UVAlMkZNOXlWOCUyRlMlMkJ6dFBEN3oyYUxnaFA0OSUyQiUyQlBYV3BnNkNVNkhIM0RjOXVabE1kbHYzRzUyOW5WWk11bkxCak93Mzl4MHZwNHZJclZQT2FzV1ZQUSUzRCUzRA
.2plus2.ua/	1970-01-20 11:54:48	Name: cto_bidid Value: TeLMpV9za2o5b1RPR0NvcVRzS1REZ3pEd0ZXV0xGMkd2RHFWMnhsQk4lMkJXbWhSMkFYdHVIRVMlMkZCeEQlMkJRNFQ4aUd2NjdhYWRhdE91aUQlMkJPQm9hVnlueXdWU3pCZHVpdER6byUyQjBQUk1LOUJZVWNNeXMlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0068/3674.js Message: Failed to load resource: the server responded with a status of 410 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.video
1x1.a-mo.net
2plus2.ua
8f14eb975814692f9134e3e90b8f3f57.safeframe.googlesyndication.com
a4p.adpartner.pro
ad.doubleclick.net
ads.adnuntius.delivery
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
api.1plus1.video
assay.1plus1.ua
bidder.criteo.com
c.bing.com
c.clarity.ms
cdn.ampproject.org
cdn.flashtalking.com
cdn.mouseflow.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.clarity.ms
fastlane.rubiconproject.com
fcb2320b5e01b133aace10b4ca8f57c5.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
ls.hit.gemius.pl
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtcdn.com
player.adtelligent.com
prebid-eu.creativecdn.com
prebid.a-mo.net
s0.2mdn.net
script.crazyegg.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
static.adsafeprotected.com
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sync.adtelligent.com
t.trafmag.com
tpc.googlesyndication.com
vid4.tsn.ua
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ads.adnuntius.delivery
bidder.criteo.com
fastlane.rubiconproject.com
ghb1.adtelligent.com
hbopenbid.pubmatic.com
ib.adnxs.com
prebid.a-mo.net
142.250.185.226
142.250.186.134
146.0.227.109
146.59.10.80
146.59.30.96
172.217.16.130
178.250.0.157
185.184.8.90
185.239.173.66
193.200.65.5
195.137.240.108
195.137.240.12
195.137.240.20
195.137.240.82
20.62.48.180
205.185.216.10
209.197.3.19
23.111.9.38
2600:9000:224a:9c00:8:48e:53c0:93a1
2606:4700::6813:9408
2620:1ec:27::cafe:1959
2620:1ec:c11::200
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2006
2a00:1450:4001:830::2008
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9a
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::7
35.244.159.8
37.252.172.37
44.228.18.69
45.133.44.3
46.249.52.249
51.195.5.40
51.89.9.252
52.142.114.2
52.213.110.128
54.165.214.53
54.38.197.123
62.149.0.72
92.122.147.230
0479c803e597c9eacc35328c18e47b75104c9c67359da67d31fa807de6309663
0504d9f9a134a9acc6d5ffefacd131df9ed5ac7023d3c2aeecd48a4d0419a3e8
06fc34b63fe0f6767b473542cb33dab84ce40c020f13ea0275c5e9c17a468eda
07a757ca2bb1f12e8c1c16db04afcc62303e08f69e38b13d5a13717feaf0fd8b
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08c321615bfe65e41e8aef06d659058d5bbcf35c9d6e539962337833d7178b8a
08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc
0a79e4b9555c24441d9c72f0c51a7793442ecb15b2b801a802fefca592b91c65
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b83210f573e877327d53e4a0fc6895117403533f2e72bc4d39030145a7ca09b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bad0f3630b73f5dcb369227282d76dba6fb01d3eab89a8a16acb5e053cbf1f6
0d52ea2ba28cd3875257f7ef6e1b07c5be8205f0f62ca027dd5a7d6ea468b751
10066841bfc9534e75adc9de3c5b8f027a6d4cf60e8cc53debef50491928e60d
10d2a6ea0bf55991c488f4da1a20347f2b8def032d90c361052f981cb1a66aed
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1187c5e668566271def1b0bcbc461bf267258f8152bab4ceb03ddb5a1d114ea2
122e02e5c07f3ce3812bafeaf2a6416ab69d9a25f35c00a97eaafa014809d649
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12dce315d1b30fafff70b92232490b5b1996e8bebc262cb96da11399f5101707
143f50225190e7a587d8e43d7504c7645b29f1dfb957eae82f59977a6cc35c98
1494d2b38bdef6a3475b947ca1d5f10a402a0005b5ac0e1f052e689219dfd703
155044da3bf9c8ad13a0788720b187d7d78971f4acc628e695c5c52aa31469c0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
162494aa6881face214d38b96351f874a65216201f50e94761ca21808c0aa93f
166fcbb16a3701e24240bf3bf2152b79d16e81653d554412e72f6dca96b832a4
16a2d8535199012d0ee978a3cf2d96567bff38ba5914df081651257c6def256c
17009d2a581f38e48caaa8e0bf2f247150076d1e96fd708a353f787cbb0f49bd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1da6926b2edcc20189e7f8dc68854eacc075ba267c2d77dd851ee8a1749e823b
1ec70c7fb22a0abb4cf77eab8f2b4b3a5c674107b30f1bdf7f4d118a9c61e7da
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
26416df163672383736830eedac6dfe555f178f84326e636b42a23b64f0bb6c8
265564711b8fd136d368efb9154e8b2758c252140b92d442bf497e60ceffd01b
269a853888e0ce61aac4a002bc0cbc8b0e3eb039626d9f1b7604f8d955c1892d
27982e7b4e78b96feb5d3bace94b6c7290f812363ff7be278e7f0f8f8ccb88e9
2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e341e5cdddebc5c6a4bfe3c5f6d9afc56f061668a058de2d29e4a08fd765b23
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
33a45a5a9868fae393389cde23193e59ecadb3a257550ceb3d7499b15d985d10
344eccc5f3ea7ebac658c1b57b9b4a21b83405d1065a480bf2bb3d01628e5e20
373deb961a720e1e159bdafc2ab4e9ad0478f910034025f667c92e21dbd0a044
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
39220571548b58ae78a03846bcd8621597323406610ca81923789635ee29e59d
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3e50ec9bf9cd0bd36e6893758780613e45003ce16354ba6d3efff6e51edb6ef6
3ec66e146304975d80b82ba2c1398b599f92f8ce0eb82ba037767404ea376673
3fc80a4275a667dde0d32d69271ccadc001f81150cb53f5f29ff4bd3adad7426
42d66f023bb368180a0b3fe8fb92af402514a0c335f3c16279c020398e6b9308
464db0771f1ab3055cab31a882499224a1aff66a2e59a89ab4fdda18f5f5ab71
47e0d362a8eaa14f412baa47e2e6be04c9c65e479e6de1281fdb511611ac917e
482000269a8443d2127483ba8e4a4637673a1779f5fb87bde1c864b766de192c
49c8fa573b7dfc3dfc9f16f84e204c0da6b295657e306f348ab74b88c4c38d0a
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e5bd2a2e1f478dd665bfe6044c620d18726b81823ceb958ee6bf61a3e204e09
4ff41dff0da924b0ff84aa9092049f579e120b0e5763a2899d77b7f03d709fce
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564790a34f4bb222b6812e6c32b124320b3ccd5db9a922fcff71f72a4bd02673
56f6e8d69901893c8cb7045b9b2fc54918220a0f4bb9fe1ab3b55b8a83f0fb0a
5767504edc32715193265cf5d3b599a76184ee3dc0856d90915fff2474ee1b24
5e569b0acd80e613b14d26fe3cd79346a8b26fb844fc4e76018112f0af7f40d8
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62852aeecf3ada73c9677f1ac137b21b7f0c2c9cc42fbe03267b65ccf619cb0a
6292c1309f3d1ec36d29eadbab333681e7b40b31e1ca87fe0b121ada81fdc3f9
638b38d93e620d6cbb799c06475f9ecb29f258a775f85c2d1de3b54b4ec6b70c
64018c36747d449e570f24cab8b3c9d1e9ea794cf06a288e5adafff3da652ab3
646c32e35e151665ef859f8cc5c59a909dd3681f4f0857ef19b4e818a87bce50
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
676411366e71f04c2ff350ff21efca86e9de93ac0524aff378f6edd6e5e52a30
6a481a4e3dd0dc343f9755f1b4c106cb60517eb3c7045f76661194b4c1ac089a
6aa5844ad135353e46dc232fe26175ca0b49c9b5ae0fca001f03c06496c05c1a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da76e0407ac20e5be7f38f73d9eae1ffc3bd492aa79769c9d900613db9b5dd5
6f96e439379f62c4d31c7f1c7767c50db6b3ca6442dcd50fee328dd53231b734
710655c3653cc6ce3edeb1177d656f4680325f257b5595e5df133cd75c3cb990
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
74a6c62e817179670e62c48e7c09ac73c811a526cbf854ba9142fdabb9ff2d4a
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
79bfb57ae767aa4d6ff454d85780b53b8b3c9c3c5407efa9a423e1d4b3a57603
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a730972a54f766683f2cfc1b36b839f3f260e7576b4d6ee293bffda0758d608
7aaa78bc1b01f0a951224964358a71ff90abc02b7492f64c88980a13f73dbf95
7b8d61fc1f99eb8f9ddf41a0d414c0dd771c895a833ec90ffe4283e8c7516754
7cd7030765ac761d2d9f1a71728e5801860a4d91c36e74051ceb121237743136
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7e83fe9975d2dd72d4a583fa4b72114cd7f17941a949a037fb961a11b12713e4
7f573b2edce0b3073451c72bda43d4ae913c43a4ce64d90e69ae2897aa89c1b1
7fe73c52d7875e308d647ecd2a33a3724be9e4939d498743babc9a2cdbbd5335
82461ffe02bd7ae989addc91633e3856de009b1bd016048f27310b299bf018fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
83f8c16016791765cdc9d1d94bde2de44a69d367caa3febf2ff2f63298e242d1
843833f27c6fc80007f3d829a57eba1f34767863c3d61f5dc56f9da26c4742d0
84832082edd30098694a82d30d83fea657ab39289a655e26a9a080d6c73ce6fb
861ea8eb7a9087b8f0287a2a9b71b96e65323ecac53fb0d3d434cb86daa397d8
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a5f83ccfc1e6a9b32277fdfcf3e52cb0a57b292c07f9ac31cad461a40b81901
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8e8903aa6515c92e0d04a42a7a96ef8ef1151845cfda2179cc8672e83d258548
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1
8f5b6841687a61f03d74675aecb7dba7dd8c3d7affbc7918e22039ecd4599c07
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
93d9d927f3bc739d7673652c574bf52e2f57f832c0cec2f10d20e1d737e1b97c
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
977d7a1f66defb437e71c15dab19d4fdd7cc0d4ad9da121d26e4436b7c8a97eb
98856ba2e91c0a9254b14b5fe497aa9327d0b8669ffc36fa0356ac3a35d85d0b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f6afe6cc1e8c1f2abac312520d075f400508d736961d09a55e4596bc4e0b2f
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9e50bfa7ad08391ec756196d372cb6f5e50c9b1974ee3e42e6eb8cf930a0913e
9fc647aa2ef1f6aa26e64231a4f860b77f8e5ca45ddb241de99581e1235df68d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a252eebaf2dcd374b5b5592def1faca3e67dc221b37ba4661b0c42db2cd7c35e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a525aa66d7ff9cd427528325167561440fd6058d7fab4f4b4d2d2de32e71448e
a5422702826b8124b5783d90b9d768b669b41e10247ee353ecc7bf7854436ded
a671ce534bfafe05a922189e73b9acd03afa20088568b5ae3b9809f93be56e02
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a8cebc2cb04ac75776e861a533e41ea0bd3b69d06f461cb78e086602dac603aa
ab913a87b721b324515eba65e3e6824a4eca503780e9deb7e4d375204c282e95
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aff66da2e24f7833ec3ac1e7136c44b55c3ed0118957894c77eca728bd5fac50
b091c5af06d5b4f964b9051ca828039ce57fe76901e18dda9a85a0b9fff3511e
b09d3edc110b98e6eb7b365405af0c617c945d0f519aa5cf7d319048780ca3d1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e6c00a45288868369ef6ac73eebb20af2b8a404f13a7a6d2ad2f3854282116
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b8aa92c5736920d857a50bde9563221b0cb35ae7b2b109782c8f51e493a09aab
b92acba360e73f87888cefb8b34869639f19e22b777614961f151b0c06bf4863
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
bbac62bc6bedc78287284e92948ad46f708f45a745bd6da4bec7127eca24514b
bc963544c7b58831207820ca1f6aa75f0265843be105cab7b7c3744155616f3a
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf4b80d75d372b22fefb1daed5d5d5113b8895af5d6f876a67dfaa07b6593c30
c169ba758ad19844dfca92b94cb4cab61992e9b4418dfc3ab516e2fe5c9cbad4
c4a648b90b933da069c2324f7919ea7e313922f846864276c5f33bcc95506103
c51a8bd285c64c6b38ef08a271bba5a8e3a4a55cf7bdd457da49b11536cca063
c62b53c850ed7a4b49afd96c9a30288917d295c8a64ab6beea8da69291b8cd49
c7571d58fa40f74107002e9991f3b84ca5da3aef2f9f366a7ddc27afb9a90dc0
c7b5c0cedf74b0080aad07a3625c6a8bbeaeccb542c34945a471bad17be79943
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cb33386457609ed59866c61e2d9b0d4f4c3c5c6e2c7401c0a0a9fd8f5ff0c951
ce43847a09e5b32264fd405cadb39468fa323414fb98a57cf90ca100ecc3f365
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3fd91ee62256b439f81a02c678e02a4ac665a52642a475e1cec17e5959db19b
d416b44096111e19fb6150f8304cd39b580f6fa9b1c49a4f6937de4d924b570a
d64597e0f7fbfca465f7c2c3c9353a29d4746301632781083f45faed2dcc0b51
d6a2db3e79fe9b07cd3d639778ab7a14c6b84fb1b8adb4bb7c4148a0ab070de0
da9cef05bb3578a7a64b84c5c60ffd0c825548b4dfb0096955cfc1ccc408205d
db1e8ca32d9160e5a98ebab86225e05e9b7557e38d27b0e30d994d4242aae414
dbf23fd93369a90039de26b63e7a566560cb609c4a33003704e4ed989629f947
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff
dd5fe16c4ed8b425108f0d516e939c08dbc3da1b6948df7c0d258da7d1dbf9d7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded40bc9b131ce8d897e8319b65b204d44da586ca44e661f3acc33cb6438b1f4
e029f52d3ee7b5d529e43509e78c8aad836f222e32a308e61360e3fddcec6320
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98
e0bd93b8f04e67673a3398c9ded686d08e1dc1ad79a96b958ca573ae3d4ab0d6
e0f2bfbabb9841847f2a5b6e1a90ea85ed2cda2648ac0ced424a8e9769e38514
e138514a035a3eede51af12aaa091a24057001e65336092ee6c42f491bde863e
e24ce462b090fdbb38af89384909309483db1a66bc0d1ce4a5141c4864467868
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e38188d7aeeab09989954d42e1eac3f97f6320a4e6d51cc2dde4ac391289bf08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
e8bd6044578f524a466c53fa6636fe598ff060f30bb0f62999bbfd217de1d574
e907d3f2e9ab46e2d2959431618413d3cbe722b9761e406bf765d156b154f90b
e99085c8cdfa85075b2de5790539cc5ab06de9d5d401232b6bc2440362f3037b
ec3b661eaa069c3d01cce3146b288964649b25a3649bb456daf5e1fcd2cfedc6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f180d52d5b722250d977629249155fca68b8d939bb323e0982c15631d797776e
f1ba16d59fcef7f8c3eb7484d74c1765875f83f9c55d03e63501dbdaf1c71f72
f1e21c2fbe15539a6989e0a1256c9f4e73412e49dd85437305dce8ef7c0aa8a0
f336a6da2e57a1dd5bcd42f29f901d5252438a16952e4577ebdb6e0871e812a0
f375aaa522232e786256e11ddb093a95c35026397d3967ba0b66dd427d833a2e
f395c29c567db8929b9488fc87a67ff609fdd0908481079f904902c5a2a5a7b9
f4ee26c487a7725e60a0e76b47c368e1130e6b817be36cd0a63068b1c77d9eab
f5021e76e8419684c03958d2ae1c65c18c10891b061c1a8b63cdf09ef4a55434
f515fa3b78a4dee7d5a9c9009d2f3be56d32d1287fee739d987162c8c025a6a0
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f76c9bd7fbdf9ac8175846d7d6664bf0946c38e0431c86468279303a79d9ed99
fa08cf746d9f4b99c9670550de311d2abe538309aa150c0c3801582f153b4eb9
fa3bcc93d1be83ac7d82cd6182d25741cdef5d016e40436266df12a50abbebc3
fa6b6e3804d27952e60bba62059b44a9aa470d384da576e1af8499d358733b5d
fba3d61af1c632ba9227d48dd1306832b8ab257a156588e10d47a84716e6bd80
fba6ca9533a68c0f3cd0f7d68490d3ca758ea6f239766cebb7c1eb2f9afbba26
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fd8027b53a97cbd5782e85c5908e563c39776703ff9279f50658e630927b4167

2plus2.ua Open in urlscan Pro 195.137.240.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

287 Requests

91 %HTTPS

46 %IPv6

42 Domains

68 Subdomains

57 IPs

10 Countries

6990 kBTransfer

12486 kBSize

48 Cookies

24 Outgoing links

Page URL History

Redirected requests

287 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

2plus2.ua Open in urlscan Pro
195.137.240.82 Public Scan

Screenshot
Live screenshot

Full Image

287
Requests

91 %
HTTPS

46 %
IPv6

42
Domains

68
Subdomains

57
IPs

10
Countries

6990 kB
Transfer

12486 kB
Size

48
Cookies

287 HTTP transactions
6 data transactions