1plus1.ua Open in urlscan Pro
195.137.240.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1plus1.ua/
Effective URL:
https://1plus1.ua/
Submission: On July 16 via api (July 16th 2022, 2:22:34 am UTC) from GB — Scanned from GB

Summary HTTP 397 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 75 IPs in 13 countries across 56 domains to perform 397 HTTP transactions. The main IP is 195.137.240.100, located in Ukraine and belongs to ASN-UNIAN, UA. The main domain is 1plus1.ua. The Cisco Umbrella rank of the primary domain is 493154.
TLS certificate: Issued by R3 on July 12th 2022. Valid for: 3 months.

This is the only time 1plus1.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	195.137.240.100 195.137.240.100	29389 (ASN-UNIAN) (ASN-UNIAN)
9	195.137.240.88 195.137.240.88	29389 (ASN-UNIAN) (ASN-UNIAN)
39	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
67	195.137.240.21 195.137.240.21	29389 (ASN-UNIAN) (ASN-UNIAN)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
14	195.137.240.108 195.137.240.108	29389 (ASN-UNIAN) (ASN-UNIAN)
4	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	195.137.240.12 195.137.240.12	29389 (ASN-UNIAN) (ASN-UNIAN)
4	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1 11	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
1	194.247.175.23 194.247.175.23	196831 (BEMOBILE-AS) (BEMOBILE-AS)
7	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
15	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
7	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
3	145.239.237.56 145.239.237.56	16276 (OVH) (OVH)
1 2	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 2	147.75.198.217 147.75.198.217	54825 (PACKET) (PACKET)
9	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::6815:5525	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	46.249.52.248 46.249.52.248	50673 (SERVERIUS-AS) (SERVERIUS-AS)
8	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 26	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
15	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.51.170.224 52.51.170.224	16509 (AMAZON-02) (AMAZON-02)
5 7	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.90.105.115 104.90.105.115	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2607:f8b0:400... 2607:f8b0:4005:814::2003	15169 (GOOGLE) (GOOGLE)
1	108.177.15.157 108.177.15.157	15169 (GOOGLE) (GOOGLE)
5	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:ceb0:a2e8:d44c:f538	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
2	185.86.137.122 185.86.137.122	201081 (SMARTADSE...) (SMARTADSERVER)
2	2600:9000:223... 2600:9000:223f:1600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	52.29.193.101 52.29.193.101	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8100:169e:15cb:462f:8154	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	2600:1f18:1ac... 2600:1f18:1aca:4281:61aa:2c32:4233:52a7	14618 (AMAZON-AES) (AMAZON-AES)
3	104.90.105.27 104.90.105.27	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2 2	2a05:d01c:1d8... 2a05:d01c:1d8:8102:9602:fd0d:b77b:851e	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:dca8:6c50:abca:109d	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.71 141.95.98.71	() ()
397	75

10 195.137.240.100 (Ukraine) 1 redirects

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 195.137.240.88 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front02.1plus1.ua

1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 195.137.240.21 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: images.1plus1.ua

images.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 195.137.240.108 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: front03.1plus1.ua

api.1plus1.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.137.240.12 (Ukraine)

ASN29389 (ASN-UNIAN, UA)
PTR: assay.1plus1.ua

assay.1plus1.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.198.217 (Tokyo, Japan) 1 redirects

ASN54825 (PACKET, US)
PTR: sync-1

sync.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:5525 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.248 (Amsterdam, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.122.14.34 (United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.170.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-170-224.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.18.126 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.105.115 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-105-115.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4005:814::2003 (New York, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Sankt Georgen im Schwarzwald, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:ceb0:a2e8:d44c:f538 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.25 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:1600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.193.101 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-193-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Beverwijk, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8100:169e:15cb:462f:8154 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

rtr.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4281:61aa:2c32:4233:52a7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.90.105.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-105-27.deploy.static.akamaitechnologies.com

s-video.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8102:9602:fd0d:b77b:851e (London, United Kingdom) 2 redirects

ASN16509 (AMAZON-02, US)

s.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:dca8:6c50:abca:109d (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.71 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 166 ade.googlesyndication.com — Cisco Umbrella Rank: 283	467 KB
51	1plus1.video 1plus1.video — Cisco Umbrella Rank: 180120 api.1plus1.video — Cisco Umbrella Rank: 227814 images.1plus1.video — Cisco Umbrella Rank: 617892	2 MB
51	1plus1.ua 1 redirects 1plus1.ua — Cisco Umbrella Rank: 493154 images.1plus1.ua assay.1plus1.ua	2 MB
48	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231 stats.g.doubleclick.net — Cisco Umbrella Rank: 138 cm.g.doubleclick.net — Cisco Umbrella Rank: 223 bid.g.doubleclick.net — Cisco Umbrella Rank: 523 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	330 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	618 KB
15	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 282	313 KB
14	google.com adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	4 KB
14	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 46154 ls.hit.gemius.pl — Cisco Umbrella Rank: 11852	63 KB
12	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5382 ghb.adtelligent.com — Cisco Umbrella Rank: 6067 sync.adtelligent.com — Cisco Umbrella Rank: 3940 ghb1.adtelligent.com — Cisco Umbrella Rank: 6811	148 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 imasdk.googleapis.com — Cisco Umbrella Rank: 439	583 KB
9	innovid.com 2 redirects rtr.innovid.com — Cisco Umbrella Rank: 1801 s-video.innovid.com — Cisco Umbrella Rank: 23661 s.innovid.com — Cisco Umbrella Rank: 1780 ag.innovid.com — Cisco Umbrella Rank: 1567	838 KB
9	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 757 gum.criteo.com — Cisco Umbrella Rank: 410 mug.criteo.com — Cisco Umbrella Rank: 2434	9 KB
8	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 626 static.adsafeprotected.com — Cisco Umbrella Rank: 611 dt.adsafeprotected.com — Cisco Umbrella Rank: 550	95 KB
8	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 549	9 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 597 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505	6 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	59 KB
5	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 47445 inv-nets.admixer.net — Cisco Umbrella Rank: 3040	85 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	220 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 651	2 KB
4	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 19457 us-u.openx.net — Cisco Umbrella Rank: 433 rtb.openx.net — Cisco Umbrella Rank: 1906	4 KB
4	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4409 www.google.co.uk — Cisco Umbrella Rank: 2790	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	155 KB
4	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 113565	4 KB
4	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 208270 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 214511	20 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 315	2 KB
3	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 698 script.hotjar.com — Cisco Umbrella Rank: 1004 vars.hotjar.com — Cisco Umbrella Rank: 1019	67 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 973 r.turn.com — Cisco Umbrella Rank: 3520	869 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 586	2 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1033	150 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 528	2 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3117	207 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1086	344 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 649	56 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1074	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 524	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1205	793 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96 graph.facebook.com — Cisco Umbrella Rank: 115	1 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7395	1 KB
2	pubwise.io 1 redirects sync.pubwise.io — Cisco Umbrella Rank: 7318	342 B
2	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 6935	506 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	88 KB
1	id5-sync.com id5-sync.com	616 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12707	1 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 616	191 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1257	573 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 838	761 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1776	583 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 689	537 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1345	271 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6287	171 B
1	pubmatic.com hbopenbid.pubmatic.com Failed image6.pubmatic.com — Cisco Umbrella Rank: 684	166 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 849	356 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4790	524 B
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 42536	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	643 B
397	56

	Domain	Requested by
39	images.1plus1.ua	1plus1.ua
39	pagead2.googlesyndication.com	1plus1.ua pagead2.googlesyndication.com 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
28	images.1plus1.video	1plus1.ua 1plus1.video
26	cm.g.doubleclick.net	6 redirects 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com googleads.g.doubleclick.net
21	tpc.googlesyndication.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net imasdk.googleapis.com
15	s0.2mdn.net	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com imasdk.googleapis.com 1plus1.ua s0.2mdn.net
14	api.1plus1.video	1plus1.ua api.1plus1.video 1plus1.video client imasdk.googleapis.com
11	gaua.hit.gemius.pl	1 redirects 1plus1.ua gaua.hit.gemius.pl 1plus1.video
10	1plus1.ua	1 redirects 1plus1.ua
9	www.google.com	api.1plus1.video 1plus1.ua 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com 1plus1.ua
9	1plus1.video	1plus1.ua 1plus1.video
8	fastlane.rubiconproject.com	player.adtelligent.com
7	www.gstatic.com	www.google.com 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	api.1plus1.video 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
6	ghb.adtelligent.com	player.adtelligent.com
5	googleads4.g.doubleclick.net	googleads.g.doubleclick.net 1plus1.ua
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	imasdk.googleapis.com	1plus1.video imasdk.googleapis.com 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
5	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagmanager.com	1plus1.ua 1plus1.video
4	dt.adsafeprotected.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
4	c1.adform.net	4 redirects
4	csi.gstatic.com	imasdk.googleapis.com
4	gum.criteo.com	2 redirects static.criteo.net
4	www.googletagservices.com	1plus1.ua 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
4	pa.tns-ua.com	1plus1.ua source.mmi.bemobile.ua pa.tns-ua.com
4	cdn.admixer.net	1plus1.ua cdn.admixer.net
4	player.adtelligent.com	1plus1.ua player.adtelligent.com
3	ade.googlesyndication.com
3	s-video.innovid.com
3	x.bidswitch.net	3 redirects
3	mug.criteo.com
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	ib.adnxs.com	1 redirects player.adtelligent.com googleads.g.doubleclick.net
3	ls.hit.gemius.pl	gaua.hit.gemius.pl
3	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	ag.innovid.com
2	s.innovid.com	2 redirects
2	rtr.innovid.com	imasdk.googleapis.com
2	sync.1rx.io	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	static.adsafeprotected.com	pixel.adsafeprotected.com 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
2	ssbsync.smartadserver.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	dclk-match.dotomi.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	um.simpli.fi	2 redirects
2	sync.mathtag.com	2 redirects
2	cms.quantserve.com	1 redirects 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
2	bidder.criteo.com	player.adtelligent.com
2	pbjs.e-planning.net	1 redirects 1plus1.ua
2	sync.pubwise.io	1 redirects 1plus1.ua
2	a4p.adpartner.pro	1 redirects player.adtelligent.com
2	connect.facebook.net	1plus1.ua connect.facebook.net
2	assay.1plus1.ua	1plus1.ua
1	id5-sync.com	player.adtelligent.com
1	graph.facebook.com	1plus1.ua
1	m.exactag.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
1	rtb.openx.net	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
1	r.turn.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	p.rfihub.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	image6.pubmatic.com	50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	www.google.co.uk	1plus1.ua
1	www.facebook.com	1plus1.ua
1	prebid.a-mo.net	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	onetag-sys.com	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	inv-nets.admixer.net	player.adtelligent.com
1	hb-api.omnitagjs.com	player.adtelligent.com
1	ads.adnuntius.delivery	player.adtelligent.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sync.adtelligent.com	1plus1.ua
1	vars.hotjar.com	static.hotjar.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	script.hotjar.com	static.hotjar.com
1	source.mmi.bemobile.ua	1plus1.ua
1	static.hotjar.com	1plus1.ua
0	hbopenbid.pubmatic.com Failed	player.adtelligent.com
397	94

This site contains links to these domains. Also see Links.

Domain
1plus1.video
www.facebook.com
t.me
instagram.com
poshuk.1plus1.ua
dovgadoba.1plus1.ua
images.1plus1.ua
tsn.ua
plus-plus.tv
2plus2.ua
tet.tv
1plus1.international
bigudi.tv
www.unian.net
paramountcomedy.com.ua
tv.kyivstar.ua
media.1plus1.ua
sales.1plus1.digital

Subject Issuer	Validity	Valid
1plus1.ua R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.1plus1.video Go Daddy Secure Certificate Authority - G2	`2021-10-22` - `2022-08-14`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
images.1plus1.ua R3	`2022-06-16` - `2022-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
player.adtelligent.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
assay.1plus1.ua R3	`2022-07-10` - `2022-10-08`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-03`	a year	crt.sh
juke.mmi.tns-ua.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-24` - `2022-07-23`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-06-09` - `2022-09-07`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
adpartner.pro R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh

This page contains 34 frames:

Primary Page: https://1plus1.ua/
Frame ID: 091EBF8EFC3AD161E912F1F802F76A18
Requests: 151 HTTP requests in this frame

Frame: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Frame ID: 072450255AA4964ECFC6A9BE87B62B9C
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: 930CE5DB0E3C44E8F2E9C11C5ED06401
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: D5AA0A366204C8BE7593BBCB619A217F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9111367348737651&output=html&adk=1812271804&adf=3025194257&lmt=1657938147&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657938147675&bpp=3&bdt=599&idt=143&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3571859317606&frm=20&pv=2&ga_vid=836394917.1657938148&ga_sid=1657938148&ga_hid=1065207403&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067528%2C31067983%2C31068196%2C31068418%2C42531606&oid=2&pvsid=2832515476977366&tmod=507792962&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=166
Frame ID: 8540EEF46218759C4D09E84C7A0EE4F2
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: C2669A290FBBA25FD442F61A82A390CC
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 0F29E640E899F8F3E721D857FE77594C
Requests: 1 HTTP requests in this frame

Frame: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9D3A7C6FD78090002ADDE9F61A8D2856
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 2842BC6F35A12DDD0F147E2607D536B2
Requests: 1 HTTP requests in this frame

Frame: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D0A1F51248BDC68A77475299BB3FEB1
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 64B9599D4068B5891D9ED378CD49B16B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 840493156FFFE32BF3C0D60E8D82EA99
Requests: 9 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: FE5363FB37F4446A320FF928B8B3350C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: 131110D28709A9D3354E5F0F17B7C894
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.521.0_uk.html
Frame ID: D5C6DA5C099573B5DA94EF98A9A39A9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5D418C9ED6BBB1EFDA2B30890C76E3A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C70AAFD25AB10CA8DEF656DF638456D
Requests: 2 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 1608CEF51CE0866F0B6C372DC5DE6394
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.521.0_uk.html
Frame ID: 38D23298C25196D42CD20DA3198B8741
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua
Frame ID: 34B050677C30B20892BF5BF46B8555FF
Requests: 2 HTTP requests in this frame

Frame: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2B9ABC13A4C17CBABB404E77470656CC
Requests: 15 HTTP requests in this frame

Frame: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D99E0C82BDDEE116FA1C8EDFD7FC91A
Requests: 23 HTTP requests in this frame

Frame: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 632768D4F6EF62D403A5C1A176D8EFCC
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhjfk_iwATAB&v=APEucNWGmF9oGfQMh3RufUnpB__LTYs48kcgFp9OcxiFPkKzaB6x4H_xOvDP6bg8fK8HuTTrlNtYbkWTR_iQomR5TO6UMJHoBcH3H3KtmJvzOgUxI5SbnuI_mKWSWD9P6sGpuSLY_PIwQWJy_hK7TD3z521gwKl9HZHzIhJcInH4CsOF8aeQCtc
Frame ID: E2176CEEF9257424CEC2E1B0C7853AF6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY7r2avQEwAQ&v=APEucNW_iaKwnKEqXXjjBatR7FfnyIGT3ovtCNTOtL7TD3CeF59N-IbJOrtaXMKR3vcmNRAKZsnw_cTaVIWg8scWiluXRYUQatBm2Pbs3KdKNU2TXvovi4JWDbBvWscci1JBZt2-BDyUuUp4EtnPckuT4baIsc5pgczcAgfm1ssXBSKhABL-xCo
Frame ID: 7B2747E45DC26EF2A3AE6351F1C8C775
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5815031D175BE90784766F93EFB7F733
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 83848E6FCF36CC47E8CE9286362F8414
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA851D87ABAA9F5BDA28C605754A7808
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 43818D36FC9190D68E2E2C65B5444E8C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3F21CD83DB0D23F9D07246174AB7D1C7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247
Frame ID: 5393E0242B0DA5E587454008AC01CFBF
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 6D5E9DD51B1DB15BBEFEE2659E7AEA4F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js
Frame ID: B654132E81F58AF29427EB500E7DE29C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 92113DD8931848C895B1765808D3D1B2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Офіційний сайт каналу 1+1Kyivstar

Page URL History Show full URLs

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

397
Requests

91 %
HTTPS

42 %
IPv6

56
Domains

94
Subdomains

75
IPs

13
Countries

8495 kB
Transfer

16286 kB
Size

72
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://1plus1.video/
Title: Відео

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1plus1.ua/

Search URL Search Domain Scan URL

URL: https://t.me/OnePlusOneChannel

Search URL Search Domain Scan URL

URL: https://instagram.com/1plus1_ua?utm_medium=copy_link

Search URL Search Domain Scan URL

URL: https://poshuk.1plus1.ua/
Title: Знайти своїх

Search URL Search Domain Scan URL

URL: https://dovgadoba.1plus1.ua/
Title: Довга доба

Search URL Search Domain Scan URL

URL: https://1plus1.video/tancy-so-zvezdami/
Title: Всі відео

Search URL Search Domain Scan URL

URL: https://1plus1.video/golos-strany/12-sezon
Title: Голос країни 12 сезон 5 випуск. Вибір наосліп 12 сезон 5 випуск

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b.jpg?v=1645529997

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/650/f151616dfa4225a5765c58f2fe77ae18.jpg?v=1645530032

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/659/b179b1a345011da2f620df40a3fba89a.jpg?v=1645530060

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399.jpg?v=1645530090

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4.jpg?v=1645557776

Search URL Search Domain Scan URL

URL: https://images.1plus1.ua/uploads/gallery/000/862/984/83ff7b55149114842e5483a7bee20364.jpg?v=1645633328

Search URL Search Domain Scan URL

URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Title: Стародавні традиції гуцулів-сироварів та секрети виробництва карпатських твердих сирів

Search URL Search Domain Scan URL

URL: https://tsn.ua/

Search URL Search Domain Scan URL

URL: https://plus-plus.tv/

Search URL Search Domain Scan URL

URL: https://2plus2.ua/

Search URL Search Domain Scan URL

URL: https://tet.tv/

Search URL Search Domain Scan URL

URL: https://1plus1.international/

Search URL Search Domain Scan URL

URL: https://bigudi.tv/

Search URL Search Domain Scan URL

URL: https://www.unian.net/

Search URL Search Domain Scan URL

URL: https://paramountcomedy.com.ua/

Search URL Search Domain Scan URL

URL: https://tv.kyivstar.ua/
Title: Kyivstar

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/1plus1
Title: ПРО КАНАЛ

Search URL Search Domain Scan URL

URL: https://sales.1plus1.digital/
Title: РЕКЛАМА

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/media/channels/problems
Title: ПРОБЛЕМИ З ПРИЙОМОМ КАНАЛУ 1+1

Search URL Search Domain Scan URL

URL: https://media.1plus1.ua/ua/hr
Title: КАР’ЄРА

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1plus1.ua/ HTTP 301
https://1plus1.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ad8d0522-0429-4bb8-a21a-84de21f29652

Request Chain 101

https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D HTTP 302
https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1

Request Chain 107

https://gaua.hit.gemius.pl/_1657938148158/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=bU8bXwPeWe3zttO_y9288eZJ4wbfH49f6HKy9ic4FlD.B7yw_rbbjHB9mt1Z_6oZaFRCovGQ_Gb.3T_HF5MB7dfXwACm/pB6yfcOrVxwHX/&ltime=203&fpdata=g4HFa6qCliwpL45qpra7sFKcS0U2FSlAAKNn8p_M_mP.O7&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1657938148158/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=bU8bXwPeWe3zttO_y9288eZJ4wbfH49f6HKy9ic4FlD.B7yw_rbbjHB9mt1Z_6oZaFRCovGQ_Gb.3T_HF5MB7dfXwACm/pB6yfcOrVxwHX/&ltime=203&fpdata=g4HFa6qCliwpL45qpra7sFKcS0U2FSlAAKNn8p_M_mP.O7&fpcap=

Request Chain 125

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.31500275460550187&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.31500275460550187&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55

Request Chain 188

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELfSXUoqhHDpZsh5kTmzYGw&google_cver=1&google_push=AehlK4AthT-HRQWG5c3tbyUrNcvvKNxM6KyiBCiDWOtN740cmmlviM3k_FkPJUczcYc9iDB417FXZaHLlaUwFDCzusfdlvAistcj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AthT-HRQWG5c3tbyUrNcvvKNxM6KyiBCiDWOtN740cmmlviM3k_FkPJUczcYc9iDB417FXZaHLlaUwFDCzusfdlvAistcj

Request Chain 189

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDoJ9B4PFjdrFjpVoMuqH_Q&google_cver=1&google_push=AehlK4CnOSiq1PFtF6GaQlq08SWf__wYSPfNKcl4rIQUBgrGAp45-x4A1GdMS8ipxKWGA6QTm2ZK9vc7PQTudl13oQlQZFIkwy6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDoJ9B4PFjdrFjpVoMuqH_Q&google_push=AehlK4CnOSiq1PFtF6GaQlq08SWf__wYSPfNKcl4rIQUBgrGAp45-x4A1GdMS8ipxKWGA6QTm2ZK9vc7PQTudl13oQlQZFIkwy6A

Request Chain 190

https://um.simpli.fi/gp_match?google_gid=CAESEKgkLrea0kC3fIIv8rmdsv0&google_cver=1&google_push=AehlK4AI_-HP5fS06vk0k3Uq1fUl08_mr1BtBC-OpP784KHqFhW3UuSSHRjLFChhzNxxVZTC4VxD6MUpOJVzKr73WEIcO8jGel-e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9329591B23704CC088FB1714D6430DFA&google_push=AehlK4AI_-HP5fS06vk0k3Uq1fUl08_mr1BtBC-OpP784KHqFhW3UuSSHRjLFChhzNxxVZTC4VxD6MUpOJVzKr73WEIcO8jGel-e

Request Chain 263

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=0&topUrl=1plus1.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=2UZMGnxoR3lJT2xZNWx6dHdDSkVNL1hkSmNmYkFSWHl0dnkzVWsyTVBLY2pRb25hUnBIQ1pJTmdZdE1zZmNSclZPT2ZzYTExbmlleDhOK0FHNyt0U2VhU1RiTElkS1crK2t5UFVLSzJINSszdEpDaGdsZzRiR0VxdlIxTkkzSjVNbmRqKzJWTldLN2lnZDZOMzVTN3hWNG9NNE5SSmgzRitqZ2pSVWJhdWN5d3dyTW8rMGNEOGNaYUp1aG5NSmRaWG1BeERhZTB6ZDc1d3NDYnVYOFN4MTYzUHI2MlZGUzdnTWdqbzE2cnFOaUxXNUp4L1A4UlpQbStEUUtrbHlDZGRHZ1RnMmo5OXpjMFRwb2ZGcVhhRVN6SmhRQT09fA&cppv=2

Request Chain 288

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1&C=1

Request Chain 289

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtIg5zvPCuDTTcfGEKs4PAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1

Request Chain 290

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJRmCT3T4xP0nmgLcQqagJ4&google_cver=1

Request Chain 291

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyNjgzOTMzNzYyMzU4NTA5MA%3D%3D

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0GD11bxSkcS6m4vgoG3nM&google_cver=1

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESECYJGNPHAWVC2nkrhK6hkMk&google_cver=1

Request Chain 313

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC2QqzOaY3XMMwC6JItwcnI&google_cver=1&google_push=AehlK4DOzuzJoTl0k5PtLiihxi6NJJVon9X3CPkWJ2ROIR98i81GuHkzYL3Bt81333nfc8HEk9KRwyrYPGkGtmSQumWWBRa2dzU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMDc5MDEzNzMzNzczOTQwNQ%3D%3D&google_push=AehlK4DOzuzJoTl0k5PtLiihxi6NJJVon9X3CPkWJ2ROIR98i81GuHkzYL3Bt81333nfc8HEk9KRwyrYPGkGtmSQumWWBRa2dzU

Request Chain 314

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF_qpagnk2H6XiMi1I5y9jM&google_cver=1&google_push=AehlK4CxTihTxl8ok2j3u1aON2QPBJGjiV9KxUk4TrXELdBDbTmI53ahXQLCjNM34gr9EHso7iD_QPlBzeJGmrdJQbzSS9VHsR0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CxTihTxl8ok2j3u1aON2QPBJGjiV9KxUk4TrXELdBDbTmI53ahXQLCjNM34gr9EHso7iD_QPlBzeJGmrdJQbzSS9VHsR0&google_hm=MjAwNDI3MjI0MDI0MzYxMjE0

Request Chain 315

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC1BuGX46FwXUWenJsMlhRw&google_cver=1&google_push=AehlK4C20Apgww_MFZfGkWTNz8URts9CCiU7H9bAn5ZAGkFuSsNXyqoA_Di1S591al97fBk_Pd6gI2LEcTHtz1VBWSPNJfp1DoE HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC1BuGX46FwXUWenJsMlhRw&google_cver=1&google_push=AehlK4C20Apgww_MFZfGkWTNz8URts9CCiU7H9bAn5ZAGkFuSsNXyqoA_Di1S591al97fBk_Pd6gI2LEcTHtz1VBWSPNJfp1DoE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExMDgzOTA0NzcwODYyMzE3NQ&google_push=AehlK4C20Apgww_MFZfGkWTNz8URts9CCiU7H9bAn5ZAGkFuSsNXyqoA_Di1S591al97fBk_Pd6gI2LEcTHtz1VBWSPNJfp1DoE

Request Chain 316

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC1BuGX46FwXUWenJsMlhRw&google_cver=1&google_push=AehlK4Bxc7EsxBbe2EJxKdVe0a-4T676lVuiODgj9tCixDKdkEQiI6BVLWe3Tbm0D8CPW9H5c05xwwcFHR8XdNkcgFDbArImCok HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC1BuGX46FwXUWenJsMlhRw&google_cver=1&google_push=AehlK4Bxc7EsxBbe2EJxKdVe0a-4T676lVuiODgj9tCixDKdkEQiI6BVLWe3Tbm0D8CPW9H5c05xwwcFHR8XdNkcgFDbArImCok HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzEyMjA5MDAyNjA2MjM0MjIyNg&google_push=AehlK4Bxc7EsxBbe2EJxKdVe0a-4T676lVuiODgj9tCixDKdkEQiI6BVLWe3Tbm0D8CPW9H5c05xwwcFHR8XdNkcgFDbArImCok

Request Chain 328

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAaaRbcXFrqDQ1tPJUOLhtk&google_cver=1&google_push=AehlK4DBTdLaDyyJnLZZvPykRCkAltqZNRcufG4T5SN9KOqqHh-T3S48VkbUfoWkuzhn1-38Xn5nrt5gjIFso41z3MInry4kUTO3 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DBTdLaDyyJnLZZvPykRCkAltqZNRcufG4T5SN9KOqqHh-T3S48VkbUfoWkuzhn1-38Xn5nrt5gjIFso41z3MInry4kUTO3&google_hm=v5gyo6uZkYJQHOpBEAau7A

Request Chain 329

https://um.simpli.fi/gp_match?google_gid=CAESEKgkLrea0kC3fIIv8rmdsv0&google_cver=1&google_push=AehlK4ANW0vMbXgR1vb1NuOfMhNPFGSFazY4CxV0ilgCMO9kNmddCbP9Kj3lbsijeNZV0VeiyiKO0zB81T8z-RBFnA_Nfxlf9MvS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9329591B23704CC088FB1714D6430DFA&google_push=AehlK4ANW0vMbXgR1vb1NuOfMhNPFGSFazY4CxV0ilgCMO9kNmddCbP9Kj3lbsijeNZV0VeiyiKO0zB81T8z-RBFnA_Nfxlf9MvS

Request Chain 330

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPZ7q64XwWLshKq4pHoSxpc&google_cver=1&google_push=AehlK4CfbuLpDcSuNZOtRmkDqtCxBjXc2uU8oqAmreKdWGFBQqn9avSFarBFQfmL5KX03mYJ7Uz5fHlz-C1Uh9uEgWgWSaMclsLc HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPZ7q64XwWLshKq4pHoSxpc&google_cver=1&google_push=AehlK4CfbuLpDcSuNZOtRmkDqtCxBjXc2uU8oqAmreKdWGFBQqn9avSFarBFQfmL5KX03mYJ7Uz5fHlz-C1Uh9uEgWgWSaMclsLc HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336719249380487&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CfbuLpDcSuNZOtRmkDqtCxBjXc2uU8oqAmreKdWGFBQqn9avSFarBFQfmL5KX03mYJ7Uz5fHlz-C1Uh9uEgWgWSaMclsLc&google_hm=Pta-iEIhRUWarQYXqlS7eg==

Request Chain 332

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_cver=1&google_push=AehlK4C2Xgz9EpdMDQUanPnXdhiZofE6i_5iedAd58zlblXQ6gVBRaYiLPVzEs_kzHYNGx5eTEyY6WqZO2W2OrHC8l0_WVefuZU HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_hm=YtIg5zvPCuDTTcfGEKs4PAAAEbgAAAAB&google_nid=index&google_push=AehlK4C2Xgz9EpdMDQUanPnXdhiZofE6i_5iedAd58zlblXQ6gVBRaYiLPVzEs_kzHYNGx5eTEyY6WqZO2W2OrHC8l0_WVefuZU

Request Chain 333

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENY8fTJSNUPGhGKKgujZHNY&google_cver=1&google_push=AehlK4BetzF8wQT-FygDXg0yvJWkzURVoUBi_UDpqc6fW_lKH82Jsd_jKE0-viIAeWGOkW4dF_poROFxQYm7isaxuyqnsToiUYM HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BetzF8wQT-FygDXg0yvJWkzURVoUBi_UDpqc6fW_lKH82Jsd_jKE0-viIAeWGOkW4dF_poROFxQYm7isaxuyqnsToiUYM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1657938151216 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e7c81291-e87d-45a4-a5db-15f6e11d4821-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BetzF8wQT-FygDXg0yvJWkzURVoUBi_UDpqc6fW_lKH82Jsd_jKE0-viIAeWGOkW4dF_poROFxQYm7isaxuyqnsToiUYM%26google_hm%3DA-fIEpHofUWkpdsV9uEdSCE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BetzF8wQT-FygDXg0yvJWkzURVoUBi_UDpqc6fW_lKH82Jsd_jKE0-viIAeWGOkW4dF_poROFxQYm7isaxuyqnsToiUYM&google_hm=A-fIEpHofUWkpdsV9uEdSCE

Request Chain 339

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECZS4yBotVnJe6JQSw4v7us&google_cver=1&google_push=AehlK4ASDryPO-z64AGPKTPcEtGOgjDxwNlpwTr5c_gaG-JGSCWdBkcbTyj9peGGVqPtIvm0JX2EVEOxlNkiuUF7PkTjyKfQXiGm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM2NDQ2OTI5MTM2MTg1MDU2NQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECZS4yBotVnJe6JQSw4v7us&google_cver=1

Request Chain 341

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELfSXUoqhHDpZsh5kTmzYGw&google_cver=1&google_push=AehlK4BkdjlkbmRLwPU7f5jooaN_L-yEMF10h6PnTt2v15lJe7jlSYDUuMp68T5QXt5lxlijkWAGAU48D25FGLKXBrsrpV1I7p8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3o1i0iDlTgCR-XpLSEoO3g&google_push=AehlK4BkdjlkbmRLwPU7f5jooaN_L-yEMF10h6PnTt2v15lJe7jlSYDUuMp68T5QXt5lxlijkWAGAU48D25FGLKXBrsrpV1I7p8

Request Chain 343

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF_qpagnk2H6XiMi1I5y9jM&google_cver=1&google_push=AehlK4CxvHnsnYYVVSso26gIpv5NFFiMyPKTVYYqO9bvFGxmfyVyB35Ysc8RmS2uQ4HgFnkQYqatTlKueZYPvZiyoENtwfOqf9WU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CxvHnsnYYVVSso26gIpv5NFFiMyPKTVYYqO9bvFGxmfyVyB35Ysc8RmS2uQ4HgFnkQYqatTlKueZYPvZiyoENtwfOqf9WU&google_hm=NDAyMTE5OTEyMTgxMDI0MjE4Mg%3D%3D

Request Chain 345

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_cver=1&google_push=AehlK4C8SQNUDL7OnXCt-iCnGKC-1BOP6wmlnA-JdveGPTJ-HFDK_DhrenE6Ij3fScZPwiGkM5UG6Kh1xpRqOXdqTTgdzN6HwMD4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_hm=YtIg5zvPCuDTTcfGEKs4PAAAEbgAAAAB&google_nid=index&google_push=AehlK4C8SQNUDL7OnXCt-iCnGKC-1BOP6wmlnA-JdveGPTJ-HFDK_DhrenE6Ij3fScZPwiGkM5UG6Kh1xpRqOXdqTTgdzN6HwMD4

Request Chain 385

https://s.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audience_id=30320343&action=play&version_id=216&session_id=39dd10605c4df903984ff064336baf733cf2d4c4&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17275924504%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw%26iv_f%3Dp%26audience_id%3D30320343%26version_id%3D216%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3DManchester%26iv_geo_state%3DMAN%26iv_geo_zip%3DM32%26iv_geo_lat%3D53.4507%26iv_geo_lon%3D-2.3186 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audience_id=30320343&action=play&version_id=216&session_id=39dd10605c4df903984ff064336baf733cf2d4c4&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17275924504%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw%26iv_f%3Dp%26audience_id%3D30320343%26version_id%3D216%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3DManchester%26iv_geo_state%3DMAN%26iv_geo_zip%3DM32%26iv_geo_lat%3D53.4507%26iv_geo_lon%3D-2.3186

Request Chain 388

https://s.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audience_id=30320343&action=init&version_id=216&session_id=39dd10605c4df903984ff064336baf733cf2d4c4&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17275924504%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw%26iv_f%3Dp%26audience_id%3D30320343%26version_id%3D216%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3DManchester%26iv_geo_state%3DMAN%26iv_geo_zip%3DM32%26iv_geo_lat%3D53.4507%26iv_geo_lon%3D-2.3186 HTTP 302
https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audience_id=30320343&action=init&version_id=216&session_id=39dd10605c4df903984ff064336baf733cf2d4c4&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17275924504%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw%26iv_f%3Dp%26audience_id%3D30320343%26version_id%3D216%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3DManchester%26iv_geo_state%3DMAN%26iv_geo_zip%3DM32%26iv_geo_lat%3D53.4507%26iv_geo_lon%3D-2.3186

Request Chain 399

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=XpEnlHxpTHlpNDkyTFZwUzJIOTJCTFhhdHYrQjVRZDFCZUpXSzFDK1BieGZaTkNUVS9yakVkTys0SmI2YzgvZlQzY0xGbmdZR1FhNnIyZnJWWmR5L1FZVThLbENOeGpPbWlGR2FlZUN1NE13b2hNcmNqR1ZkMS8zcVVnR0Z3bS9tZ2tRaHBIdGlJaDhuUktYSmFsaEEzcXd1c2hhcXpLZUs3U1E4UUJ5R0k1c3M2YktudmVjczR5L201Z3IvdWVzeEl4a0pXVUJwcFUvMXFualV5VHl1QnZmbmNjTm1zOGE5OFE2cVV6TitReVdvbzZXMXBKeGhLZVlqZzRHNnJPbnpKVm51YXdnSlMrZkIzSkU4L1VGdlh5S1krdz09fA&cppv=2

397 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
1plus1.ua/
Redirect Chain

http://1plus1.ua/
https://1plus1.ua/

269 KB
68 KB

415ms
162ms

Document
text/html

195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 689b332aedec7ced489f493af8655ec9a122b75d0d48d9581637f019a55d6649

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 16 Jul 2022 02:22:26 GMT
Keep-Alive: timeout=15
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sat, 16 Jul 2022 02:22:26 GMT
Keep-Alive: timeout=15
Location: https://1plus1.ua/
Server: nginx

GET
H/1.1 200
OK desktop.css
1plus1.ua/build/css/ 136 KB
33 KB 158ms
84ms Stylesheet
text/css 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jun 2022 13:34:00 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK api.0.3.0.js Show response
1plus1.video/static/player/js/ 7 KB
3 KB 325ms
71ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/api.0.3.0.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 14:17:47 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:18:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 161ms
63ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53af3da5173c66ad4df6e6fcec17453161af02ec5012ee34863b759abda694c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56582
x-xss-protection: 0
server: cafe
etag: 17462841426255515265
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 16 Jul 2022 02:22:27 GMT

GET
H2 200 aa679cf8beef220ad36f11f06fe42684_1050x960.jpg
images.1plus1.ua/uploads/articles/000/993/862/ 107 KB
107 KB 414ms
140ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/993/862/aa679cf8beef220ad36f11f06fe42684_1050x960.jpg?v=1654167995
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d2d5b38dab063f33a17e743518b185ec00efbb4494c46f3b58571dfdc56958fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 03 Jun 2022 04:56:25 GMT
server: nginx
etag: "ecfb58188da8d4616230a318734e218d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 109280
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 de0be7096f5741091a41b3e2b2edbd35_1050x960.jpg
images.1plus1.ua/uploads/articles/001/035/364/ 97 KB
98 KB 559ms
285ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/035/364/de0be7096f5741091a41b3e2b2edbd35_1050x960.jpg?v=1657626246
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: c3a2c09d4b3a501673a796b19cc25755533ba4c54aaadedc8b8fa4ac41d8f93f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 12 Jul 2022 11:44:08 GMT
server: nginx
etag: "87915e095661658dfa8aa525ffd0f91c"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 99760
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b978057f1f38a2b0fea71b7e1ddc4906_1050x960.jpg
images.1plus1.ua/uploads/articles/001/005/298/ 157 KB
157 KB 714ms
440ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/005/298/b978057f1f38a2b0fea71b7e1ddc4906_1050x960.jpg?v=1655136044
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 6927c24b0af36e882d5042b98d4a3565048a436e64c3ddcd5baf4e072a542f68

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 13 Jun 2022 16:00:45 GMT
server: nginx
etag: "babbe1c50689fdeb29c1736e3964276c"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 160366
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4bbe43fc5a78123a7fa500168e4e84e7_1050x960.jpg
images.1plus1.ua/uploads/articles/001/003/828/ 132 KB
132 KB 734ms
460ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/003/828/4bbe43fc5a78123a7fa500168e4e84e7_1050x960.jpg?v=1655108219
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b0bcbd12aa7ab180b87cf82f1e93cd257f500f417fc5f8a1f06ad96c8df354e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 13 Jun 2022 08:16:59 GMT
server: nginx
etag: "9f3383bcbf0ec9184dca7ec23453ecbd"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 135038
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 41979cddf901da9b48ad44f6de35e60c_210x150.jpg
images.1plus1.ua/uploads/articles/001/012/888/ 9 KB
9 KB 557ms
284ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/012/888/41979cddf901da9b48ad44f6de35e60c_210x150.jpg?v=1655722873
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: fe0abf3c4bd85393310780feb423d41c8886c3a9f5f36de8fb9153eacc572d33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 20 Jun 2022 11:01:13 GMT
server: nginx
etag: "5c26e14261f6693a16c63a631f1b095f"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8883
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 da7e64c151521aef8f35692ffd0c5a29_210x150.jpg
images.1plus1.ua/uploads/articles/001/034/065/ 9 KB
10 KB 556ms
282ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/034/065/da7e64c151521aef8f35692ffd0c5a29_210x150.jpg?v=1657542388
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 46cd96d21285100a19a2758aa24249788de9eb7fcabda220aea863c03cbfa792

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 11 Jul 2022 12:26:28 GMT
server: nginx
etag: "6d56f372bbe166e36f4d6dc918078359"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 9589
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 980c2b2c2f21dead4135ec9ee9253a93_210x150.jpg
images.1plus1.ua/uploads/articles/001/033/672/ 9 KB
9 KB 365ms
137ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/033/672/980c2b2c2f21dead4135ec9ee9253a93_210x150.jpg?v=1657534570
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 72a734555c9c733033852c05263879fa2d9fab4adbc63df71a4acad880b9fa59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 11 Jul 2022 10:16:10 GMT
server: nginx
etag: "264b54dcfd3b0fe6fc9b290d31681a61"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 9226
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4dd17db3800d0e207381da7ef15281e5_210x150.png
images.1plus1.ua/uploads/articles/001/033/288/ 43 KB
43 KB 580ms
354ms Image
image/png 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/033/288/4dd17db3800d0e207381da7ef15281e5_210x150.png?v=1657527027
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1cdfcce6b6f3ae6c87c8a77ca49086cf6cfa8f325851cb0ce08ecf647368d390

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 11 Jul 2022 08:10:27 GMT
server: nginx
etag: "d99e12a00706207dbccca35fe8f39883"
content-type: image/png
cache-control: max-age=315360000
content-length: 43769
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 13aa649cd553b58c2c2448de1c2abdda_210x150.jpg
images.1plus1.ua/uploads/articles/001/026/244/ 10 KB
11 KB 586ms
359ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/026/244/13aa649cd553b58c2c2448de1c2abdda_210x150.jpg?v=1656936368
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 257a1ff5096a40aae5ad9be238eaf0e7218dc7a0c274bf0e5962a9c4117d31b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 04 Jul 2022 12:06:08 GMT
server: nginx
etag: "22e65071fff4b11325d8e78616f5e3f2"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 10705
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 71ff90e362988937479c468f11555f13_210x150.jpg
images.1plus1.ua/uploads/articles/001/038/187/ 8 KB
8 KB 586ms
360ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/187/71ff90e362988937479c468f11555f13_210x150.jpg?v=1657872658
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3a8c4a370d100b654183a9d9139a74ddc57e4f8ab79eac4a68808df1411d5671

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 08:10:58 GMT
server: nginx
etag: "679bb5fa9587d34e9f274c31c23ca160"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8156
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 821bf382cfa209eb7889f95eea66ced3_210x150.jpg
images.1plus1.ua/uploads/articles/001/038/658/ 6 KB
7 KB 365ms
138ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/658/821bf382cfa209eb7889f95eea66ced3_210x150.jpg?v=1657879193
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: df9c17e851d12c6d0ac0f10c305ebc16f258623f9ebd3dbe1517dab85c2aa515

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 09:59:56 GMT
server: nginx
etag: "e4c6ee9da42daf36d0ca674f7b7a1307"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 6494
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 14b68d9353d56f96efc1d8cdccbb844e_210x150.png
images.1plus1.ua/uploads/articles/001/037/551/ 74 KB
74 KB 590ms
363ms Image
image/png 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/037/551/14b68d9353d56f96efc1d8cdccbb844e_210x150.png?v=1657800369
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3d12474efe350378c34e9b349972f824af7ef2d49335b174638d6e104880a35d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Thu, 14 Jul 2022 12:06:10 GMT
server: nginx
etag: "d30d4d3d4a5e65bd6b2798144ef14ba5"
content-type: image/png
cache-control: max-age=315360000
content-length: 75415
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7faac3b2d96863e13c44cdcc7198b43f_210x150.jpg
images.1plus1.ua/uploads/articles/001/038/469/ 8 KB
9 KB 584ms
357ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/469/7faac3b2d96863e13c44cdcc7198b43f_210x150.jpg?v=1657876028
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 4a1ad78b6964024fc4acd3091a5aeea0c137020c0f054868abb060db0c3847f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 09:07:08 GMT
server: nginx
etag: "af23076fa1d156c2501d72df111f5154"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8590
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3d6ef7f633be9365db0621888cd731a7_210x150.jpg
images.1plus1.ua/uploads/articles/001/038/733/ 5 KB
5 KB 584ms
358ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/733/3d6ef7f633be9365db0621888cd731a7_210x150.jpg?v=1657879247
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 20d2d99d78d7e35b98435a64ae5a754217afbc9745bfea2e877911c18a6b7cd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 10:00:47 GMT
server: nginx
etag: "950ddcb5355a7f32e2deef852fd5fffe"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4735
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c08e0a48ed3ce1d1fda86c724d5d0ec3_210x150.jpg
images.1plus1.ua/uploads/articles/001/039/033/ 5 KB
5 KB 585ms
359ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/039/033/c08e0a48ed3ce1d1fda86c724d5d0ec3_210x150.jpg?v=1657886700
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: b7f22c16e15e0cd19fdb0c110b67fff7af4a79bd7d58889490b630ef4a3fc58b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 12:05:02 GMT
server: nginx
etag: "6dfa910d32010f3420e9a26823cf3476"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 5263
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4c3fd8d2b7270407a990ed4450e4198b_210x150.jpg
images.1plus1.ua/uploads/articles/001/038/943/ 10 KB
11 KB 588ms
361ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/943/4c3fd8d2b7270407a990ed4450e4198b_210x150.jpg?v=1657882829
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: dfa114ccc40c04812c245ee2bcd1f30a9fa4ec5411cac11a22a4f3163ac9c79a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 11:00:32 GMT
server: nginx
etag: "fb3951c2686216752faf2c0366e2bb3b"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 10613
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 da485b79f915781ffa74018ab9075852_210x150.jpg
images.1plus1.ua/uploads/articles/001/038/853/ 9 KB
9 KB 588ms
362ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/853/da485b79f915781ffa74018ab9075852_210x150.jpg?v=1657881052
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: a8c5824bb2413000ac2a6cdb2521f48424469172d3ec0ea1eed7f71c0f11ead7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 10:30:52 GMT
server: nginx
etag: "57a66cd50b831c6367fad2b27fdcd8c1"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 8723
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
49 KB 150ms
57ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8794fbe947f4fea8408fadf27d5b9701c18c3b9f573d8ec7a712fe36c28ca8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49186
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK app.js Show response
1plus1.ua/build/js/ 315 KB
112 KB 86ms
86ms Script
application/javascript 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Jan 2022 11:37:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ 895 B
2 KB 350ms
96ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 27ab148b12f4e75ed2c3e8a4da9883cd1e9366ad862b8623b06931e9a6f48c50

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 wrapper_hb_298309_4139.js Show response
player.adtelligent.com/prebid/ 786 B
747 B 105ms
28ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19189
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6030223b5a0f8cb565b817fed301a66ff90780dd7c180bc73cb1ae921d871a9b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 10:58:10 GMT
server: nginx
etag: W/"62cea542-312"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 18 Jul 2022 02:22:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 piwik.js Show response
assay.1plus1.ua/ 57 KB
23 KB 260ms
76ms Script
application/javascript 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL

https://assay.1plus1.ua/piwik.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 08 Jan 2019 00:15:41 GMT
server: nginx
etag: W/"5c33ebad-e3b1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 164ms
52ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:23:59 GMT
server: nginx
etag: W/"6282425f-2c101"
x-cached-since: 2022-07-16T02:21:11+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Mon, 16 May 2022 12:35:26 GMT

GET
H2 200 hotjar-1437498.js Show response
static.hotjar.com/c/ 5 KB
3 KB 144ms
41ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

6fedefcd6ee8f007e59f1845351b3031d6366a6d6600896decd20b7762bb0e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/7d7a877e36952e346b3c55ae8d9ebe6e
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: dVv7eNZqyEfow1_dfr63ON1OCZJwlCncogH-gI6ZPoqDM6irEzQiQg==

GET
H/1.1 200
OK 1plus1_2020-Bold.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 84ms
83ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Bold.woff2?162ea61293c1251c9d38ebfbb41955e8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40500
Expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK 1plus1_2020-Regular.woff2
1plus1.ua/build/fonts/ 38 KB
39 KB 147ms
147ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Regular.woff2?90bfe5ae3558a09fc8e59e35be273ed8
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 39364
Expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK 1plus1_2020-Light.woff2
1plus1.ua/build/fonts/ 40 KB
40 KB 156ms
82ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Light.woff2?cfb0332de68c76eefb11f8e7b649bf5b
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 40576
Expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK 1plus1_2020-Black.woff2
1plus1.ua/build/fonts/ 38 KB
38 KB 294ms
154ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-Black.woff2?7d9bb787c86f7fe8b7258cdeee70c3bd
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 38848
Expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK 1plus1_2020-RegularOblique.woff2
1plus1.ua/build/fonts/ 43 KB
43 KB 225ms
82ms Font
font/woff2 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.ua/build/fonts/1plus1_2020-RegularOblique.woff2?c64da9994c0baf83a13910fe8cea8652
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671

Request headers

Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Last-Modified: Tue, 12 Oct 2021 22:31:59 GMT
Server: nginx
Content-Type: font/woff2
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 43528
Expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 821bf382cfa209eb7889f95eea66ced3_770x420.jpg
images.1plus1.ua/uploads/articles/001/038/658/ 39 KB
40 KB 637ms
433ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/658/821bf382cfa209eb7889f95eea66ced3_770x420.jpg?v=1657879199
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 4838f1e1e47c4f4d278446b6f8cc63bef633e46d32a20d7d1489fc81788b2035

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 10:00:02 GMT
server: nginx
etag: "a51a1bee7be6cfad72e95ad7d6a54d72"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 40428
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c08e0a48ed3ce1d1fda86c724d5d0ec3_490x1050.jpg
images.1plus1.ua/uploads/articles/001/039/033/ 28 KB
28 KB 624ms
420ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/039/033/c08e0a48ed3ce1d1fda86c724d5d0ec3_490x1050.jpg?v=1657886702
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d53983b8a7a627c27b27f485bd6758c1168243d7e30c94d30d86d34f6ac89529

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 12:05:04 GMT
server: nginx
etag: "84aacc2a14d1acecf8f7d04b62826121"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 28315
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3d6ef7f633be9365db0621888cd731a7_770x420.jpg
images.1plus1.ua/uploads/articles/001/038/733/ 24 KB
24 KB 641ms
437ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/733/3d6ef7f633be9365db0621888cd731a7_770x420.jpg?v=1657879247
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 23845140980bbddcdaf3e0af4346535e9111acc4ee4381e21ad1e4b3398e6c49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 10:00:48 GMT
server: nginx
etag: "5beac59eeda80a7a8ef23be3f2b09c46"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 24571
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4c3fd8d2b7270407a990ed4450e4198b_770x420.jpg
images.1plus1.ua/uploads/articles/001/038/943/ 93 KB
94 KB 628ms
424ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/038/943/4c3fd8d2b7270407a990ed4450e4198b_770x420.jpg?v=1657882836
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f6b0a6c42f28bad7c4e3c0f8bc589f91b4e13c96220bb091e088294becf603ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 15 Jul 2022 11:00:40 GMT
server: nginx
etag: "fab59eb3ecdffd2476d84d31103e2fbc"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 95446
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dancingStars__slide.jpg
1plus1.ua/build/images/ 33 KB
34 KB 294ms
160ms Image
image/jpeg 195.137.240.100
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1plus1.ua/build/images/dancingStars__slide.jpg?c8c69a3b3ba47ad12f574e642cd8ff97
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.100 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/build/css/desktop.css?id=c39a6fec71f6f36b6aef
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Last-Modified: Tue, 09 Nov 2021 09:53:25 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 34003
Expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 0724 11 KB
6 KB 101ms
99ms Document
text/html 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 51a08135537c93d4958a2101bb558ac7110f108e420fbec93f77623ddcd606e2

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Jul 2022 02:22:27 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg
images.1plus1.ua/uploads/articles/000/963/235/ 66 KB
67 KB 461ms
459ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/963/235/2a9b9ae8c1874a906d0bcb255fa74b7b_490x1050.jpg?v=1652181813
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 10 May 2022 11:23:34 GMT
server: nginx
etag: "fc7e2658bd1f9868a872f0295e5ecce9"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 67985
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b634e95cb4e072767b2c9faaa2728477_350x350.jpg
images.1plus1.ua/uploads/articles/000/859/720/ 13 KB
14 KB 468ms
466ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/859/720/b634e95cb4e072767b2c9faaa2728477_350x350.jpg?v=1645456207
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 21 Feb 2022 15:10:07 GMT
server: nginx
etag: "b9d33f76e570821d980e3a7595b7f15a"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 13745
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/054/ 13 KB
13 KB 470ms
468ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/054/3ef0edcf9a05d7422edf32bfc5510bc4_350x350.jpg?v=1644229512
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 07 Feb 2022 10:25:12 GMT
server: nginx
etag: "1e490b3e02de4533a0e0d3577347d4e7"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 13088
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg
images.1plus1.ua/uploads/articles/000/841/327/ 24 KB
25 KB 471ms
469ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/841/327/96fb4455b12c0e0bfb8c5cee42aea643_350x350.jpg?v=1644239449
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 07 Feb 2022 13:10:49 GMT
server: nginx
etag: "3b63edeebc085c7329eb132a56399239"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 25029
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 02:07:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg
images.1plus1.ua/uploads/articles/000/840/793/ 29 KB
29 KB 473ms
471ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/840/793/d1734693cb79dbe3fefcf84fba0c63f0_350x350.jpg?v=1644225067
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 07 Feb 2022 09:11:08 GMT
server: nginx
etag: "a679dc9f06348d06073cc07e617ecdc8"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 29355
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 02:07:29 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f8e670099b35be64983f9897f4e6bdb6_140x140.jpg
images.1plus1.ua/uploads/articles/001/037/671/ 5 KB
5 KB 474ms
473ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/037/671/f8e670099b35be64983f9897f4e6bdb6_140x140.jpg?v=1657801679
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Thu, 14 Jul 2022 12:27:59 GMT
server: nginx
etag: "fa8d98c12377f81bc679bc80f4f69816"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4707
accept-ranges: bytes
x-1p1-cdn: HIT; Fri, 15 Jul 2022 03:14:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e0986beb47e21ded981cc0f92685e782_140x140.jpg
images.1plus1.ua/uploads/articles/001/029/724/ 5 KB
5 KB 475ms
473ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/029/724/e0986beb47e21ded981cc0f92685e782_140x140.jpg?v=1657181867
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Thu, 07 Jul 2022 08:17:48 GMT
server: nginx
etag: "97395a5ea5b286a352afe6c2cef41eef"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 5025
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:06:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 10c087244f4c6e30bfb2f60aff192542_140x140.jpg
images.1plus1.ua/uploads/articles/000/861/010/ 4 KB
4 KB 476ms
474ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/861/010/10c087244f4c6e30bfb2f60aff192542_140x140.jpg?v=1645539114
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 22 Feb 2022 14:11:56 GMT
server: nginx
etag: "f4a4cdc50a9738d9bf7bef45569acf60"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 3652
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 00:49:11 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 a71c7d36326abb6a722d3d45bb2520b3_140x140.jpg
images.1plus1.ua/uploads/articles/001/002/739/ 4 KB
4 KB 476ms
474ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/001/002/739/a71c7d36326abb6a722d3d45bb2520b3_140x140.jpg?v=1654869933
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ac7d2fe900025cf93204a654c7e4e5d48d595c99f63f3e937a52c37458b738ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Fri, 10 Jun 2022 14:05:35 GMT
server: nginx
etag: "e3a43907dfc1cb6010ff91134ac2525e"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 4211
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 02:16:56 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c1216120fafc39242ef9765cdbaf30bc_140x140.jpg
images.1plus1.ua/uploads/articles/000/980/119/ 3 KB
3 KB 477ms
475ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/articles/000/980/119/c1216120fafc39242ef9765cdbaf30bc_140x140.jpg?v=1653235122
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ee734b7a7a90aca78f134641a456d1887253a2990eba06fd109bea1cb876e0b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Sun, 22 May 2022 15:58:42 GMT
server: nginx
etag: "f2dccb03f9ca5a5fef8478c1e7099653"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 2844
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 02:16:56 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
images.1plus1.video/card-5/E2fzXbha/ 13 KB
13 KB 402ms
152ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 15 Jun 2021 14:24:39 GMT
server: nginx
etag: "a87fa4df91a2dc0e28d9c245f9b31a56"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 13066
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
images.1plus1.video/card-5/IRHSLdka/ 11 KB
12 KB 442ms
222ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/IRHSLdka/9fef5ac5c02b786d294d1ec518d81257.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 15 Jun 2021 14:24:45 GMT
server: nginx
etag: "2e74435d3edf5310a445de62177853fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11649
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 9a92952634e23723a23e420e15b6f09d.190x105.jpg
images.1plus1.video/card-5/NCkBenm2/ 9 KB
9 KB 358ms
223ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/NCkBenm2/9a92952634e23723a23e420e15b6f09d.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 01 Jun 2021 10:56:33 GMT
server: nginx
etag: "5df517d83b1757de3cf407fdcd55b5a0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9392
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 9556af606060a6b58f92630ea068995e.190x105.jpg
images.1plus1.video/card-5/hu7lAxSR/ 8 KB
8 KB 327ms
212ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/hu7lAxSR/9556af606060a6b58f92630ea068995e.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 01 Jun 2021 10:56:41 GMT
server: nginx
etag: "7ea4a7d31c835975e1e8be8db6f4f88c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 8104
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
images.1plus1.video/card-5/lCJAkGEa/ 10 KB
10 KB 327ms
223ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/lCJAkGEa/1eda3950d64f35c64203c53fd9a9a786.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 01 Jun 2021 10:56:28 GMT
server: nginx
etag: "c134988e94035ff0ee6cd435dde2c1e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10297
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 fc4b2fd9690e913cf3f3b3e197f56eca.190x105.jpg
images.1plus1.video/card-5/muW5KxO2/ 10 KB
11 KB 215ms
139ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/muW5KxO2/fc4b2fd9690e913cf3f3b3e197f56eca.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: f37d4d26f9adb40c5edb56ade0aa60b59d5f5f7bdacab6d34a13b2a3f8e120fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Sun, 20 Feb 2022 21:21:45 GMT
server: nginx
etag: "a6b9b0f86e53737e95a49a0121b47c63"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10570
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 c1cb9441b388591d2ecc2fa83bf8d466.190x105.jpg
images.1plus1.video/card-5/HaqwM4Sa/ 10 KB
11 KB 193ms
192ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/HaqwM4Sa/c1cb9441b388591d2ecc2fa83bf8d466.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f9a44771c2088ce273d74602d782522125915870f00d6adee316c0504c80de5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Sun, 13 Feb 2022 21:19:04 GMT
server: nginx
etag: "c7529270a49fbff3fad42166d1225751"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10565
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 74cbea2cb555f441c35f7427ec961dc5.190x105.jpg
images.1plus1.video/card-5/M2VnPLy2/ 10 KB
11 KB 277ms
276ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/M2VnPLy2/74cbea2cb555f441c35f7427ec961dc5.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 727d017565f60a77f88f8753c1b297bb752bd86fae73e89ae9cff404d5de1902

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Sun, 06 Feb 2022 20:05:15 GMT
server: nginx
etag: "8f78ca40cd331ce47a33c3003c4c6d7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10557
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 6a4fde5b971645afc15d66c54d158c70.190x105.jpg
images.1plus1.video/card-5/ka5ZKpIR/ 10 KB
11 KB 282ms
281ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/ka5ZKpIR/6a4fde5b971645afc15d66c54d158c70.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ddcede6dc423a82c6a23bcd3624f799da8710d00831dc72a7e8eda1b4aa08f6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Sun, 30 Jan 2022 21:38:38 GMT
server: nginx
etag: "818106c2fe1e7dded51af88d14bf7db7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10556
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 d4c17987516ae4f0155d208d421bc5e7.190x105.jpg
images.1plus1.video/card-5/H24ZKETa/ 10 KB
11 KB 281ms
280ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/H24ZKETa/d4c17987516ae4f0155d208d421bc5e7.190x105.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ba742f176681a3603b31f011390722e48d49719c69a4d60584fe60bbaf29fb57

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Sun, 23 Jan 2022 21:02:16 GMT
server: nginx
etag: "6711292593b1059d64720be2dff63419"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 10538
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:27 GMT
expires: Sat, 23 Jul 2022 02:22:27 GMT

GET
H2 200 337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 30 KB
30 KB 459ms
458ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 22 Feb 2022 11:40:02 GMT
server: nginx
etag: "cde866112b4b81b54aa1bd45cc67011d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 30780
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 00:50:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f151616dfa4225a5765c58f2fe77ae18_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/650/ 42 KB
42 KB 464ms
463ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/650/f151616dfa4225a5765c58f2fe77ae18_755x500.jpg?v=1645530034
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 48c780f7e651b6071883d1dbf7a21e38f4b9e9250335487cc846abc0b4cff053

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 22 Feb 2022 11:40:34 GMT
server: nginx
etag: "09e423317519e26fcd0c5fc1a026561b"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 42603
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 00:50:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b179b1a345011da2f620df40a3fba89a_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/659/ 25 KB
25 KB 469ms
468ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/659/b179b1a345011da2f620df40a3fba89a_755x500.jpg?v=1645530063
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7e6edea54ce8e20a389520d8987ce05d3b0ad269008dd07de7600ed4b8e8d2ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 22 Feb 2022 11:41:03 GMT
server: nginx
etag: "aa2b1236fb5ac10089d752b01f89bdfb"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 25695
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6476cab202c46a67552db7f8e6293399_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/668/ 26 KB
26 KB 472ms
471ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/668/6476cab202c46a67552db7f8e6293399_755x500.jpg?v=1645530093
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 22 Feb 2022 11:41:33 GMT
server: nginx
etag: "1aa71e70bddf3967c0297a3b71f6dbc7"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 26725
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg
images.1plus1.ua/uploads/gallery/000/861/427/ 34 KB
34 KB 474ms
473ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/861/427/52e43f15d2888e2bea1a412d1f3df3f4_755x500.jpg?v=1645557790
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Tue, 22 Feb 2022 19:23:10 GMT
server: nginx
etag: "83a5e65aa6e0b9abe0e1d35df7ad25b8"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 35041
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 83ff7b55149114842e5483a7bee20364_755x500.jpg
images.1plus1.ua/uploads/gallery/000/862/984/ 42 KB
43 KB 477ms
476ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/862/984/83ff7b55149114842e5483a7bee20364_755x500.jpg?v=1645633339
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 2314da4607398a6481be7b838cabed671605b3706f882c5435b677adfe8734b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Wed, 23 Feb 2022 16:22:20 GMT
server: nginx
etag: "dabe971598e8a3e3683c6a552a2974ba"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 43269
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 01:53:42 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 52 KB
14 KB 195ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 14031
expires: Sat, 16 Jul 2022 14:22:27 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 343ms
153ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:53:34 GMT
server: nginx/1.13.0
etag: W/"5dc27bfe-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:53:34 GMT

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
139 B 272ms
74ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?siteid=1plus1.ua&j=1&nocache=0.43719620585649976
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
cache-control: no-cache
server: nginx/1.18.0
expires: -1

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 137ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3439c344f5171b95ef402e9a2188fad228146a9d99cd9b129180904268faf1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RnGd/PKlHplhn63vZp4GLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: z84BVVOyk357icnyM5FVomJbUoDW4e/Ad7dn94Fbw4mAB4GCtD+gmfZdQ9l63bXzDbA+bwa5lxdk3+eClj53Xg==
x-fb-trip-id: 2050670934
x-fb-content-md5: 87c3b6f665e36385337790d99da14f89
x-frame-options: DENY
date: Sat, 16 Jul 2022 02:22:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0d16b6e826f3fa6acb28a407bd59f04a"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Jul 2022 02:33:40 GMT

GET
H2 200 hbw_master_298309_4139.js Show response
player.adtelligent.com/prebidlink/460538/ 121 KB
30 KB 40ms
40ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/460538/hbw_master_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebid/wrapper_hb_298309_4139.js?cb=19189
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 04027cdf264306048b3a831567cfdc1767f5b4aac179a2cc302971819bb6fccc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
last-modified: Fri, 15 Jul 2022 13:58:53 GMT
server: nginx
etag: W/"62d1729d-1e321"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 18 Jul 2022 02:22:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 143ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be507956ae129681d402d7dbf759ea08548a190301fa54fa2a6286347e64a3b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28355
x-xss-protection: 0
server: sffe
etag: "1274 / 920 of 1000 / last-modified: 1657922915"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 0724 171 KB
26 KB 145ms
144ms Stylesheet
text/css 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=73d76d92db9c75a6b613bd1133c735f981a00607
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:19:37 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 0724 198 KB
69 KB 217ms
72ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:03:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:19:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0724 103 KB
39 KB 129ms
49ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4278c7c1497524cc5ed603a391f335486caca0a63e8b097f1dc8f6e3e87a76ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40269
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Jul 2022 02:22:27 GMT

GET
H2 200 modules.575e0da598e3619bac00.js Show response
script.hotjar.com/ 245 KB
63 KB 153ms
57ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.575e0da598e3619bac00.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

d5f78d77eeffb449e68105d7f5ce8209e7e1e079a50aba03bd9bdd72b6d2b4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43821
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64440
access-control-allow-origin: *
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
etag: "f254f3c0a1156c8c956c20699886d859"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: C3K_-7dD7FQ0FfN6Js3am4G2Jd9ZX58EXlzF0DDoNDmsc4hWaQsRYA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 106ms
38ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWKM5Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1010
date: Sat, 16 Jul 2022 02:05:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 16 Jul 2022 04:05:38 GMT

GET
H2 200 hb_298309_4139.js Show response
player.adtelligent.com/prebidlink/ex19189/ 360 KB
112 KB 33ms
33ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460538/hbw_master_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ebfd5cc8290373a6b594e340a5c524cc3aace79843dc06232db0d7c05004f408

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
last-modified: Tue, 12 Jul 2022 20:49:01 GMT
server: nginx
etag: W/"62cdde3d-5a0ba"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 18 Jul 2022 02:22:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 340 KB
120 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9111367348737651&plah=1plus1.ua&bust=31068418

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958ea524788a7b3edbea2733e90ab10e62161108dd25ea0b6758e6ec81cba4cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122501
x-xss-protection: 0
server: cafe
etag: 4901003529093399309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 16 Jul 2022 02:22:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame 930C 10 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 73835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 05:51:52 GMT
etag: 10429905676100781186
expires: Fri, 29 Jul 2022 05:51:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 152 B
417 B 222ms
29ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460538/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 78f41a9fa63f80a45ca282d8a5d85cbe5feaaaa73260e59f7f76093aa7f207d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 152

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
426 B 221ms
28ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=298309&site_id=4139&full_page_url=https%3A%2F%2F1plus1.ua%2F&adid=n9ke2f.nl&features=16416&vpbv=N067&lifecycle_tte=1249
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460538/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/46506/ Frame D5AA 738 B
510 B 46ms
46ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sat, 16 Jul 2022 02:22:27 GMT
etag: W/"62824272-2e2"
expires: Fri, 07 Jul 2023 08:26:19 GMT
last-modified: Mon, 16 May 2022 12:24:18 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-07-06T08:26:19+00:00
x-id: fr5-up-gc29

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/46506/ 23 KB
8 KB 48ms
48ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:15 GMT
server: nginx
etag: W/"6282426f-5d41"
vary: Accept-Encoding
x-cached-since: 2022-07-04T08:28:32+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 05 Jul 2023 08:28:32 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/46506/ 75 KB
20 KB 52ms
52ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 12:24:04 GMT
server: nginx
etag: W/"62824264-12c39"
vary: Accept-Encoding
x-cached-since: 2022-07-06T08:26:24+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Fri, 07 Jul 2023 08:26:24 GMT

GET
H3 200 pubads_impl_2022071101.js Show response
securepubads.g.doubleclick.net/gpt/ 375 KB
128 KB 126ms
40ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

31031d8e89cb1b7397456fc89cd2b0e0890205aa3adb579aa6eb9102de92de91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131021
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 08:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Jul 2023 22:10:18 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 157 B
742 B 149ms
50ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=1plus1.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Sat, 16 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ 108 KB
33 KB 215ms
160ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=&l=ua&f=0&auth=1&login_profile=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:19:35 GMT

GET
H2 200 piwik.php
assay.1plus1.ua/ 43 B
145 B 82ms
81ms Image
image/gif 195.137.240.12
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assay.1plus1.ua/piwik.php?action_name=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&idsite=2&rec=1&r=037396&h=2&m=22&s=27&url=https%3A%2F%2F1plus1.ua%2F&_id=76671aaf7d51d7a7&_idts=1657938148&_idvc=1&_idn=0&_refts=0&_viewts=1657938148&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=244

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

195.137.240.12 , Ukraine, ASN29389 (ASN-UNIAN, UA),

Reverse DNS

assay.1plus1.ua

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: none
server: nginx
content-length: 43
x-frame-options: SAMEORIGIN
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
643 B 151ms
55ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1plus1.ua&callback=_gfp_s_&client=ca-pub-9111367348737651

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9111367348737651&plah=1plus1.ua&bust=31068418

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

0f928b2d352c19a2ee92bef4966d9bbcbd73894d3fea60f128579c1790f94950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 201ms
49ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1plus1.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 151ms
47ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=DIV&cls=cookies%20open&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1plus1.ua%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8540 603 B
68 B 147ms
58ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9111367348737651&output=html&adk=1812271804&adf=3025194257&lmt=1657938147&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1plus1.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657938147675&bpp=3&bdt=599&idt=143&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3571859317606&frm=20&pv=2&ga_vid=836394917.1657938148&ga_sid=1657938148&ga_hid=1065207403&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067528%2C31067983%2C31068196%2C31068418%2C42531606&oid=2&pvsid=2832515476977366&tmod=507792962&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=166

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:28 GMT
expires: Sat, 16 Jul 2022 02:22:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame C266 2 KB
1 KB 140ms
40ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1437498.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-84.fra60.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 43821
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-cf-id: -nE7HEs4uaV-juGR7D4racQVP4kEO84N88FW2yOgFh4PXtqcjU79GA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 0724 898 B
2 KB 95ms
95ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1657938147911
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 79fedb60d990f49ddc96ec710f7105bf86ea8e3e8478b307e855e80d7ff85305

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0724 127 KB
47 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d44e385c0fad7008b20e4859ffa28f5bb0290c2870a738f2adcb3b3a1d6880cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Jul 2022 02:22:27 GMT

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 285 B
552 B 33ms
32ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=437381
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460538/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7bb41cb01e8d4beee575e8407d30ea36e35b372e463778e8ad16813236423d53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 248

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0724 49 KB
20 KB 102ms
33ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1010
date: Sat, 16 Jul 2022 02:05:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 16 Jul 2022 04:05:38 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 278 B
392 B 56ms
56ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: cb0e7e3763aba8d4bab6f43dbe3bdd63c814fec07ed53c0443643871a41ef302

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 278
expires: Mon, 15 Aug 2022 02:22:27 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 0F29 5 KB
3 KB 182ms
58ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: 5c037e3edf7471e0100f03c97f08d353cdc548781316c267214452824e4b9ac4

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2722
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:28 GMT
etag: PRIVATE7520710249
expires: Mon, 15 Aug 2022 02:22:28 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ad8d0522-0429-4bb8-a21a-84de21f29652

0
407 B

704ms
295ms

Image
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ad8d0522-0429-4bb8-a21a-84de21f29652
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: HTTP/1.1
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: VertaMedia 1.0
Etag: 05d216d9260e7e87
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=ad8d0522-0429-4bb8-a21a-84de21f29652
date: Sat, 16 Jul 2022 02:22:28 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H2

200

%7Buid%7D
sync.pubwise.io/usersync/adtellsspban/
Redirect Chain

https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D
https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1

43 B
92 B

102ms
102ms

Image
image/gif

147.75.198.217
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 147.75.198.217 Tokyo, Japan, ASN54825 (PACKET, US),
Reverse DNS: sync-1
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
server: nginx

Redirect headers

location: https://sync.pubwise.io/usersync/adtellsspban/%7Buid%7D?zcc=1
date: Sat, 16 Jul 2022 02:22:28 GMT
server: nginx
content-type: text/html

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 0724 108 KB
33 KB 234ms
145ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1657938147911
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:19:35 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 300 KB
86 KB 88ms
45ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=9d3fc4b3efb1146c2ed2c817da65b1b3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a401c6c6f61a160dcc701972266497637630b0988568f25ca2efcaaa3a432709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fcHz4urGnL2zvStKplejzw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87600
x-fb-rlafr: 0
x-fb-debug: eJiK00Z9cZ2HNmBS1i0dctOmA42n3RKiz42S5NIj9XHT+KDk55GjpbEMz6yI6cN5tkUfFrvOHcSpdAcMO0fJAA==
x-fb-content-md5: 4a15468e190e7c9ffcbbdec04dde4c4a
x-frame-options: DENY
date: Sat, 16 Jul 2022 02:22:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1efaeeeacfaf2fc88cc416ffa38c5c48"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 15 Jul 2023 20:34:30 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 107ms
35ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1065207403&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1140486098&gjid=1238307682&cid=836394917.1657938148&tid=UA-22507043-9&_gid=928627624.1657938148&_r=1&gtm=2wg7d0PWKM5Z&z=942289390

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 104ms
35ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1065207403&t=pageview&_s=1&dl=https%3A%2F%2F1plus1.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%D1%83%201%2B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=162910450&gjid=906194132&cid=836394917.1657938148&tid=UA-113262294-1&_gid=928627624.1657938148&_r=1&gtm=2wg7d0PWKM5Z&z=1285436139

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 78ms
77ms Script
application/javascript 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
last-modified: Mon, 02 Jul 2018 17:27:05 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5b3a6069-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1657938148158/
Redirect Chain

https://gaua.hit.gemius.pl/_1657938148158/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2...
https://gaua.hit.gemius.pl/__/_1657938148158/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.u...

169 B
425 B

87ms
87ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1657938148158/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=bU8bXwPeWe3zttO_y9288eZJ4wbfH49f6HKy9ic4FlD.B7yw_rbbjHB9mt1Z_6oZaFRCovGQ_Gb.3T_HF5MB7dfXwACm/pB6yfcOrVxwHX/&ltime=203&fpdata=g4HFa6qCliwpL45qpra7sFKcS0U2FSlAAKNn8p_M_mP.O7&fpcap=
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 308d1c3bbfac1ba84cd0b5d0aac40cdd95e130bbe817813b796c71afb7e2e6ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:28 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Fri, 15 Jul 2022 02:22:28 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:28 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1657938148158/rexdot.js?l=100&id=AjrqKCOxP8PKBji0fzFPYcU1XmENAbtLwaFZEcN9oWn.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F1plus1.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=bU8bXwPeWe3zttO_y9288eZJ4wbfH49f6HKy9ic4FlD.B7yw_rbbjHB9mt1Z_6oZaFRCovGQ_Gb.3T_HF5MB7dfXwACm/pB6yfcOrVxwHX/&ltime=203&fpdata=g4HFa6qCliwpL45qpra7sFKcS0U2FSlAAKNn8p_M_mP.O7&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Fri, 15 Jul 2022 02:22:28 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ 56 KB
9 KB 81ms
80ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t164373979490
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:22:28 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 925 B
994 B 144ms
50ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=73d76d92db9c75a6b613bd1133c735f981a00607

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1664f45bc92def41dbd3f8d4bd057e6ce4003b168b33cfafcbca2ae19533209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Sat, 16 Jul 2022 02:22:28 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/298308/ 4 KB
2 KB 89ms
31ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/298308/config.json?cb=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3af053c9461cab6ac82ebcf749fd62e62421b330ac4ae4dd12558ca0fe43b0e

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
last-modified: Thu, 14 Jul 2022 00:02:12 GMT
server: nginx
etag: W/"62cf5d04-1176"
content-type: application/json
access-control-allow-origin: https://1plus1.ua
expires: Mon, 18 Jul 2022 02:22:28 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 120ms
40ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22507043-9&cid=836394917.1657938148&jid=1140486098&gjid=1238307682&_gid=928627624.1657938148&_u=YAhAAEAAAAAAAC~&z=624168286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 16 Jul 2022 02:22:28 GMT
content-type: text/plain
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 136ms
50ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 131ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 185 KB
50 KB 350ms
350ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2832515476977366&correlator=836425863542912&eid=31068159%2C31068457%2C31068460%2C44768686%2C31061166%2C42531606&output=ldjh&gdfp_req=1&vrg=2022071101&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2CWeb_Interstitual&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=2910912907&sfv=1-0-38&ecs=20220716&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie=ID%3D743aeeee4a031cbe-2200140bcfcd00a6%3AT%3D1657938148%3ART%3D1657938148%3AS%3DALNI_MbNWEey-R0fZ1yOpGW29KTYb6DSsg&abxe=1&dt=1657938148260&lmt=1657938148&dlt=1657938147076&idt=1124&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=836394917.1657938148&ga_sid=1657938148&ga_hid=1065207403&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

aca88c77db657855a53897ba6fa046fc402c7cb020a751a8ba9c41cecd6ac150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50795
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9D3A 6 KB
4 KB 176ms
51ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:28 GMT
expires: Sun, 16 Jul 2023 02:22:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022071101.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 42ms
42ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022071101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

142df9a221a555d9b282174a8b66fdeeaeb33e23fbe5e8eb4ada06ce25851b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 10:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13568
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 08:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 11 Jul 2023 10:39:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 138ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t164373979490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 02:15:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Jul 2022 02:22:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Jul 2022 02:22:28 GMT

POST
H2 200 i Show response
ads.adnuntius.delivery/ 7 KB
2 KB 448ms
305ms XHR
application/json 2606:4700:3030::6815:5525
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json&consentString=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5525 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc4309a869cde21cc30a3f1bcf0054598f38e2e3302f5918ada4ab71abed0fc

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: 43b8857fd7a03930199113f08040cd7d
x-adn-backend-server-id: s7d6db9a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1237
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi7Ix4yppj6dFv3YMKRU9EiyivRJqv1aFt6ZK64NjsJEzQ%2FpmUREL3lkYq8mhrmBXfcc4b7HB3gQQwz4Kj58YORHNUnrH0bTUrxlK82eoItuQgEl2oLiVoHrs1RGLWC5d1fGXcIG3sNyNU7bZaMgNvFXvXju"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 72b745340e7559bf-MXP
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 179 B
524 B 164ms
61ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2F1plus1.ua%2F&CanonicalUrl=https%3A%2F%2Fm.1plus1.ua%2F&PublisherDomain=https%3A%2F%2F1plus1.ua

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

bc905b60ec328e6967db6be1a6319ab9ca7646d292f9d43bd63baa9e4d478303

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:28 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1plus1.ua
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 22
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 179
expires: 0

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 975 B
1 KB 139ms
44ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

0990a71f0b3cb5ce0ad9c0848fdeff8ab463a7efa2ede2366046ad42ad682328

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 975
X-Xss-Protection: 0

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 8 KB
3 KB 283ms
169ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F1plus1.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=85d0e228-05b4-4bc0-b6b7-2ba18702f68f%2C4d00edce-a56a-45f6-9244-c28d638c4111%2Ca8b1814c-c670-4bbe-b66f-6d74fa2b0887%2Cd89d734a-4c2a-476a-a6ad-f89c02b7ef9f%2Ca2ce33e7-3b6b-4349-ba28-e4c1da70ca4c&nocache=1657938148322&gdpr=0&pubcid=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55&schain=1.0%2C1!adtelligent.com%2C298309%2C1%2C%2C%2C&aus=300x250%7C300x600%2C300x250%7C970x250%2C750x250%7C300x600%2C300x250%7C1440x180&divids=div-gpt-ad-1519059092931-2%2Cdiv-gpt-ad-1519059092931-01454233834%2Cdiv-gpt-ad-1519059092931-1%2Cdiv-gpt-ad-1519059092931-0127631346%2Capi-gpt-catfish-wrapper&aucs=%252F82479101%252F1plus1.ua%252F1plus1_300x250_2%2523div-gpt-ad-1519059092931-2%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-0127631346%2C%252F82479101%252F1plus1.ua%252F1plus1_1250x250%2523div-gpt-ad-1519059092931-1%2C%252F82479101%252F1plus1.ua%252F1plus1_300x600%2523div-gpt-ad-1519059092931-0127631346%2C%252F82479101%252F1plus1.ua%252Fcatfish%2523api-gpt-catfish-wrapper&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: 80134ebe636f3f0419855cf356a8e87c286de078b7504c4e1990d62ef7e115c1

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
server: OXGW/485d39a
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://1plus1.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2561
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 3 KB
679 B 31ms
31ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 39e7ad46d37215dc1a92b8cb054787467e232ecf8963952d9558aa598e7f7c45

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 375

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
642 B 156ms
31ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: ea25c23ad0003dc8675fbf7223d08215353d3092c3eaac453c10aaa2d4e55e86

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 16 Jul 2022 02:22:27 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://1plus1.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 338

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
356 B 147ms
45ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://1plus1.ua
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/1plus1.ua/ROS?rnd=0.31500275460550187&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x25...
https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.31500275460550187&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x25...

458 B
868 B

36ms
36ms

XHR
application/json

46.249.52.248
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.31500275460550187&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Server: 46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 2b229fa865eb106077d1b9911b836203ccb3f38a234b07b4f5a7254b6274ae54

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://1plus1.ua
expires: Sat, 16 Jul 2022 02:22:28 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 458
x-sid: AMS-731

Redirect headers

date: Sat, 16 Jul 2022 02:22:28 GMT
server: openresty
access-control-allow-origin: https://1plus1.ua
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/1plus1.ua/ROS?ct=1&r=pbjs&rnd=0.31500275460550187&e=300x250_0%3A300x250%2B300x250_1%3A300x250%2C300x600%2B300x250_2%3A300x250%2C300x600%2B970x250_0%3A970x250%2C750x250%2B1440x180_0%3A1440x180&ur=https%3A%2F%2F1plus1.ua%2F&pbv=6.25.1-c&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2F1plus1.ua%2F&gdpr=0&e_pubcid=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-731

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 3 B
249 B 66ms
65ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8048&sizes=1440x180&referer=https%3A%2F%2F1plus1.ua%2F
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Sat, 16 Jul 2022 02:22:28 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 325 B
1 KB 335ms
91ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&gdpr=0&eid_pubcid.org=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=85d0e228-05b4-4bc0-b6b7-2ba18702f68f&l_pb_bid_id=50e44f69b3b9f3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.9686486258841873
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5592dbfa89130d94ececbedcaf5d1d9929a20b0c097471932e0a157ecbfd5cd7

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 325
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
1 KB 341ms
97ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0127631346&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=4d00edce-a56a-45f6-9244-c28d638c4111&l_pb_bid_id=5115c92d1fa86d2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0127631346&slots=1&rand=0.8879668847003626
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 511fd6c628a19c3fdc4040b78e3c6214780fca54b1c07e863ec9bc8dba031c24

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 352
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
1 KB 337ms
91ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=57&gdpr=0&eid_pubcid.org=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=a8b1814c-c670-4bbe-b66f-6d74fa2b0887&l_pb_bid_id=52d08a4c4218e05&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.8500901224162827
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 23f331359de0e845064fa1129d6ed9475df6239845db5d2a1dd6f31699900473

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 324
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 352 B
1 KB 342ms
97ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&gdpr=0&eid_pubcid.org=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0127631346&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d89d734a-4c2a-476a-a6ad-f89c02b7ef9f&l_pb_bid_id=53b9f87ef976fa6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0127631346&slots=1&rand=0.3960539548090358
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b22bb244d60d81ab4d4611b71bc9ad3dabf57d542be4c6dbb895d5bdc72e0e75

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 352
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST translator
hbopenbid.pubmatic.com/ 0
0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 188ms
61ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Sat, 16 Jul 2022 02:22:28 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
211 B 119ms
35ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=65296520097

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
271 B 122ms
38ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Sat, 16 Jul 2022 02:22:28 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 612 B
1 KB 290ms
191ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3a9986123f85baf58020eb48713941ec749aae9e64147f64ac637088294b4e42

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 71fbb3d6-bd45-4ef7-aa34-c28fb934ee67
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
210 B 118ms
37ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=66209905370

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 16 Jul 2022 02:22:27 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://1plus1.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 324 B
1 KB 337ms
100ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=85d0e228-05b4-4bc0-b6b7-2ba18702f68f&l_pb_bid_id=93f7eb768863a58&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x250_2%23div-gpt-ad-1519059092931-2&slots=1&rand=0.8034831005625049
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 91de3383f4d414607a4246729b96b78eae0baf354f07d1a2bdf053750b644efe

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 324
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 351 B
1 KB 346ms
109ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0127631346&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=4d00edce-a56a-45f6-9244-c28d638c4111&l_pb_bid_id=949bbbc71df5345&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0127631346&slots=1&rand=0.8545522382730615
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1148cea90d831ff802c5113203371d2bbec7fe86d0f64c819c986891a21889c7

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 351
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
1 KB 435ms
103ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=a8b1814c-c670-4bbe-b66f-6d74fa2b0887&l_pb_bid_id=95c3e9915f722d8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_1250x250%23div-gpt-ad-1519059092931-1&slots=1&rand=0.8360970921212423
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7a27f41b89121812af5d5e0970bc3f6c861170d0c6260731c1e485170f5feb6e

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 323
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 351 B
1 KB 443ms
111ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1767304&size_id=15&alt_size_ids=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55%5E1&rf=https%3A%2F%2F1plus1.ua%2F&tg_i.pbadslot=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0127631346&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d89d734a-4c2a-476a-a6ad-f89c02b7ef9f&l_pb_bid_id=969a33309cb8b24&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F82479101%2F1plus1.ua%2F1plus1_300x600%23div-gpt-ad-1519059092931-0127631346&slots=1&rand=0.689096896271137
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a9e04d460cd99d565537389bb0621fd8c76e4d09e200e84224b0bfe43226f3f0

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://1plus1.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 351
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame 2842 3 KB
1 KB 73ms
73ms Document
text/html 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 16 Jul 2022 02:22:28 GMT
etag: W/"5b310391-b5f"
last-modified: Mon, 25 Jun 2018 15:00:33 GMT
server: nginx/1.18.0

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 151ms
42ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1834787353214372&ev=fb_page_view&dl=https%3A%2F%2F1plus1.ua%2F&rl=&if=false&ts=1657938148353&sw=1600&sh=1200&at=

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sat, 16 Jul 2022 02:22:28 GMT

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 0724 56 KB
9 KB 80ms
80ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t940845973682
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Apr 2021 11:47:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:22:28 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 397 KB
148 KB 155ms
41ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e819e60be247e943e3f4c3fddf82ce1160b8c68037e0331806a68bd814e632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Origin: https://1plus1.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 03:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150553
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 03:24:32 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 0724 925 B
602 B 144ms
50ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=73d76d92db9c75a6b613bd1133c735f981a00607

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1664f45bc92def41dbd3f8d4bd057e6ce4003b168b33cfafcbca2ae19533209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Sat, 16 Jul 2022 02:22:28 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 146ms
53ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22507043-9&cid=836394917.1657938148&jid=1140486098&_u=YAhAAEAAAAAAAC~&z=1435435634

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 148ms
54ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22507043-9&cid=836394917.1657938148&jid=1140486098&_u=YAhAAEAAAAAAAC~&z=1435435634

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0724 5 KB
667 B 134ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t940845973682

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 02:12:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Jul 2022 02:22:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Jul 2022 02:22:28 GMT

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
131 B 247ms
88ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=8CEAFDC712AC4DC6A1CB600302E32C24&time=1657938148172&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=82364937&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 16 Jul 2022 02:22:28 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
230 B 74ms
73ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=8CEAFDC712AC4DC6A1CB600302E32C24&time=1657938148474
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
cache-control: no-cache
server: nginx/1.18.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 0724 397 KB
147 KB 118ms
117ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e819e60be247e943e3f4c3fddf82ce1160b8c68037e0331806a68bd814e632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 03:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150553
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 03:24:32 GMT

GET
H3 200 container.html Show response
50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D0A 6 KB
3 KB 122ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:28 GMT
expires: Sun, 16 Jul 2023 02:22:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 0724 153 KB
53 KB 74ms
73ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 12:35:16 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:20:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7D0A 2 KB
539 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 01:56:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Jul 2022 02:22:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Jul 2022 02:22:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 64B9 8 KB
893 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 01:51:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Jul 2022 02:22:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Jul 2022 02:22:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 64B9 2 KB
983 B 175ms
85ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:14:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 64B9 21 KB
9 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:14:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 64B9 3 KB
1 KB 176ms
88ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:15:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64B9 138 KB
42 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 02:22:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 64B9 17 KB
7 KB 134ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:04:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 64B9 0
0 49ms
48ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSRkl53hDwEk1ytyFXpIKkSxIFlIYwWFYL4wltRU3Tr8u2dMQ_BC6g6seEw5Mm_NS93mXoHtHBwg4uTCgh1ulNYou7bw
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 9fbfea14cd545ec81bc54d3c558bfb70.js Show response
www.gstatic.com/mysidia/ Frame 64B9 31 KB
13 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9fbfea14cd545ec81bc54d3c558bfb70.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 00:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13103
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:20:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 10 Oct 2022 00:40:37 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 7D0A 19 KB
8 KB 136ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 00:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 00:12:59 GMT

GET
H3 200 more_vert_white_48dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D0A 233 B
257 B 128ms
52ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/more_vert_white_48dp.png

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 16:44:55 GMT
x-content-type-options: nosniff
age: 34653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Jul 2023 16:44:55 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D0A 205 B
229 B 130ms
54ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 01:21:11 GMT
x-content-type-options: nosniff
age: 3677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jul 2023 01:21:11 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7D0A 604 B
628 B 127ms
51ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:11 GMT
x-content-type-options: nosniff
age: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jul 2023 02:22:11 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 0724 475 KB
476 KB 79ms
78ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 486113
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:28 GMT
expires: Sat, 23 Jul 2022 02:22:28 GMT

GET
DATA 200
OK truncated
/ Frame 0724 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0724 24 KB
25 KB 131ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 20:10:55 GMT
x-content-type-options: nosniff
age: 367893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 20:10:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0724 44 KB
44 KB 170ms
82ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 355819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 23:32:09 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 0724 22 KB
6 KB 57ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Sat, 16 Jul 2022 14:22:28 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 0724 2 KB
1 KB 101ms
101ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t1265291183530
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 0a020c62f8fd598e3213ebb678717344f4870bdf0c29f58cdbeac4234f4bc546

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:28 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 0724 50 KB
13 KB 57ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 2cb0ec77d4a1357c426f57e0902f8e2dca5ba6c33937990a15be829288d4823e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 13494
expires: Sat, 16 Jul 2022 14:22:28 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 0724 33 KB
13 KB 73ms
73ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:30 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:17:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0724 373 KB
125 KB 167ms
55ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127042
x-xss-protection: 0
expires: Sat, 16 Jul 2022 02:22:29 GMT

GET
H2 200 f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 0724 84 KB
84 KB 139ms
137ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
last-modified: Thu, 23 Sep 2021 09:37:45 GMT
server: nginx
etag: "cd80b64d6e8b1fb3fb0449e270085489"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85922
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:29 GMT
expires: Sat, 23 Jul 2022 02:22:29 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/172/ Frame 0724 9 KB
9 KB 116ms
113ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/172/200x335.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3414b58bed1def0f8a1f6eb4d0a00aefe269558f7c83e4991514f7557906d5d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
last-modified: Fri, 27 Oct 2017 06:55:21 GMT
server: nginx
etag: "0f22fa88b853950fb893bc821641989a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9066
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:28 GMT
expires: Sat, 23 Jul 2022 02:22:28 GMT

GET
H2 200 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 0724 82 KB
83 KB 127ms
125ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
last-modified: Wed, 26 Jan 2022 08:14:28 GMT
server: nginx
etag: "3917fa01fa34fdfd43db5b1c15071af1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 84258
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:28 GMT
expires: Sat, 23 Jul 2022 02:22:28 GMT

GET
H2 200 fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 0724 77 KB
78 KB 172ms
169ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
last-modified: Thu, 23 Sep 2021 09:32:32 GMT
server: nginx
etag: "1ac7c7bca48ad0b6bf49709fb825bd52"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 79302
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:29 GMT
expires: Sat, 23 Jul 2022 02:22:29 GMT

GET
H2 200 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 0724 91 KB
91 KB 118ms
116ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
last-modified: Sat, 13 Feb 2021 11:59:34 GMT
server: nginx
etag: "70c7ed91bbef141e65887484066b2093"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 93213
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:28 GMT
expires: Sat, 23 Jul 2022 02:22:28 GMT

GET
H2 200 e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 0724 73 KB
73 KB 171ms
170ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
last-modified: Sat, 30 Oct 2021 07:14:20 GMT
server: nginx
etag: "a24e7612ca888c6a3f26a9c9ad42fb7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 74890
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:29 GMT
expires: Sat, 23 Jul 2022 02:22:29 GMT

GET
H2 200 370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
images.1plus1.video/playlist-1/3467/ Frame 0724 21 KB
22 KB 136ms
135ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/3467/370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cfd5a04c696bf13721ea7b8d1094c8432135fc5f9d457ecf2c1d80bcf87e2235

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
last-modified: Mon, 04 Jan 2021 09:14:05 GMT
server: nginx
etag: "327c4784d853ead9eb1f0309f353b8d9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21916
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:28 GMT
expires: Sat, 23 Jul 2022 02:22:29 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/3093/ Frame 0724 10 KB
10 KB 115ms
114ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/3093/220x330.jpg
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fb1468e01fc61820e905556d9a6bfd354404ea647b17db099f5913efa77658a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
last-modified: Fri, 27 Oct 2017 06:57:22 GMT
server: nginx
etag: "0d77b2184841ac8a117fae5b4a32808f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9804
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:28 GMT
expires: Sat, 23 Jul 2022 02:22:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8404 1 KB
749 B 45ms
44ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 73082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 06:04:26 GMT
etag: 48472445140208031
expires: Sat, 16 Jul 2022 06:04:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 0724 281 B
353 B 57ms
56ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 1ebf61ba37ace596f6836cb88dd3021af226b5399779bae28fe12ed6e039b465

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:28 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Mon, 15 Aug 2022 02:22:28 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame FE53 5 KB
3 KB 56ms
56ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: 3f75a7301544fdaaf94086082b8b62b9f9ce4dcfae60ba07cb025f62b7e6eb2f

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2716
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:28 GMT
etag: PRIVATE7520710249
expires: Mon, 15 Aug 2022 02:22:28 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8404 35 B
462 B 174ms
41ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAaaRbcXFrqDQ1tPJUOLhtk&google_cver=1&google_push=AehlK4AiTzf3ngiEyPNIFWfYkvnSJh2bqyx2rm3kQA1EcdU04JfUQnG9FfQQ0TOz14cKOupCvWlt6Xr67vLoq6OBbMtbGyHVMmcB

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8404
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELfSXUoqhHDpZsh5kTmzYGw&google_cver=1&google_push=AehlK4AthT-HRQWG5c3tbyUrNcvvKNxM6KyiBCiDWOtN740cmmlviM3k_FkPJUczcYc9iDB417FXZaHLlaUwFDCz...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AthT-HRQWG5c3tbyUrNcvvKNxM6KyiBCiDWOtN740cmmlviM3k_FkPJUczcYc9iDB417FXZaHLlaUwFDCzusfdlvAistcj

170 B
329 B

114ms
113ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AthT-HRQWG5c3tbyUrNcvvKNxM6KyiBCiDWOtN740cmmlviM3k_FkPJUczcYc9iDB417FXZaHLlaUwFDCzusfdlvAistcj

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 16 Jul 2022 02:22:29 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AthT-HRQWG5c3tbyUrNcvvKNxM6KyiBCiDWOtN740cmmlviM3k_FkPJUczcYc9iDB417FXZaHLlaUwFDCzusfdlvAistcj
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 16 Jul 2022 02:22:28 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8404
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDoJ9B4PFjdrFjpVoMuqH_Q&google_push=AehlK4CnOSiq1PFtF6GaQlq08SWf__wYSPfNKcl4rIQUBgrGAp45-x4A1G...

170 B
188 B

140ms
58ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDoJ9B4PFjdrFjpVoMuqH_Q&google_push=AehlK4CnOSiq1PFtF6GaQlq08SWf__wYSPfNKcl4rIQUBgrGAp45-x4A1GdMS8ipxKWGA6QTm2ZK9vc7PQTudl13oQlQZFIkwy6A

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:29 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1657938149.089794,VS0,VE80
x-served-by: cache-lcy19229-LCY
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDoJ9B4PFjdrFjpVoMuqH_Q&google_push=AehlK4CnOSiq1PFtF6GaQlq08SWf__wYSPfNKcl4rIQUBgrGAp45-x4A1GdMS8ipxKWGA6QTm2ZK9vc7PQTudl13oQlQZFIkwy6A
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8404
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKgkLrea0kC3fIIv8rmdsv0&google_cver=1&google_push=AehlK4AI_-HP5fS06vk0k3Uq1fUl08_mr1BtBC-OpP784KHqFhW3UuSSHRjLFChhzNxxVZTC4VxD6MUpOJVzKr73WEIcO8jGel-e
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9329591B23704CC088FB1714D6430DFA&google_push=AehlK4AI_-HP5fS06vk0k3Uq1fUl08_mr1BtBC-OpP784KHqFhW3UuSSHRjLFChhzNxxVZTC4VxD6MUpOJVzKr7...

170 B
188 B

142ms
58ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9329591B23704CC088FB1714D6430DFA&google_push=AehlK4AI_-HP5fS06vk0k3Uq1fUl08_mr1BtBC-OpP784KHqFhW3UuSSHRjLFChhzNxxVZTC4VxD6MUpOJVzKr73WEIcO8jGel-e

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 16 Jul 2022 02:22:29 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9329591B23704CC088FB1714D6430DFA&google_push=AehlK4AI_-HP5fS06vk0k3Uq1fUl08_mr1BtBC-OpP784KHqFhW3UuSSHRjLFChhzNxxVZTC4VxD6MUpOJVzKr73WEIcO8jGel-e
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Fri, 15 Jul 2022 02:22:29 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 8404 43 B
577 B 186ms
48ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEOAnp1y544V4foAoQtPhBHc&google_cver=1&google_push=AehlK4Ai6dUS6DyNHbiVSloEKqKNr92ygP639MM7UuHUBQ30Y-knG4sFEVzb2kdUl11t9N3OPQscsMX8pQ828i22Wt37-1IbFco

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Jul 2022 02:22:29 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8404 0
166 B 236ms
31ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPej_lSt4vEA9SaE7C-YIWU&google_cver=1&google_push=AehlK4BMgemFKDQq1VGtZD83MPJ7FYxMF2lCgJhyp48cqtH_tTwUDJ2tnPmsjMIvVSu5iIJaR4u5ZSdov6rsEdzmVMnUyFWc2m56
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 8404 43 B
101 B 186ms
49ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEEcE1vXTfNk7-MxVpUDtPm8&google_cver=1&google_push=AehlK4C3ZozOreb6LR_-Zth-XckJMPVeX3NICP4Q57dmVFZw-M1dQ5RgYt6sSAKQR2w8-UJzLNLGEOozUQbtqcAN6DPXuVT6M_vmSg

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Jul 2022 02:22:29 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8404 0
232 B 183ms
49ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1ykEIKcgFCuk6rqyDNKuPLWG6fnAfd786j5cuMGfYuFGUN89OgO4Gu3AQ9p1U1vKCaF4elg

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1311 36 KB
14 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 20:45:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 148ms
57ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

474612c771ed61dcbefc6cbf06bb7f91ab2e583ecb4bd6eb17877bd3748a4f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11067
x-xss-protection: 0

POST redot.gif
gaua.hit.gemius.pl/_1657938149152/ Frame 0724 0
0

GET
H/1.1 200
OK E2fzXbha Show response
1plus1.video/video/embed/ Frame 0724 11 KB
6 KB 105ms
104ms Document
text/html 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: f9b09225eeee716c1f859129c051dca496fed4c973a095886bb970b61e01011e

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sat, 16 Jul 2022 02:22:29 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 337329a5e3fec02712e8d60b21e1412b_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/641/ 30 KB
30 KB 76ms
75ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/641/337329a5e3fec02712e8d60b21e1412b_755x500.jpg?v=1645530002
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
last-modified: Tue, 22 Feb 2022 11:40:02 GMT
server: nginx
etag: "cde866112b4b81b54aa1bd45cc67011d"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 30780
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 00:50:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 f151616dfa4225a5765c58f2fe77ae18_755x500.jpg
images.1plus1.ua/uploads/gallery/000/860/650/ 42 KB
42 KB 78ms
78ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.ua/uploads/gallery/000/860/650/f151616dfa4225a5765c58f2fe77ae18_755x500.jpg?v=1645530034
Requested by: Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 48c780f7e651b6071883d1dbf7a21e38f4b9e9250335487cc846abc0b4cff053

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
last-modified: Tue, 22 Feb 2022 11:40:34 GMT
server: nginx
etag: "09e423317519e26fcd0c5fc1a026561b"
content-type: image/jpeg
cache-control: max-age=315360000
content-length: 42603
accept-ranges: bytes
x-1p1-cdn: HIT; Sat, 16 Jul 2022 00:50:24 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET bridge3.521.0_uk.html
imasdk.googleapis.com/js/core/ Frame D5C6 0
0

GET client.js
s0.2mdn.net/instream/video/ Frame 0724 0
0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0724 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK ovva.0.3.0.css
1plus1.video/static/player/css/ Frame 0724 171 KB
26 KB 73ms
73ms Stylesheet
text/css 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/css/ovva.0.3.0.css?v=73d76d92db9c75a6b613bd1133c735f981a00607
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Nov 2021 13:08:40 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:19:37 GMT

GET
H/1.1 200
OK ovva.0.3.0.js Show response
1plus1.video/static/player/js/ Frame 0724 198 KB
69 KB 159ms
158ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: 517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 10:03:07 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:19:47 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0724 103 KB
39 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4278c7c1497524cc5ed603a391f335486caca0a63e8b097f1dc8f6e3e87a76ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40269
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Jul 2022 02:22:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 145ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 02:22:29 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 58ms
58ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460538/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://1plus1.ua
Date: Sat, 16 Jul 2022 02:22:28 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5D4 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 12719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 22:50:30 GMT
expires: Sat, 15 Jul 2023 22:50:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2C70 783 B
535 B 52ms
51ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b14c725050dc585b301493c4668a7a89583269c92bcbc246c5e601782ea8aa3e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S_8U6FKTgt-e5mz-PD6lFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-S_8U6FKTgt-e5mz-PD6lFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:29 GMT
expires: Sat, 16 Jul 2022 02:22:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame E5D4 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 07:17:56 GMT

GET
H/1.1 200
OK l.js Show response
api.1plus1.video/u/ Frame 0724 898 B
2 KB 89ms
89ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1657938149513
Requested by: Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 068ad721456309f6489020d0e40edfdbca01168f8c37152d9c7bed8125cb8497

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:29 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 0724 127 KB
47 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPC3Q76

Requested by

Host: 1plus1.video
URL: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4dfc0827d50b5a140e70520be9dc20b22bcf433fe5e3128075714092e55e00fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47694
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 16 Jul 2022 02:22:29 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0724 49 KB
20 KB 31ms
30ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104502981-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5033
date: Sat, 16 Jul 2022 00:58:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 16 Jul 2022 02:58:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C70 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=2832515476977366&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK api.auth.0.0.5.js Show response
api.1plus1.video/static/js/ Frame 0724 108 KB
33 KB 74ms
74ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Requested by: Host: api.1plus1.video
URL: https://api.1plus1.video/u/l.js?p=128902&l=ua&f=0&auth=1&login_profile=1&_t=1657938149513
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 11:59:04 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:19:35 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5D4 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IoVF7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK api.auth.css
api.1plus1.video/static/css/ Frame 0724 56 KB
9 KB 76ms
75ms Stylesheet
text/css 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/css/api.auth.css?_t1504426394657
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 07:12:56 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:22:29 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 0724 925 B
602 B 51ms
51ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/js/api.auth.0.0.5.js?v=73d76d92db9c75a6b613bd1133c735f981a00607

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1664f45bc92def41dbd3f8d4bd057e6ce4003b168b33cfafcbca2ae19533209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Sat, 16 Jul 2022 02:22:29 GMT

GET
H3 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 0724 397 KB
147 KB 125ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=__api_auth_recaptcha_on_load__&render=explicit&hl=uk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08e819e60be247e943e3f4c3fddf82ce1160b8c68037e0331806a68bd814e632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 03:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150553
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 03:24:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0724 5 KB
667 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Requested by

Host: api.1plus1.video
URL: https://api.1plus1.video/static/css/api.auth.css?_t1504426394657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://api.1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 02:12:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Jul 2022 02:22:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Jul 2022 02:22:29 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
1plus1.video/static/player/js/ Frame 0724 153 KB
53 KB 89ms
88ms Script
application/javascript 195.137.240.88
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://1plus1.video/static/player/js/hls.light.min.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.88 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front02.1plus1.ua
Software: nginx /
Resource Hash: bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/video/embed/E2fzXbha?autoplay=0&l=ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Dec 2017 12:35:16 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:20:24 GMT

GET
H2 200 92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
images.1plus1.video/card-5/E2fzXbha/ Frame 0724 475 KB
476 KB 79ms
79ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/card-5/E2fzXbha/92d3195f325a4d45ee303ab9d892d5b3.custom.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Tue, 15 Jun 2021 14:24:37 GMT
server: nginx
etag: "c7be8b09dd21bd3fc4aad93543f193e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 486113
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
DATA 200
OK truncated
/ Frame 0724 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0724 24 KB
24 KB 179ms
56ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 20:10:55 GMT
x-content-type-options: nosniff
age: 367895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 20:10:55 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0724 44 KB
44 KB 162ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=cyrillic-ext,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1plus1.video
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 355821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 23:32:09 GMT

GET
H2 200 gplayer.js Show response
gaua.hit.gemius.pl/ Frame 0724 22 KB
6 KB 58ms
58ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gplayer.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 5978
expires: Sat, 16 Jul 2022 14:22:30 GMT

GET
H/1.1 200
OK 128902 Show response
api.1plus1.video/v2/ua/recommendation_projects/ Frame 0724 2 KB
1 KB 117ms
117ms XHR
application/json 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/v2/ua/recommendation_projects/128902?cid=E2fzXbha&vct=3&_t634516725230
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 1f91f5ec38f54d6fb2ddaeb53ef0b8b6e1d9bd2db00b5f3ce5ac10856160d8de

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://1plus1.video
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=2832515476977366&bg=!AgGlAUXNAAaYcLjmuHA7ACkAdvg8WgauVC3HIcfsEXdlqCw9xlu54qjH_0MzN9aJK4E_r6UHdQWIeQIAAAByUgAAAANoAQeZApKaYiBYL0OotSdXSquA9PJ8BJ_PekLROfMRSOPUfk7VmwCiqp8ItZhbIcacz9rz6Jkvz0LjgzGRfUiHU96mrNxmfuA0PC0ridbFzz7i_jDqUy1weGjt2GL87hDVVY3gcO9ttii9gEMJoaVudr0rxMgVYRv8xXuce0PFqZJWJZ-Z1lfe8rB4GihyKYdGSvYcN0EKNTMJpMqbfREtw0aCpCqCTrUO7qymwUsRfnn9UQDkoji3DWvpE6X7JjtZaoIS88sbjxjsWTuwEZNBa4l9z3fuIzRaDaKmUDaS1Ir_d-kTol-OJ3EdmpEo_PHV8GfrBMeYWojCoMTxtyQwHyoyQAQM40oGEJWxGMXR1oJf7rtlnt0yMiXNmvoycUKgUulCetuEQn1JBezb9V7LPlG0mmTgyVoeMT4SZuG3xVmwA5GKhC8sMuyiNGl8dvKIGpXPIqM6NdEX49GKIdSvFIqqTgZuTtSlNGpwUam0bg-MjDyzdR7oiwPIxz0tqBPLRQPoZmooKumY9gS0Ktdz-DQHysCCDax-PeWaNMuzfG_25V1VpzWn5mvlY33YE6FjS5zya7yfmkJlyITz45m8hqbYYaQsaZSWLGhTZrDhmMzxXSItKspbqb5HEwMGQUDoX9qaz1Gq4i9P_m9BaTGrIfgSoKNlRAfdgmZc2vCwh7gwezEX4vDbtfkKI9PyWKYFKr6YqQtwH3RdUBHBY0Kk0YMaXuIC4rB8hq4F7reK9fjfvoknLwSpeSsgYYOEfOanAj3HtKdZKKU6CEuF8McNOJbUlt5UrJEAXSs5n2YXqp4n4Zc291HyElPeXE0_2Mk1T8HdcRhwtJBoJyyfFpKbcLBexUqLWN8eMpLykfjYWMsRR9t3Br18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 gemiuslib.js Show response
gaua.hit.gemius.pl/ Frame 0724 50 KB
13 KB 61ms
60ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/gemiuslib.js
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 2cb0ec77d4a1357c426f57e0902f8e2dca5ba6c33937990a15be829288d4823e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 16:52:19 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 13494
expires: Sat, 16 Jul 2022 14:22:30 GMT

GET
H/1.1 200
OK api.chat.0.0.1.js Show response
api.1plus1.video/static/js/ Frame 0724 33 KB
13 KB 82ms
82ms Script
application/javascript 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/static/js/api.chat.0.0.1.js
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 02:22:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 14:15:45 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Mon, 15 Aug 2022 02:22:30 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0724 373 KB
124 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127042
x-xss-protection: 0
expires: Sat, 16 Jul 2022 02:22:30 GMT

GET
H2 200 f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
images.1plus1.video/playlist-1/118669/ Frame 0724 84 KB
84 KB 94ms
93ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/118669/f0ee1990bc109bdc1d80ced614848fbe.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Thu, 23 Sep 2021 09:37:45 GMT
server: nginx
etag: "cd80b64d6e8b1fb3fb0449e270085489"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 85922
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
H2 200 580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
images.1plus1.video/playlist-1/5589/ Frame 0724 82 KB
83 KB 83ms
83ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/5589/580fc007f314b6c7a87ec2f320914a1a.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Wed, 26 Jan 2022 08:14:28 GMT
server: nginx
etag: "3917fa01fa34fdfd43db5b1c15071af1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 84258
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
H2 200 e2811c3b984e91c24e364696bb27bc38.220x330.jpg
images.1plus1.video/playlist-1/93/ Frame 0724 73 KB
73 KB 110ms
110ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/93/e2811c3b984e91c24e364696bb27bc38.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Sat, 30 Oct 2021 07:14:20 GMT
server: nginx
etag: "a24e7612ca888c6a3f26a9c9ad42fb7a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 74890
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
H2 200 220x330.jpg
images.1plus1.video/playlist-1/3093/ Frame 0724 10 KB
10 KB 91ms
90ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/3093/220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 0fb1468e01fc61820e905556d9a6bfd354404ea647b17db099f5913efa77658a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Fri, 27 Oct 2017 06:57:22 GMT
server: nginx
etag: "0d77b2184841ac8a117fae5b4a32808f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9804
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
H2 200 08889206d0bc6f22496fd04b86041fed.220x330.jpg
images.1plus1.video/playlist-1/326/ Frame 0724 91 KB
91 KB 92ms
92ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/326/08889206d0bc6f22496fd04b86041fed.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Sat, 13 Feb 2021 11:59:34 GMT
server: nginx
etag: "70c7ed91bbef141e65887484066b2093"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 93213
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
H2 200 370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
images.1plus1.video/playlist-1/3467/ Frame 0724 21 KB
22 KB 115ms
115ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/3467/370c2b73c5a49b7670bbcbdc1171051f.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: cfd5a04c696bf13721ea7b8d1094c8432135fc5f9d457ecf2c1d80bcf87e2235

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Mon, 04 Jan 2021 09:14:05 GMT
server: nginx
etag: "327c4784d853ead9eb1f0309f353b8d9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 21916
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
H2 200 fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
images.1plus1.video/playlist-1/101800/ Frame 0724 77 KB
78 KB 117ms
117ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/101800/fa026e772cfd5e39f5c43fb03bea1247.220x330.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Thu, 23 Sep 2021 09:32:32 GMT
server: nginx
etag: "1ac7c7bca48ad0b6bf49709fb825bd52"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 79302
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
H2 200 200x335.jpg
images.1plus1.video/playlist-1/172/ Frame 0724 9 KB
9 KB 88ms
88ms Image
image/jpeg 195.137.240.21
ASN-UNIAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.1plus1.video/playlist-1/172/200x335.jpg
Requested by: Host: 1plus1.video
URL: https://1plus1.video/static/player/js/ovva.0.3.0.js?v=73d76d92db9c75a6b613bd1133c735f981a00607
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.137.240.21 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: images.1plus1.ua
Software: nginx /
Resource Hash: 3414b58bed1def0f8a1f6eb4d0a00aefe269558f7c83e4991514f7557906d5d8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Fri, 27 Oct 2017 06:55:21 GMT
server: nginx
etag: "0f22fa88b853950fb893bc821641989a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 9066
accept-ranges: bytes
x-1p1-cdn: BYPASS; Sat, 16 Jul 2022 02:22:30 GMT
expires: Sat, 23 Jul 2022 02:22:30 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ Frame 0724 281 B
353 B 57ms
56ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=1plus1.video
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: e420fe96fd012b70bc6c29971edde31d417346e6f683936a2fd03b5c454d13c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Mon, 15 Aug 2022 02:22:30 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 1608 5 KB
3 KB 56ms
56ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: 3e85d2ef5d5a896cb9d1d50537ddbfc37b3f3ae1f051a165a48ed4bed05a7dba

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2715
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:30 GMT
etag: PRIVATE7520710249
expires: Mon, 15 Aug 2022 02:22:30 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 69ms
69ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 67ms
67ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 156 KB
49 KB 449ms
448ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2832515476977366&correlator=2797272998540040&eid=31068159%2C31068457%2C31068460%2C44768686%2C31061166%2C42531606&output=ldjh&gdfp_req=1&vrg=2022071101&ptt=17&impl=fifs&iu_parts=82479101%2C1plus1.ua%2C1plus1_300x250_2%2C1plus1_300x600%2C1plus1_1250x250%2Ccatfish&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F3%2C%2F0%2F1%2F5&prev_iu_szs=300x250%2C300x600%7C300x250%2C970x250%7C750x250%2C300x600%7C300x250%2C1440x180&ifi=3&adks=695559250%2C3808000600%2C3836652839%2C2036786859%2C2198103003&sfv=1-0-38&ecs=20220716&fsapi=false&prev_scp=Project_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DMain%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3DOther%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7CProject_1plus1%3Dother%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D743aeeee4a031cbe%3AT%3D1657938148%3AS%3DALNI_MYCE_UIgAlnq_4DSHAUDdAdLG4SiA&abxe=1&dt=1657938150330&lmt=1657938150&dlt=1657938147076&idt=1124&adxs=299%2C983%2C315%2C983%2C80&adys=692%2C2395%2C4450%2C5019%2C1020&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C0&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2F1plus1.ua%2F&frm=20&vis=1&psz=314x0%7C300x0%7C1176x120%7C300x0%7C1600x-1&msz=314x0%7C300x0%7C1176x0%7C300x0%7C1600x-1&fws=0%2C0%2C0%2C0%2C512&ohw=0%2C0%2C0%2C0%2C0&ga_vid=836394917.1657938148&ga_sid=1657938148&ga_hid=1065207403&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

8188ec1e8a570a8a90e580d3ecfc1cf7c716669875d5cfa23574730d5d1ffc40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50496
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 184ms
61ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Jul 2022 02:22:30 GMT

GET
H3 200 bridge3.521.0_uk.html Show response
imasdk.googleapis.com/js/core/ Frame 38D2 633 KB
205 KB 42ms
41ms Document
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.521.0_uk.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3429242792bca181adf72270f1e3f7dfa931e684c12d1295df5a14867cc50446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.video/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 381742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209431
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Jul 2022 16:20:08 GMT
expires: Tue, 11 Jul 2023 16:20:08 GMT
last-modified: Mon, 04 Jul 2022 16:05:25 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0724 44 KB
16 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 02:22:30 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0724 107 B
122 B 51ms
51ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1plus1.video

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 redot.js Show response
gaua.hit.gemius.pl/_1657938150455/ Frame 0724 2 B
200 B 58ms
57ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/_1657938150455/redot.js?l=107&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1657938150837%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fautoplay%3D0%26l%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400&vis=1&lsdata=k7EnVY2s66oqRBPN34qyCVUgI6jV1YfRBd0N0I6vYoX.v7f1ZnPZyB7sj4olHFfv0vcp7LNE.5oMqvB.pwMNWKPemE2v/5cFfPqWu_BcT8/&ltime=99&fpdata=-TURNEDOFF
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/gemiuslib.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.video/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Fri, 15 Jul 2022 02:22:30 GMT

GET
DATA 200
OK truncated
/ Frame 38D2 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38D2 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?aot=ib&tte=f&lid=158&sdkv=h.3.521.0&id=ima_html5&c=4157016490440908&domain=1plus1.video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38D2 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.521.0&id=ima_html5&c=4157016490440908&domain=1plus1.video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38D2 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.521.0&id=ima_html5&c=4157016490440908&domain=1plus1.video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38D2 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=thirdparty&ctv=0&lid=6&sdkv=h.3.521.0&e=44731964%2C44752657%2C44754420%2C44760950%2C44761692%2C44762904&id=ima_html5&c=4157016490440908&domain=1plus1.video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38D2 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.952396645735325&time=1657938150520&lid=43&sdkv=h.3.521.0&e=44731964%2C44752657%2C44754420%2C44760950%2C44761692%2C44762904&id=ima_html5&c=4157016490440908&domain=1plus1.video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
api.1plus1.video/home/vmap/ Frame 38D2 750 B
1 KB 101ms
100ms XHR
application/xml 195.137.240.108
ASN-UNIAN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.1plus1.video/home/vmap/?s=1plus1.ua&r=YUhSMGNITTZMeTh4Y0d4MWN6RXVkV0V2&w=665&h=400&c=E2fzXbha&d=web&p1v=0&pid=128902
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_uk.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 195.137.240.108 , Ukraine, ASN29389 (ASN-UNIAN, UA),
Reverse DNS: front03.1plus1.ua
Software: nginx /
Resource Hash: 1bdd42a8be0dcd6021774c2e0a0f6b8275bad01f6a8c552017efebc24a6a0373

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/xml
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38D2 0
20 B 84ms
84ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1657938150525&timeout=f&logid=0.952396645735325&timediff=5&lid=43&sdkv=h.3.521.0&e=44731964%2C44752657%2C44754420%2C44760950%2C44761692%2C44762904&id=ima_html5&c=4157016490440908&domain=1plus1.video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38D2 0
20 B 84ms
83ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.521.0&e=44731964%2C44752657%2C44754420%2C44760950%2C44761692%2C44762904&id=ima_html5&c=4157016490440908&domain=1plus1.video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 34B0 15 KB
6 KB 178ms
57ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=1plus1.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:30 GMT
server-processing-duration-in-ticks: 3669
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 245ms
116ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4c2ce8d360f61186e0ba56478c0bc8e848e2ad5958fd08900e13bb0981541a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 06:23:33 GMT
server: nginx
etag: W/"62bbefe5-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Jul 2022 02:22:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38D2 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?vmap=t&lid=115&sdkv=h.3.521.0&e=44731964%2C44752657%2C44754420%2C44760950%2C44761692%2C44762904&id=ima_html5&c=4157016490440908&domain=1plus1.video

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 34B0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=1plus1.ua&sn=ChromeSyncframe&so=0&topUrl=1plus1.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=2UZMGnxoR3lJT2xZNWx6dHdDSkVNL1hkSmNmYkFSWHl0dnkzVWsyTVBLY2pRb25hUnBIQ1pJTmdZdE1zZmNSclZPT2ZzYTExbmlleDhOK0FHNyt0U2VhU1RiTElkS1crK2t5UFVLSzJINSszdEpDaGdsZzRiR0VxdlIxTk...

428 B
633 B

119ms
39ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=2UZMGnxoR3lJT2xZNWx6dHdDSkVNL1hkSmNmYkFSWHl0dnkzVWsyTVBLY2pRb25hUnBIQ1pJTmdZdE1zZmNSclZPT2ZzYTExbmlleDhOK0FHNyt0U2VhU1RiTElkS1crK2t5UFVLSzJINSszdEpDaGdsZzRiR0VxdlIxTkkzSjVNbmRqKzJWTldLN2lnZDZOMzVTN3hWNG9NNE5SSmgzRitqZ2pSVWJhdWN5d3dyTW8rMGNEOGNaYUp1aG5NSmRaWG1BeERhZTB6ZDc1d3NDYnVYOFN4MTYzUHI2MlZGUzdnTWdqbzE2cnFOaUxXNUp4L1A4UlpQbStEUUtrbHlDZGRHZ1RnMmo5OXpjMFRwb2ZGcVhhRVN6SmhRQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

60fc51ea46895093c19dc65da65fd9364ab45da67a07374ffcb264c5cdcb4975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7025
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:29 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=2UZMGnxoR3lJT2xZNWx6dHdDSkVNL1hkSmNmYkFSWHl0dnkzVWsyTVBLY2pRb25hUnBIQ1pJTmdZdE1zZmNSclZPT2ZzYTExbmlleDhOK0FHNyt0U2VhU1RiTElkS1crK2t5UFVLSzJINSszdEpDaGdsZzRiR0VxdlIxTkkzSjVNbmRqKzJWTldLN2lnZDZOMzVTN3hWNG9NNE5SSmgzRitqZ2pSVWJhdWN5d3dyTW8rMGNEOGNaYUp1aG5NSmRaWG1BeERhZTB6ZDc1d3NDYnVYOFN4MTYzUHI2MlZGUzdnTWdqbzE2cnFOaUxXNUp4L1A4UlpQbStEUUtrbHlDZGRHZ1RnMmo5OXpjMFRwb2ZGcVhhRVN6SmhRQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1429
content-length: 541
expires: 0

GET
H3 200 container.html Show response
50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B9A 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:28 GMT
expires: Sun, 16 Jul 2023 02:22:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D99 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:28 GMT
expires: Sun, 16 Jul 2023 02:22:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6327 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1plus1.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:28 GMT
expires: Sun, 16 Jul 2023 02:22:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E217 624 B
297 B 52ms
52ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhjfk_iwATAB&v=APEucNWGmF9oGfQMh3RufUnpB__LTYs48kcgFp9OcxiFPkKzaB6x4H_xOvDP6bg8fK8HuTTrlNtYbkWTR_iQomR5TO6UMJHoBcH3H3KtmJvzOgUxI5SbnuI_mKWSWD9P6sGpuSLY_PIwQWJy_hK7TD3z521gwKl9HZHzIhJcInH4CsOF8aeQCtc

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2B9A 60 KB
30 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4mBd4d8JL7l8tQdDr4Ouh-8CymhsCUrU4NIih6QBAjGYrw5eSaIdbSnZJhsFC9CcEBjTMXc6JiPdS02dBRMXV0PznPg&cry=1&dbm_d=AKAmf-AvHaFo89ZqyKYm1Mfg-zYEkwTsgjydSYfHoRHQsUK8aq8pDRVA9q7oWbJwbnv-p0fUPkn_WLdTYTnrdVVPrQ83F2xv2fvIfnnN_GbS-zmGsG-Qrhme2mKa7VgHxeiyumjOg4mGeMLnAe1X_EjjDDSeVmXKpjXefStM1GOOUWavUtqmIrWa3a0Zqr--OTwauuudOUS4t9XXpWqxwws-3r0c8G5MsVYtR_eeeDvFbg_wJybL3MLiBcEVADs1E9-peqR8GbYIn8lKNacJEEg4A9ut6py7gD3cKNzDCPJcm1seaVsTZVLt9JvtdFkA1QaHUUQpjvUC0tzJslZSAsyGRqiZV7bIUlFMjwrwpvcbAHBF-w5VmrIxwCdKChqZm1CFnaQiqyOxk3cZ45FmUfkzOJSfpj_ZYizvPNNNiaihoNoJiHwYEkGY675ErhooSitCTfoCZtK7i0ZVy4zVSO-W0gBGhlv7dVLVP_bf4ySVQhGnrs8J89glPQVK9epuZWGkj37rQgZK-mcrmG_fUL-1_v4Gl_r5YECrvG2T52uelYIhq1maQSpNcnrVA4K3Yxw836NVLz2EajRfJCdG1oCdjuJEXsBEWjeZ4Jug_fqheFdeVizAsKd8l5JgiRDev3wdfqII1Erme16P7Tr-LYOkEcGa1AKbJoarW1BHtLp5HWMuftQ-KfDdmsSY-5PsZ7cEmKgqrzED04XEf780GuByWrD0X_QLsudOQg3zZ4X-ipoINd9qNGJksn7lBRLB7hHqOKaZtjoJoYaO63MPfnfNiUW8dI4_s2YomwYAq40aJw0tjvmPGIgFEsLLqnq-huDL1Sx577sOdRtKxvUAcum5MGmKlOHt4jA3fMLPYaGoQJuKxt_3RF6OnfIP3D9wDS-GW59b09M0youk_UIQTd1VdI8ysK_whbGV68G1f2unnks5VJEBuT_yyYzYt_OdA9kiPSiM-6oO3IOE08uPDzPqKBXgJkq4Ve76Xqb43MHQEtVLwVL5rgHr63o8wBm5F_KKR7WZOkTC4GhDqbBcdBu3C-wFtJrqVNx_KLG0u-kautYFfBl9mskMTjFDAzcdNw9g_SAAp2wZPWxQaEdn--XB1dVDLwKAnLmYzP2nbIi448PNeZMvQUR5s4z4eEFonbzjvTkOwhbkbucoChV0uifVAd0qAIOegRkLqVgCPiBVnQp7nDR0lnZGZf2Ny4DRg-tQVxakIIO3jDbpic5C8TAk994pb3I9tP-InMoPgJZbK3D6oGa_KoWIXnBQaZ8oY7cFctUTAjb0jZvLCGmXlqsOA4agY4l4YA7YW6oMdkzlSjFxfvVvn5qm35zRB6PmvErejbBSEVMjRwOaArPjTf03i7gm0u_G7AwaCeGDMEj_WROUaADP1d0wU7A8lYWIHZrX_frRKgltdSWBaALm2CWtnaYehnum9jI3QCsDcsPWxnK3pxxt_8tJ1iY-wGb4LX2YDvwTX_WAlLIg9cfOekd_QO80zHhMkcckQXaTS8Ryyll_muhSuwsepDaq1jb47SJPeWZ0L639CIHv5yzYwrz3LVxD-FykXBIx8b1GqoU1m0o3BNqQKL9aGJ3x-4PmtMsCOFlAUMtYYPlld_V96_3p0aWIZF-k7U6NWDPVRB6Hq_COj7bKFP-LSOz3VUAbd-iKYMeMl11PyyIGeJ-l135G3U9drNiu2pVqvPLdWJe_ryMwJcTSPBfjbA6pop4sVf9k1ZlW3N1W8b4maY7U_Y6usu9S1Y-YMT0LSotaBlzcNeWjPirW3OgKgRa3RDOEZeMHmTwJ3veEtjGwRi3vQUrGrVbhGWjY-QdmNN3PL99FhUA8u_l3d1uMVijKqgpYGgNPXMDQV7L1SlFh37NxV6Roxjxiq63TwvQykIX139zIobQdeX7Wb_hQbXIu5EUnUSLd_uM93TSetA0_1tODC7JG7mluCgsqagbEx4Krl_lTSuETEuU0Om3eoqQhjs14Z9-Nc5idE2pKXTTxzabjbtIkejy4lVTvnqhUDqUKXG43aVroQv1ZYr5xAMPArP8U3xYCq_SSDfq-Y8ibpvC3ydcbMd09BTKWdtEH9X0xYpJMHg_kn0bsV8fF-fxc5mplbQXNmCCFhb63wYU5XQ4SBHFh8FNcHIXMKCJtYW95cYQwYR4W-r9LnA9Qle50rdgt_pbffHVmj7qPrVpt_FjcWrRv_uV_IWHI82DJxbA-91WZrV3h5a7QDUYw36-P6KUxgoKm5asvHN36Jop8KI1r1jOiFPsItR90Aymf-0VbUXLhJ2Lfub-Sendc8Lo0x7cuE-BfzLdSqoy7e2APdwhuOSg6RFv-z0Bhcb4orGSX2KQ5_SDxsic0R5vpCPSuGVz-7dkrZV2XKicRW_oR-dP7cCBXSScOWGU6QlzOCpIDIj5O5MgRHie_9IMZhzbcRpRcSTxJuNutoUoiykvOjLywCXXZ1_8EWfhtF6VV420-AwBZeSwBbsBpll4hU0ha-POtPnL9BRq1rfF61IpEN14Y8a38odsR_GUyXSBb58RHNl7k-zy2Pge_vaa22Ya0TIld99O4USa47rIQndYxPGF-431gusba-NAUfavrnZDxZkiSQLf958EpiZ0M11wnkH4HVI3JnR15VX69nYaAdG3YbMYMXsnpaCHrCmNd1NivSwSm4DF6csLNUOhW56K4197c5JVsJ6nS1vKeuoqBXaYOW0EeemWyE1nfP7j6e5da7ckgC5MGfNDfnurcG_vD31Q6vAZleizy8VgVZESQj3ICFs2dZuXolI8HvzU_kgFhKp8d2ulvgGR4kRsRV8MyFVSJAtDbMgikNCVzdwIvBDt0GrFLkkzgtHpS11sqOvJa_eXqzW_LhQMXZ5_OpVg6cAPNOMTX6FOldSPdsUg4OrfGsa0exD9pKqTsxR44eoDgkF3iuSWMPmJbl6MhumhEjGXHGCntXw-97DKSFkKyNVS4Rpyvhy7HsFdpLzfjfo41I4xBt9UlkMymmqdYxZi0nQeJUP08fbpAxGlj2QTCBqcSZt1Yy3Z0tz2nkHfTiTbh_Keuf3jM7foN1wY7nP-ODkA63x1zfuQlpIklpFjW75L3yvZlqnmmylTMgqllTsav07hTBIFsTEi7_QJExnCIvY2u4I2nD4UzK0Yd9d__ol6Xx1hpDxHYGmku8OPbDylo2SwbJXVdn6wzcTHmBaCCieMTMBegxkuDjGCyVvPzJxPBl2c2XxnrBzi8wNkTzJUah_ejg4gxxnmEz2N9-ui2XCY96GDI13E_CDiSGULdJ1xEtaIRpGpe0xu8Pg&cid=CAASJORoTiErp1OkMHrG1VcBufcaJwsSqUg66d7bROehQg_8SEeHRw&rfl=1%2Chttps%253A%252F%252F1plus1.ua%252F%240

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5209a372c57cdeb6ad0ecddbfaebe51c888d03a4456e1da83f22e6ad0a939e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30492
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B9A 42 B
63 B 78ms
77ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJIa4_hxBLWkygk67Ayei-TWBBiwGzv6qPA1bewe1mjpQyHapxd1iZuJb9fRLK1p0zIfeNEo6qyvanzYM-1twvWpyOJ-_SlK2r4cDe5nhiqXFzLaY

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 2B9A 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:15:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B9A 138 KB
42 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 02:22:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 2B9A 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:04:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2B9A 0
0 49ms
48ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQrp-ngXvDLkI-xyozleplTAjEVv-DG_5TQeeP3q2f8Y0_Kz9uKB2d3lK-z31jjx5KXjbhgyh38UEDC1_HfyGFb9zYrEg
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7B27 640 B
316 B 54ms
53ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY7r2avQEwAQ&v=APEucNW_iaKwnKEqXXjjBatR7FfnyIGT3ovtCNTOtL7TD3CeF59N-IbJOrtaXMKR3vcmNRAKZsnw_cTaVIWg8scWiluXRYUQatBm2Pbs3KdKNU2TXvovi4JWDbBvWscci1JBZt2-BDyUuUp4EtnPckuT4baIsc5pgczcAgfm1ssXBSKhABL-xCo

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0D99 84 KB
34 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVrNY9AcevtWjNpTpHQhg5gD5xh2EHkxRvHoyhjJ8McsWR4afkeMGchrIcEioFB-Cr4uKH2_bOWx3ZhyAof6X85cjimJvsMCaFgMrENSts3TOIY7xc7qLkaNQD97ElWi-f86GSkQBJzZKKF7mPfauLfJP11A&dbm_d=AKAmf-C2EOP4bMSoInolDlbmBosSNKfg0utrtmxhNO-ottux6N1iqQImqqdGrbvL58gKCLvMaIvy276ZiNRMbxQ7zn_u93MGGEvN91qHteyj_RRmPUjHj721YeTZsAKIbU9CgEOJOeUSDF4pN_IdxsUIGZ1i83QvtT63RlKrhnW8qeL6TT1yyh5V4AtnUOTiKq-Nzo9-ej4lJJQwnId-cWYqtSzlmo_5b6zz496kKbBNceNED2OXoZp91qgfwOpcDRq1kuTjYfmy0LBN8HSW-R86CObgH03zqxlzaxbz2_4rWayP3XQagaTicqBOAX4rfp1ZxLvtY9e4eQbncFzhJXDKq7Udh6Dk1zMHvY60LnogLIWd8tp_NulXlnHkTqu9vSr9CpOW2MVTd1-Pq6qEd61HV4lSYBleEzYea2a7eb_Srk0rDEm2Z6iRXzBLePX1viKsO3_li1lG2dDNfrFqnsrk-tFexE2aNSkpqz6uUItBUJj3kDJJVcmjrPiECFeEijHAI5UaedC6Hnb1vyDIiYZ5qu1vYI8OkSfyPaEYsxXRvaiE_47tveG8atduKpGwJ7PP3gCaH8-uZg-z_U5Tekfuy-HN73ppL2W8au6cgquUvX1_CW3pfNMy0SxqU1_dgQ-4-QILIHBQOnNlFIXn3SN7YqEKbYU1CmRtar8wJpRQ_KzRXP0F3d9uCL7XDk2hcH1UXyoHIq8pB-01eeLP0HviR4F6cAASoRnI7nHyE3n-8xPCn586y0Jaq4yQKlTrwVMzvnUaYJzrBmQdKCFTVcjGGIvBpig7JpCcymeeaYiLdDtmqI99ParwjCp_4nOd8I4bxdpT0e-KhpDGlJPOJTJR7wbXPraJkIgZAdTfzBz-IFzOb_lcE_T8BUGrCw8nGBzAZ86Ktfuz5N8N_M8evrHjh-mpLTGzLAiubzp_LzN_qn1Tmcl_xffCAyEAUhSct_azktstXU27sbNgECzFddzG4kOsmVsKZWGtVXCnHIgnb5bW6ForWiMw_FxXzubGIReYNI4I3EB0GQOvBmKARf1G9eNRQrAdEyJPpohawAagavlbvZgkU88KNLWjEOmtFINFTQjFThQf3RmURAi1jVKhmUDcEYtVW0jjBaX5vlYCJMBXpskv-uiH8pwUS3lHGTh49Ho-xvvUISRqvPC1rNL2RMW61IfB1mPEq4UrMN0Axx3Uku-hnH7q9oXfpeFtjvyf17h_noygp8C4rih_ss-42hN8-oVINZ9W_49Qo74Vpp2hIpnMxzEBSYoDzCy1fQi-g6Pppw-sT_esuUoGrsvE4hcBp-wmf7-jan0bDOy6Ry_jxoHOzol0B5beir1jrOnb3VvL4aR4QfljUdtlrimfOJakHWQjP87Aqkp93EpEKMfB8nm4ULss5GZ6CeZwP_CnLgBeTfWV0b-dCN3_RZuekF5CZHVN14Q7J5XVfzGgOgFy0rvTfBJuMQy2kuOFtNpyBLarLiV_eLTxDdmCqnSW-PIbNPVkirYM3jLWS0TaDpEV9bsIpAWr3axSmkIGVMLm4vjN_oaFfMMdFdwfB19Hkg56pfcfublUzsRhyNLavZbAUu5B7OazzCJ70aDPQ9n-LfBKLlatSTs6M0CHmVvDx3nXqiQdzmsblG5DHt0O9XHENSxXpd0e8Pwqsd7xRx5pUolAQ_OMjyXoeD_Q9M0qNksbZMgmC9G0OCQOLvlFcL1aldxcposZwxJHHun-AyaNkdvkLM1eYtCbKFDTJ1bTShnt30OO98xog4nBLrTahO9e0jU-vt41mwLrm5RYUy9bbL2rslAuIKIpcloz6Ud7jZJxPBrfZaUebHuAY3mROMeBOVTgzs3pkVVZTEWI2gHbsRRUzaRrFhtsLEkMQZDr8bQYUQfXYOoLdZEAUi8lcEcW7H9wpTM39lUWsYUJN3kyku6kjb3lW5-weLThzQIS6qG3ii85oEk5D1Jz7rQTFL2WQmjl2ML1Oj9eSFuZaR3y-X9l3R73X1CiUqaOwnhSaCvA4pRYUtDHtb_fWbhapFtComwW5iL0ODwpiAKyYyUvq5bkeBQxOMC0BwuzOT05SaSiXHNg6Y3IAAWSQZfVtZxv-qSpR8nvRCLgKSW9nJLsHe7YhV1HKqwtIU9STFcSdEk66VfXXKLrHnNYUPQvawnKY7WGGe6o4fJLxrtGKKHcZa93vCCYdrplMXU5hiqBtgrAVuiRhvxWZNpZF9R9ivx_0Dzgzi2jwb-mIWy8eA7Pe6iZrMcQef6KrX8u0WNudQAe02UGj_S8DgkBMb0Tbs4UL2WKkuCG7UTABagDmHZ95JZ8Oo8OVi2_6F8o4ZcRiSp-lcpA8UA4xZyhdhKcBinHrmX2qUYzuuoBU1Fa4z309Tr3tXw0EXylVkDA-t1AZDlRLNbqMcdYOLJ87sQePEh9cFD-G-0zIfxRIWA1N4KDCI2GAINp_RdwMLC5sKkqj1KTs8Z6YuFx_MXT2Rtf-2ssfCOVD37iXMUoxomzMmnSh-D7K8yZGagpkL6gKSJZw5SAarCkPEPOMSR58BSu5zM4Kb5LE9EVu-3q7CMhe4SC69xgL_vhS5aIbwPIlxNnt2ufBG5Ricabtj0MNLUH7E0C8d8xK5JgosRlfK8_QvsLrBDcjf65U8Z8jPcJO9u1vpv_wfRTVhZ_c63-gwUCEgI4jJ_Kjznf4Oz8Xrx1_TE310j1oSAOXJAuFlIilbAOaphCabLubfbPzBgiFHouupzxAztD94B16tejz2EEDzgnG3AbzixAnRytykO-r8UD0JtSnjcJAJfzoeYfQQ-ck6uYkGz9Io87_7VKB2S5xRAULQWsiSpUhF0BkHBnIfrPnHCWAp-noYwF-r9oR_18jIPTlrQEGo2UonsrGi36VnN8N9Y2SG5cMEa-nd-EumBOXirE5oAWj6ovV0aMrY4IeuPt10OPT4BxGd7Ybjc7RsO9QPCqtfq6zzhIU8JSk3OeGUTMnWraa7Kq4QPEcjqkfHyH1CcZiHP6lGGBI85XtXbXaZQM_BpEQY4GqKO4mX-TRzbWYosAXs6nqqr2a2iL5OCZ-EW1WpvmYQ7yhJqRB9hMPeD9NzK530EqEUgBjZVRwtnmF6z4AZ3qzFtI8j2WPd_MIATOko7uufMtkJklbnjy6AF2N75UzSYiqqBpeYsxcFMBzJLCITU2hyq2de-JAkJYhzB3gA-Ym2IJ444pRLEtMbqWj6WdiIdHGPzToM95UDnPuJr2O6P6KJKW472XsREU8_xjh1LWQFbVYiDL1FJ5IT5h8awrEohvguWOw3Ij_mvpxiR0rF1vQ-Cn7SqU27beYXFAnotKsnU3BUiUF1xPkO_OqhUdsB8cu3iqtqk8EIuWFJqtNhhBb9SHKPNa_OWtZXKNo6s&cid=CAASJORoBfZNYY_lomI7VKMzyuWOsdvXjCiNdOwdv2Mw1k1txguWvQ&rfl=1%2Chttps%253A%252F%252F1plus1.ua%252F%240

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df4c22817bbfbe8cf4693af5efbc6b598e3211dd8ad123ab70c52e67486f2a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34707
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D99 42 B
63 B 76ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTvg0mJdET4KmJbiR_weR1ikC2gSM-kaZruEFRhxquK_dZ8FayAJPOX0UGGdUwQCBQZ2Dm2LUezzMUeTB5CvW876gYNinsqLT2cFYhg52IbAH5YdA

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 0D99 47 KB
13 KB 148ms
46ms Script
application/javascript 52.51.170.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818610713&campId=15570238777&pubId=1&placementId=396795630&adsafe_par&bundleId=&dealId=&bidurl=https://1plus1.ua/
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.170.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-170-224.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 319a3b588cf5be1f43cee5597080357d7c8a82a8c9e3291fd2e2c5b970baa3f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 0D99 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:15:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D99 138 KB
42 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 02:22:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 0D99 17 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:04:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0D99 0
0 51ms
50ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRX1ve67_j4xu88aDrGRmcv2UEYgUPPHulaTYzDjY7LdIsPest8pblP42aqTWskn6ax13H-p-Taf4CYNfL_DLubCb5LdA
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 6327 21 KB
8 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:14:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6327 8 KB
716 B 53ms
52ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 16 Jul 2022 00:47:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 16 Jul 2022 02:22:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 16 Jul 2022 02:22:30 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame 6327 14 KB
3 KB 43ms
42ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.css

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 14:10:49 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame 6327 354 KB
123 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e91b740e0aebfa7aeeff33dd62379b9920fd9419282ba124be588f8670fec89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 14:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125445
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:52:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 14:10:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 6327 17 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:04:33 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6327 0
0 50ms
49ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwLFI4FcVx7zPPKcAt_D4G0xgawBPN4Ai9z531hbXdm9AikJtmEt6Vk2_xtbGizRQqPOWWxqvo_DvN-dke1B0cR0vZ8w
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E217
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1&C=1

43 B
915 B

104ms
66ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhjfk_iwATAB&v=APEucNWGmF9oGfQMh3RufUnpB__LTYs48kcgFp9OcxiFPkKzaB6x4H_xOvDP6bg8fK8HuTTrlNtYbkWTR_iQomR5TO6UMJHoBcH3H3KtmJvzOgUxI5SbnuI_mKWSWD9P6sGpuSLY_PIwQWJy_hK7TD3z521gwKl9HZHzIhJcInH4CsOF8aeQCtc
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72b7454499457786-LHR
pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iqdZc4tjOs%2F7%2Fl2%2FWeFewTWGzyLE%2BOPlLzetIiC9QNqLFlM7O2uZyHlNr%2BzokD70299xn3ahqQMx0pi5MFbofK%2FHHaZE801I9gNcrEskJzY16zOy%2BfGy1D2K20CdgBNsYXodxlX%2BsCTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BERt%2BvRcsmc5vOPFHPf3HfAiLLhCD9rtyWfMzGzVMYUjI%2BLzbrOYbbyNPIa78FNq3qAO8ExgAXGh445Nc5WHbW74u%2BH%2BUhTzkUVe0luk2lHP2ZG09qINHte2GnxF7Mn1VlqY6BGyGvwhcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1&C=1
cache-control: no-cache
cf-ray: 72b74543f94d7708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E217
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtIg5zvPCuDTTcfGEKs4PAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1

43 B
917 B

108ms
108ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhjfk_iwATAB&v=APEucNWGmF9oGfQMh3RufUnpB__LTYs48kcgFp9OcxiFPkKzaB6x4H_xOvDP6bg8fK8HuTTrlNtYbkWTR_iQomR5TO6UMJHoBcH3H3KtmJvzOgUxI5SbnuI_mKWSWD9P6sGpuSLY_PIwQWJy_hK7TD3z521gwKl9HZHzIhJcInH4CsOF8aeQCtc
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 72b745458a607786-LHR
pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPeeh3k4u0GPBIv5UL8ODTcUwIZ%2FxGar%2BuQXOZr%2BKGYXXGbjZ94j%2BY0RUHMKHtbPm9nHC%2F93OgUw%2BVY36YUH%2BmZpe9mZZdoqMhDKCaPbSbyVSwg%2B662gbcDKCQVtIWSvrPu3YCnrrcEeZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAsoJQ7_MG5RmsIe9EfhP_s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E217
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJRmCT3T4xP0nmgLcQqagJ4&google_cver=1

43 B
1020 B

44ms
43ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJRmCT3T4xP0nmgLcQqagJ4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCC8gEQk4CSAhjfk_iwATAB&v=APEucNWGmF9oGfQMh3RufUnpB__LTYs48kcgFp9OcxiFPkKzaB6x4H_xOvDP6bg8fK8HuTTrlNtYbkWTR_iQomR5TO6UMJHoBcH3H3KtmJvzOgUxI5SbnuI_mKWSWD9P6sGpuSLY_PIwQWJy_hK7TD3z521gwKl9HZHzIhJcInH4CsOF8aeQCtc

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:31 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 43167cb1-27aa-4f22-adf5-4d606d18f2e9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJRmCT3T4xP0nmgLcQqagJ4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E217
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyNjgzOTMzNzYyMzU4NTA5MA%3D%3D

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyNjgzOTMzNzYyMzU4NTA5MA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 16 Jul 2022 02:22:30 GMT
X-Proxy-Origin: 217.138.196.107; 217.138.196.107; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2f0f270b-767b-4d70-8076-22f13ce16bf1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcyNjgzOTMzNzYyMzU4NTA5MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7B27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0GD11bxSkcS6m4vgoG3nM&google_cver=1

43 B
114 B

32ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0GD11bxSkcS6m4vgoG3nM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY7r2avQEwAQ&v=APEucNW_iaKwnKEqXXjjBatR7FfnyIGT3ovtCNTOtL7TD3CeF59N-IbJOrtaXMKR3vcmNRAKZsnw_cTaVIWg8scWiluXRYUQatBm2Pbs3KdKNU2TXvovi4JWDbBvWscci1JBZt2-BDyUuUp4EtnPckuT4baIsc5pgczcAgfm1ssXBSKhABL-xCo
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
via: 1.1 google
server: OXGW/485d39a
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO0GD11bxSkcS6m4vgoG3nM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7B27 43 B
131 B 73ms
32ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY7r2avQEwAQ&v=APEucNW_iaKwnKEqXXjjBatR7FfnyIGT3ovtCNTOtL7TD3CeF59N-IbJOrtaXMKR3vcmNRAKZsnw_cTaVIWg8scWiluXRYUQatBm2Pbs3KdKNU2TXvovi4JWDbBvWscci1JBZt2-BDyUuUp4EtnPckuT4baIsc5pgczcAgfm1ssXBSKhABL-xCo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/485d39a /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
content-encoding: gzip
server: OXGW/485d39a
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7B27
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESECYJGNPHAWVC2nkrhK6hkMk&google_cver=1

23 B
172 B

169ms
71ms

Image
image/gif

104.90.105.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESECYJGNPHAWVC2nkrhK6hkMk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY7r2avQEwAQ&v=APEucNW_iaKwnKEqXXjjBatR7FfnyIGT3ovtCNTOtL7TD3CeF59N-IbJOrtaXMKR3vcmNRAKZsnw_cTaVIWg8scWiluXRYUQatBm2Pbs3KdKNU2TXvovi4JWDbBvWscci1JBZt2-BDyUuUp4EtnPckuT4baIsc5pgczcAgfm1ssXBSKhABL-xCo
Protocol: H2
Server: 104.90.105.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-105-115.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 16 Jul 2022 02:22:31 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESECYJGNPHAWVC2nkrhK6hkMk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7B27 23 B
172 B 219ms
69ms Image
image/gif 104.90.105.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQmYSshgMY7r2avQEwAQ&v=APEucNW_iaKwnKEqXXjjBatR7FfnyIGT3ovtCNTOtL7TD3CeF59N-IbJOrtaXMKR3vcmNRAKZsnw_cTaVIWg8scWiluXRYUQatBm2Pbs3KdKNU2TXvovi4JWDbBvWscci1JBZt2-BDyUuUp4EtnPckuT4baIsc5pgczcAgfm1ssXBSKhABL-xCo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.105.115 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-105-115.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 16 Jul 2022 02:22:31 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 6327 0
327 B 534ms
182ms Ping
image/gif 2607:f8b0:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l5n9kgmn&c=5553670833757&slotId=2776835416878.5&qqid=COidkPSs_PgCFW7ruwgdXs0I4g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:814::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6327 9 KB
9 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 366767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 20:29:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6327 15 KB
15 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 400483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jul 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6327 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CxfK85iDSYuiSGu7W7_UP3pqjkA6v8MGRaoS4s5nFEPAuEAEg_f-FI2C7hoCA0ArIAQWpAreNqP_56LM-qAMByAObBKoE2QFP0BospeWk0qtz9kv1OXxcfp3PATeWbvSIuYuJoHH_6gDmcIAPGlAqBox0Cnr16Ep1JstjjWydCS3gR52q1bozkO2sQ9fJrDqOupZ0MGlmrLBC3eutUoapzGeH2F7d20KvLuYI8_7yxitFpqKAmhnv9XulSJxUaf-ZCLIZKe5WX8ey8TxlB-YCNtDxiWOYve9AgF7EUxHUtWDdXTksfNuUwU-veap5T9iNzUT0tzY743YRpqLJ_DvayXv0YOZbgj5y0qzxunM4XyaJ9-wU11HsBmaqg48L3mxNwATy4sTciATgBAOQBgGgBnmAB4O0mW2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE96U7Q_QEwDYEwOIFAfYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1657938150964&ai=CxfK85iDSYuiSGu7W7_UP3pqjkA6v8MGRaoS4s5nFEPAuEAEg_f-FI2C7hoCA0ArIAQWpAreNqP_56LM-qAMByAObBKoE2QFP0BospeWk0qtz9kv1OXxcfp3PATeWbvSIuYuJoHH_6gDmcIAPGlAqBox0Cnr16Ep1JstjjWydCS3gR52q1bozkO2sQ9fJrDqOupZ0MGlmrLBC3eutUoapzGeH2F7d20KvLuYI8_7yxitFpqKAmhnv9XulSJxUaf-ZCLIZKe5WX8ey8TxlB-YCNtDxiWOYve9AgF7EUxHUtWDdXTksfNuUwU-veap5T9iNzUT0tzY743YRpqLJ_DvayXv0YOZbgj5y0qzxunM4XyaJ9-wU11HsBmaqg48L3mxNwATy4sTciATgBAOQBgGgBnmAB4O0mW2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE96U7Q_QEwDYEwOIFAfYFAHQFQH4FgGAFwE

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6327 22 KB
15 KB 156ms
68ms XHR
text/xml 108.177.15.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DH-eD9JrPT9ZSMrB4NWATRJke2ncxp13hsPuYQRkTVY9DBRYbLXxNdC6f8DZbNk4VnDUEdLK6h6LbQfcyYT_DAvgRcFQ&cry=1&dbm_d=AKAmf-DZUbNAchP0mkoroBwpmmFtPMX3e-I1cJtyvXbl8aAOipAUI76WM4cCfG1HywChwUgY6HEYr4Aff2cr2AP3COwUSDcbFgFYsbpXcqBmEk3rMcvlwyQOlvEWIVaiubg4WPb5P2KRtZ74Q4F0-_OEhUflLPz24ql6Ns2vOJ39baOWfTt3JOHxJE9vnOl5vXwROfEXV_97WpeavY8PA8JARGUiMo5vudJ2nRNYPz_k7FeAFGQDmhY7lvlp2tu-rVUFUL_R7zP0ksdI_lSDKIpcbneuqSmnj_itrnBNyjaeMCd5A0vp00U_GzdMi1F4ur3Xcv3KxldDmSJY_NIsKtSOh_sdBj2_psdx6cjz_GrKnwjcUGriVOK9tne20HpfUEX4gFrp2waxEtmiAXN-56fedUmmaFlGlit3q0hEYQyFfivuWLXQ6z_4axA4oCAE6BCBjvRE4IIBizjfVB5LoZxgdQoQAY2mvGW2Kn-e4La-WhBMoi0XAN4mpdVgTjpfHldc9dNX0HLHY2XsWrru2Sawr2cduV3vSePBkx08pTdrmxgnQXFOj_1Ot9XhIjgbzEn8yxPK7yNNV1-dSp0ycV_5lXZNX1ESxaKZrcHrhDLsea4JFD00qiDxISaGP30MCH67lln_FxXdnZWOvntQxyT4P2jPzMuQIz-WuvSolb1T-tMSLi0y-5zUXJHHFL6FDAXpZtK2Q7kbBfO1WEtIuH8OOMx6q0WsBBU-_SbntI5bDP3bXxhohJVPMIbDAlORVrhVsAsAFksjTejFg3iC5LzYWnAYyH0TW0RY2blSYgd0FaoZSsf2zNEgL4FDeL2dON6cowEYjgPpPVXc4gwNokmkCIOR_jUWVbdD82C_1sRGIOZbH1jEq-AaL_VkysWkmkliH4RtlZrMQNBY-Za4hM-VotSk7O4fWj4cMVJQiAb-Tz2eLjB4lkLZleIMeeQk8paiDPFrjui44d0Ds7HGZETvdNmg1tEHvMrA7Hux5Me1z7QIFaOW50PQ0wRCS69LrP_Ksa7i5oSsArA6M6C_fgdJ-XYAxWyuD-YpcFqUIyOceMXexDipQMZIFfWmRTFJdyZsbuzwaRm3tXBgLtw6mlt2JQNe07HRPa-DRlTYchUaMWxCR6UhvtMYLxu7MvWUDoWQak_Olpzcz95gZQ_irHHYP0GCt6ULvKYTHfSCKhR2bdy1X3z5T4MyPDNtWxgiz_wF9dkoRPzDRc4yuqwUZjX4l0xzcOgiHmESFfpUrNFG1Uc9TUq5XSO6hLIp6UAkgzkfQwLanTJS9pKcmpvALXHjqjTWBljOocXcOm7fC66P5e-0SESVmlP8Z0kCQNvBPOI7eiIMl_yFzhl_VFR7hvW5B6xrkGYNOjAFRcBVaOn4ZpX4kQ0f_M1nQdnJX78tp1ZSgZcHkuGLv4_QRO9ycH2oxYryiJsI9rb78HRB8271EvJwE_jqEbJ9E0SFKCHFByHNxWzN34Cmv_P0kq5DAA8SLVeoLzCB4LYv7FcW0gnHaHYMxCfZIIoNBJlojDRff6IKILSepWCshnV7gk4Fb_nezjhSNzytFjQWm9yTGkx0n3CzhtcpB6hldIJjCTjn9nLt0VZvj6lAR5obtB3IjuvCAtOZmADsPxHUcsxI5DLWpM0IdvOUm78rCJI9X1aOhuclXsHXFvgfdzll-RzAvukpdcCzJkq1XoiOL7Fdj1yz1V1jZ8FurbABqFr4v_nKb-mF0BIJx34AWAunh5NBLYX_m02P4QytyUSQ3x7RPccx7RDghM3OnAI4taKAD9yHeNjIRIYTgITGNnb-HrL6bXMx7qjZ5m6XNfHMOcx1LykzJunf5ZYY-dv6ygDORBkjulTGolELuw3nXlQHdEUMghQhWKAR0wmtGXZlVuvxY9xw8q2TpfuNiwuy-OtaY-N_BZygYu9fLlNBrLp7pcrir-NFqGMnHnSMjMcoHOmpeI8YgOuIIURn57d3COf9HZfgwCgVdCW2XqwB2V3fnAQQxnG1TcJHeQ4g-Vykw2lg23RADPvAIaiG4Df7dSyl0EDuxhdscUUdf3J10CazJRk_jOIxDlRORnXJK58mxDNPNGn5w6zTUzOpAfhjgAIfQ6RBO3ppkdJSOHBe_0yGkOixT-42-nYXEaFo9GfSFMgXFnGligDhwS45NVWDW1HDN8qZXWrNJU3lrxJx-9VXFsuVwyxDj-MP-1B7QedaqqhkPxL2ZDseghHyXWSNCwP38V1ROlg2NoVAQhugfLLmixlyoaK7eHueBYz92j08qJ3twVgyHHv2k7tvM7bUQ8LjA8m7NjhgK5IFzZ67pIzPfSA77mO9XJVyqzFHQmM2bLvsey_HZkaefDjHetJqsuL5g1e6oGo7tZ__e-vTL4kBPK0hwXlElJim6NCY_sOfEdzU25XefikbAqNceE7FjShEgFNSG51YlUp8HEpOf3cjQkA_7WQZ7rT4jeilSJPg6gUKMkIIgwHGaVzZSeCZJPPaWn3jZSFA95hqKROAXGBYgScXwFOEjnEGjnYNKUrpMBNnHjyDbKE8tO1GZXl3KbX9AB6y5lUi_3ZtOcfjVrxPkCadHSQY-VI40O6mgAlCTYtSWx4HRHLTSRGB5HiGp6BttRsc_dt-BhqwbmHRqWm6EuvC4XlwL-UF3jkHa4tx64pcEVW6TQ2diLs2IuwKhb7l_LVEecT1JomPyrLPH2Qsf65tZEn7Suomv5mB16e_QTCy2nKLbTLKLitsNS-45mvQ3e3wQ885MsDodQfPSJpTuNZuL-_emfhX5soy6QxW_VWyurNfEc0DP_tEW_wexwzqj_RNucsfijh0JRHQMVZTKaI6UqRqDQn93tGg3YOBATIWLD0T6JErejtbp-OfwuqcMSHIRzTRjirq47I-0j0ejPeGLFfxmLQF-rel3WcZrZ_HDMmvb4o4KPgwYSdfnkn_2RL-NoyUQB-O1--jeLFDqAAnDKwUsXmGBdSmYUUH1Nc9lM09y-5ngT94l-D_rPqaZdFfi9q42VAgrznLJACsZTat-IBOdQF-_l5Gy7h2xSlAqxAL2xB4VXiNH74VN94PCLh77IBygawhEajYn8QNFyLVZtVW9JjIQxEL2gdYPrIeBtIQk85SY4mFCQkjTIFYx_9Ijcs2hGtf0MJda5WqHHadE116WyhigGe5E_A4RIWE44dTivfa84qbglQMQOuN-tXnmZ1hpGxs7w_K_NLqtLtfD29YTyUas5-ZcfGkRE5KmIm4Votkh0Nb83eOPkrsqE0pjo9UqP9uOMzAT7hvyyb7pg7LXrG0o3O5saqo5XamvQXvRYcP7ObtH0XIesXU1uf-lvlUtWOHJWbDlDV-2i1GF6fUcOpCgMcdWlCEw3EzhBYRDyP7Y1j0DvasQFaOG8vMKCIq_R_VzdshABfFfewJadRZwUfeuO4fvSGGNOnfqQw-hY6-SWEdsnF6XVYZuRwVoupfgXE9dGiXYi6mh5_Nz0o7kiwrWUt9D1_32oN4nzOn-_QPoGSrfR99Gr8vqc573ieJ_6sivoWt1AE5Mf8klFGLtTQyqq_O1w&cid=CAASJORoCah9eg6fXubMjlD-cfMOk_f4VlnnP2nzxI5BaGUR8VRkJQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f157.1e100.net

Software

cafe /

Resource Hash

414ed1b56ea4fd76dc0d3178f562b0f3419520913ae42052d99509097c06e174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14545
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6327 0
0 82ms
81ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNETG5iDSYuiSGu7W7_UP3pqjkA6v8MGRaoS4s5nFEPAuEAEg_f-FI2C7hoCA0ArIAQWpAreNqP_56LM-qAMBqgTWAU_QGiyl5aTSq3P2S_U5fFx-nc8BN5Zu9Ii5i4mgcf_qAOZwgA8aUCoGjHQKevXoSnUmy2ONbJ0JLeBHnarVujOQ7axD18msOo66lnQwaWassELd661ShqnMZ4fYXt3bQq8u5gjz_vLGK0WmooCaGe_1e6VInFRp_5kIshkp7lZfx7LxPGUH5gI20PGJY5i970CAXsRTEdS1YN1dOXR9EXFSjfnrbvXChyBAXnc3SLRjBINu7FocRsfDx_5J_tQN7jxBRjCtXSDcsxGJY7YqR8AeoBMW0KbABPLixNyIBOAEA4gFmODmrUCSBQYIAxADGAGSBQYIGxADGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnmAB4O0mW2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChC4g0wYh5uOzQHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbAT3pTtD8gTjr-Z4APQEwDYEwOIFAfYFAHQFQGAFwGyFx4KHAgAEhRwdWItOTEzODI0NzY1Mzc1NDUzMxjV2xY&sigh=-UvhUEOLKqs&uach_m=[UACH]&cid=CAQSOwCNIrLMXu1ofJYx1sLVJ4xRe4OsjF2dNJAa8LWALmkiwCHhXQZQ1kh82H-CCNYTpAP_mKvuTWyvrxgi&vt=10
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s28-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5815 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 73084
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 06:04:26 GMT
etag: 48472445140208031
expires: Sat, 16 Jul 2022 06:04:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 2B9A 27 KB
10 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4mBd4d8JL7l8tQdDr4Ouh-8CymhsCUrU4NIih6QBAjGYrw5eSaIdbSnZJhsFC9CcEBjTMXc6JiPdS02dBRMXV0PznPg&cry=1&dbm_d=AKAmf-AvHaFo89ZqyKYm1Mfg-zYEkwTsgjydSYfHoRHQsUK8aq8pDRVA9q7oWbJwbnv-p0fUPkn_WLdTYTnrdVVPrQ83F2xv2fvIfnnN_GbS-zmGsG-Qrhme2mKa7VgHxeiyumjOg4mGeMLnAe1X_EjjDDSeVmXKpjXefStM1GOOUWavUtqmIrWa3a0Zqr--OTwauuudOUS4t9XXpWqxwws-3r0c8G5MsVYtR_eeeDvFbg_wJybL3MLiBcEVADs1E9-peqR8GbYIn8lKNacJEEg4A9ut6py7gD3cKNzDCPJcm1seaVsTZVLt9JvtdFkA1QaHUUQpjvUC0tzJslZSAsyGRqiZV7bIUlFMjwrwpvcbAHBF-w5VmrIxwCdKChqZm1CFnaQiqyOxk3cZ45FmUfkzOJSfpj_ZYizvPNNNiaihoNoJiHwYEkGY675ErhooSitCTfoCZtK7i0ZVy4zVSO-W0gBGhlv7dVLVP_bf4ySVQhGnrs8J89glPQVK9epuZWGkj37rQgZK-mcrmG_fUL-1_v4Gl_r5YECrvG2T52uelYIhq1maQSpNcnrVA4K3Yxw836NVLz2EajRfJCdG1oCdjuJEXsBEWjeZ4Jug_fqheFdeVizAsKd8l5JgiRDev3wdfqII1Erme16P7Tr-LYOkEcGa1AKbJoarW1BHtLp5HWMuftQ-KfDdmsSY-5PsZ7cEmKgqrzED04XEf780GuByWrD0X_QLsudOQg3zZ4X-ipoINd9qNGJksn7lBRLB7hHqOKaZtjoJoYaO63MPfnfNiUW8dI4_s2YomwYAq40aJw0tjvmPGIgFEsLLqnq-huDL1Sx577sOdRtKxvUAcum5MGmKlOHt4jA3fMLPYaGoQJuKxt_3RF6OnfIP3D9wDS-GW59b09M0youk_UIQTd1VdI8ysK_whbGV68G1f2unnks5VJEBuT_yyYzYt_OdA9kiPSiM-6oO3IOE08uPDzPqKBXgJkq4Ve76Xqb43MHQEtVLwVL5rgHr63o8wBm5F_KKR7WZOkTC4GhDqbBcdBu3C-wFtJrqVNx_KLG0u-kautYFfBl9mskMTjFDAzcdNw9g_SAAp2wZPWxQaEdn--XB1dVDLwKAnLmYzP2nbIi448PNeZMvQUR5s4z4eEFonbzjvTkOwhbkbucoChV0uifVAd0qAIOegRkLqVgCPiBVnQp7nDR0lnZGZf2Ny4DRg-tQVxakIIO3jDbpic5C8TAk994pb3I9tP-InMoPgJZbK3D6oGa_KoWIXnBQaZ8oY7cFctUTAjb0jZvLCGmXlqsOA4agY4l4YA7YW6oMdkzlSjFxfvVvn5qm35zRB6PmvErejbBSEVMjRwOaArPjTf03i7gm0u_G7AwaCeGDMEj_WROUaADP1d0wU7A8lYWIHZrX_frRKgltdSWBaALm2CWtnaYehnum9jI3QCsDcsPWxnK3pxxt_8tJ1iY-wGb4LX2YDvwTX_WAlLIg9cfOekd_QO80zHhMkcckQXaTS8Ryyll_muhSuwsepDaq1jb47SJPeWZ0L639CIHv5yzYwrz3LVxD-FykXBIx8b1GqoU1m0o3BNqQKL9aGJ3x-4PmtMsCOFlAUMtYYPlld_V96_3p0aWIZF-k7U6NWDPVRB6Hq_COj7bKFP-LSOz3VUAbd-iKYMeMl11PyyIGeJ-l135G3U9drNiu2pVqvPLdWJe_ryMwJcTSPBfjbA6pop4sVf9k1ZlW3N1W8b4maY7U_Y6usu9S1Y-YMT0LSotaBlzcNeWjPirW3OgKgRa3RDOEZeMHmTwJ3veEtjGwRi3vQUrGrVbhGWjY-QdmNN3PL99FhUA8u_l3d1uMVijKqgpYGgNPXMDQV7L1SlFh37NxV6Roxjxiq63TwvQykIX139zIobQdeX7Wb_hQbXIu5EUnUSLd_uM93TSetA0_1tODC7JG7mluCgsqagbEx4Krl_lTSuETEuU0Om3eoqQhjs14Z9-Nc5idE2pKXTTxzabjbtIkejy4lVTvnqhUDqUKXG43aVroQv1ZYr5xAMPArP8U3xYCq_SSDfq-Y8ibpvC3ydcbMd09BTKWdtEH9X0xYpJMHg_kn0bsV8fF-fxc5mplbQXNmCCFhb63wYU5XQ4SBHFh8FNcHIXMKCJtYW95cYQwYR4W-r9LnA9Qle50rdgt_pbffHVmj7qPrVpt_FjcWrRv_uV_IWHI82DJxbA-91WZrV3h5a7QDUYw36-P6KUxgoKm5asvHN36Jop8KI1r1jOiFPsItR90Aymf-0VbUXLhJ2Lfub-Sendc8Lo0x7cuE-BfzLdSqoy7e2APdwhuOSg6RFv-z0Bhcb4orGSX2KQ5_SDxsic0R5vpCPSuGVz-7dkrZV2XKicRW_oR-dP7cCBXSScOWGU6QlzOCpIDIj5O5MgRHie_9IMZhzbcRpRcSTxJuNutoUoiykvOjLywCXXZ1_8EWfhtF6VV420-AwBZeSwBbsBpll4hU0ha-POtPnL9BRq1rfF61IpEN14Y8a38odsR_GUyXSBb58RHNl7k-zy2Pge_vaa22Ya0TIld99O4USa47rIQndYxPGF-431gusba-NAUfavrnZDxZkiSQLf958EpiZ0M11wnkH4HVI3JnR15VX69nYaAdG3YbMYMXsnpaCHrCmNd1NivSwSm4DF6csLNUOhW56K4197c5JVsJ6nS1vKeuoqBXaYOW0EeemWyE1nfP7j6e5da7ckgC5MGfNDfnurcG_vD31Q6vAZleizy8VgVZESQj3ICFs2dZuXolI8HvzU_kgFhKp8d2ulvgGR4kRsRV8MyFVSJAtDbMgikNCVzdwIvBDt0GrFLkkzgtHpS11sqOvJa_eXqzW_LhQMXZ5_OpVg6cAPNOMTX6FOldSPdsUg4OrfGsa0exD9pKqTsxR44eoDgkF3iuSWMPmJbl6MhumhEjGXHGCntXw-97DKSFkKyNVS4Rpyvhy7HsFdpLzfjfo41I4xBt9UlkMymmqdYxZi0nQeJUP08fbpAxGlj2QTCBqcSZt1Yy3Z0tz2nkHfTiTbh_Keuf3jM7foN1wY7nP-ODkA63x1zfuQlpIklpFjW75L3yvZlqnmmylTMgqllTsav07hTBIFsTEi7_QJExnCIvY2u4I2nD4UzK0Yd9d__ol6Xx1hpDxHYGmku8OPbDylo2SwbJXVdn6wzcTHmBaCCieMTMBegxkuDjGCyVvPzJxPBl2c2XxnrBzi8wNkTzJUah_ejg4gxxnmEz2N9-ui2XCY96GDI13E_CDiSGULdJ1xEtaIRpGpe0xu8Pg&cid=CAASJORoTiErp1OkMHrG1VcBufcaJwsSqUg66d7bROehQg_8SEeHRw&rfl=1%2Chttps%253A%252F%252F1plus1.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:19:05 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 2B9A 8 KB
3 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 01:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 01:01:45 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2B9A 0
110 B 193ms
95ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_n8ueLC0oW3lS_9JP97EZb1Fru_873B1tweIOkYX96ZwQ9LS1u5wJ4VGchS47dPier2kmFZaK1PWFPd7Zzg7h_ZgnzvuACyow92nBLA2gQMHga22tfYpu8qZHWkQDxXBEBEq27tFU63F4Ee_x0hWCLIcnjFVT7P7_71aFMMMgkBQqCSv_lGj2ivjU_9uDngdXsCmmd8WL8p-Z2ZPUP1AIt5oxeXqBaQqzH8yAzhe0YPjhUdAbSPlFangTOyAPozOPuKBGQ7CpBCPQV8BeE6EHYjl8SGK2gGRfJFuG_Y1GdD_HT8kcXrHlaatevoKBCc0VQ1XVdzbAzv-5PFqD91CotFCj4cmhS_gRYmNNZEdPieM-CUBIfIUFhfADzsVLlZJ8a9EHKPVBDXXiofxvfEKk0OKADEQlK47gAwbZomtCpAdQwvo-7qcMUW1ac94LRT4y5GJQ5VaKGWReSEwDN53eGnza2pnviAy0vJIrqtmt1ZtHEyfaekeFSmSUdcIcjz0zAcyVA2rdKg3qf9LIYlQs3yxBw2If5Ev3Hc4fhJtg6CCWko1tCJ4tOnBwztDPvKCWJq8c3ZlRFNe87tE6MoLmrr3jLNH1zr0kfx9JcT511tjezwyZ7Z6ncT6W6hP5RUKpLmVeDOhOH1FbBuzbMEue1Dejrri1KZUMmP9wjjgq6NNY0XI_yFF389ykA_KLPAikOKHG5TFKCGeMq73G0lCS0MupmIFTI7rIL52j0NZjR8ItzH6n8tbygJFm57fVRanCTFOPNjpeNTFLFqkCHc4x21XPBcYnCI075mZOdBfb8sCI3PQtF6okekRgfdkbwTOr7POSygAcp5vioX9GIgEs7A4nVXaibpQrxpWvT42btvPaFAmGGaGq1hr7KSgJ8I6XCXNP8XiSwmsgW_osKI-qHwGo-URIN34JIbe6Du365yVjYJwTIK60D-cU3oVrPlaH_8pUICrH9QdmHjSDhy6DmiUapmruKswbyd9cJEnz92eKStHOWfDeXgJ5BZnwKu4TEVIf73C0mHgE-bVrzuOtufCrdtjby9xPzJymjBoQQUCO-XPSP8sO9aV0ktTBxZZIXWbsZGkyUKmt3MMrHc0obGtFYrFW__rBCsDavrZI5gpLxrkiDjl21XbyiEAXZVsjr718Yw&sai=AMfl-YS1K86eB2nUxfdOqCOV7-jTqQKGNwSdc1BYsdlNtk6oWopmmMmIgxcDyS9NvgblXiNpbU7-giBrEgDns1cMU4_ble9vtZNJwACOgEEKY3KlcDOsNMjT45kk3WdsL9pNVbO1MPcibVqbWnt4U28Er-AjBcRo5W122QTJnKmnTDVLqWxKRXTcG8bOxXc95_zS685_EX2vEPmlBgfbDW2SXQ&sig=Cg0ArKJSzKem1a4aBjRrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220707.74116&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 16 Jul 2022 02:22:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2B9A 41 KB
15 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 20:01:51 GMT

GET
H3 200 1739305612013061591
s0.2mdn.net/simgad/ Frame 2B9A 48 KB
48 KB 46ms
44ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1739305612013061591

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f84409399c119fe995560cadb0b1bda6c311eabcf91917fd5a2a34930f4543f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 05:59:15 GMT
x-content-type-options: nosniff
age: 246196
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48850
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 09:13:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Jul 2023 05:59:15 GMT

GET
DATA 200
OK truncated
/ Frame 6327 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac95eb37dcd9efd57fcaf63e86a650288df7f1681b674f6558aacf7fcfc4d464

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0D99 170 KB
59 KB 124ms
42ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Origin: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 17:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 17:51:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 0D99 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVrNY9AcevtWjNpTpHQhg5gD5xh2EHkxRvHoyhjJ8McsWR4afkeMGchrIcEioFB-Cr4uKH2_bOWx3ZhyAof6X85cjimJvsMCaFgMrENSts3TOIY7xc7qLkaNQD97ElWi-f86GSkQBJzZKKF7mPfauLfJP11A&dbm_d=AKAmf-C2EOP4bMSoInolDlbmBosSNKfg0utrtmxhNO-ottux6N1iqQImqqdGrbvL58gKCLvMaIvy276ZiNRMbxQ7zn_u93MGGEvN91qHteyj_RRmPUjHj721YeTZsAKIbU9CgEOJOeUSDF4pN_IdxsUIGZ1i83QvtT63RlKrhnW8qeL6TT1yyh5V4AtnUOTiKq-Nzo9-ej4lJJQwnId-cWYqtSzlmo_5b6zz496kKbBNceNED2OXoZp91qgfwOpcDRq1kuTjYfmy0LBN8HSW-R86CObgH03zqxlzaxbz2_4rWayP3XQagaTicqBOAX4rfp1ZxLvtY9e4eQbncFzhJXDKq7Udh6Dk1zMHvY60LnogLIWd8tp_NulXlnHkTqu9vSr9CpOW2MVTd1-Pq6qEd61HV4lSYBleEzYea2a7eb_Srk0rDEm2Z6iRXzBLePX1viKsO3_li1lG2dDNfrFqnsrk-tFexE2aNSkpqz6uUItBUJj3kDJJVcmjrPiECFeEijHAI5UaedC6Hnb1vyDIiYZ5qu1vYI8OkSfyPaEYsxXRvaiE_47tveG8atduKpGwJ7PP3gCaH8-uZg-z_U5Tekfuy-HN73ppL2W8au6cgquUvX1_CW3pfNMy0SxqU1_dgQ-4-QILIHBQOnNlFIXn3SN7YqEKbYU1CmRtar8wJpRQ_KzRXP0F3d9uCL7XDk2hcH1UXyoHIq8pB-01eeLP0HviR4F6cAASoRnI7nHyE3n-8xPCn586y0Jaq4yQKlTrwVMzvnUaYJzrBmQdKCFTVcjGGIvBpig7JpCcymeeaYiLdDtmqI99ParwjCp_4nOd8I4bxdpT0e-KhpDGlJPOJTJR7wbXPraJkIgZAdTfzBz-IFzOb_lcE_T8BUGrCw8nGBzAZ86Ktfuz5N8N_M8evrHjh-mpLTGzLAiubzp_LzN_qn1Tmcl_xffCAyEAUhSct_azktstXU27sbNgECzFddzG4kOsmVsKZWGtVXCnHIgnb5bW6ForWiMw_FxXzubGIReYNI4I3EB0GQOvBmKARf1G9eNRQrAdEyJPpohawAagavlbvZgkU88KNLWjEOmtFINFTQjFThQf3RmURAi1jVKhmUDcEYtVW0jjBaX5vlYCJMBXpskv-uiH8pwUS3lHGTh49Ho-xvvUISRqvPC1rNL2RMW61IfB1mPEq4UrMN0Axx3Uku-hnH7q9oXfpeFtjvyf17h_noygp8C4rih_ss-42hN8-oVINZ9W_49Qo74Vpp2hIpnMxzEBSYoDzCy1fQi-g6Pppw-sT_esuUoGrsvE4hcBp-wmf7-jan0bDOy6Ry_jxoHOzol0B5beir1jrOnb3VvL4aR4QfljUdtlrimfOJakHWQjP87Aqkp93EpEKMfB8nm4ULss5GZ6CeZwP_CnLgBeTfWV0b-dCN3_RZuekF5CZHVN14Q7J5XVfzGgOgFy0rvTfBJuMQy2kuOFtNpyBLarLiV_eLTxDdmCqnSW-PIbNPVkirYM3jLWS0TaDpEV9bsIpAWr3axSmkIGVMLm4vjN_oaFfMMdFdwfB19Hkg56pfcfublUzsRhyNLavZbAUu5B7OazzCJ70aDPQ9n-LfBKLlatSTs6M0CHmVvDx3nXqiQdzmsblG5DHt0O9XHENSxXpd0e8Pwqsd7xRx5pUolAQ_OMjyXoeD_Q9M0qNksbZMgmC9G0OCQOLvlFcL1aldxcposZwxJHHun-AyaNkdvkLM1eYtCbKFDTJ1bTShnt30OO98xog4nBLrTahO9e0jU-vt41mwLrm5RYUy9bbL2rslAuIKIpcloz6Ud7jZJxPBrfZaUebHuAY3mROMeBOVTgzs3pkVVZTEWI2gHbsRRUzaRrFhtsLEkMQZDr8bQYUQfXYOoLdZEAUi8lcEcW7H9wpTM39lUWsYUJN3kyku6kjb3lW5-weLThzQIS6qG3ii85oEk5D1Jz7rQTFL2WQmjl2ML1Oj9eSFuZaR3y-X9l3R73X1CiUqaOwnhSaCvA4pRYUtDHtb_fWbhapFtComwW5iL0ODwpiAKyYyUvq5bkeBQxOMC0BwuzOT05SaSiXHNg6Y3IAAWSQZfVtZxv-qSpR8nvRCLgKSW9nJLsHe7YhV1HKqwtIU9STFcSdEk66VfXXKLrHnNYUPQvawnKY7WGGe6o4fJLxrtGKKHcZa93vCCYdrplMXU5hiqBtgrAVuiRhvxWZNpZF9R9ivx_0Dzgzi2jwb-mIWy8eA7Pe6iZrMcQef6KrX8u0WNudQAe02UGj_S8DgkBMb0Tbs4UL2WKkuCG7UTABagDmHZ95JZ8Oo8OVi2_6F8o4ZcRiSp-lcpA8UA4xZyhdhKcBinHrmX2qUYzuuoBU1Fa4z309Tr3tXw0EXylVkDA-t1AZDlRLNbqMcdYOLJ87sQePEh9cFD-G-0zIfxRIWA1N4KDCI2GAINp_RdwMLC5sKkqj1KTs8Z6YuFx_MXT2Rtf-2ssfCOVD37iXMUoxomzMmnSh-D7K8yZGagpkL6gKSJZw5SAarCkPEPOMSR58BSu5zM4Kb5LE9EVu-3q7CMhe4SC69xgL_vhS5aIbwPIlxNnt2ufBG5Ricabtj0MNLUH7E0C8d8xK5JgosRlfK8_QvsLrBDcjf65U8Z8jPcJO9u1vpv_wfRTVhZ_c63-gwUCEgI4jJ_Kjznf4Oz8Xrx1_TE310j1oSAOXJAuFlIilbAOaphCabLubfbPzBgiFHouupzxAztD94B16tejz2EEDzgnG3AbzixAnRytykO-r8UD0JtSnjcJAJfzoeYfQQ-ck6uYkGz9Io87_7VKB2S5xRAULQWsiSpUhF0BkHBnIfrPnHCWAp-noYwF-r9oR_18jIPTlrQEGo2UonsrGi36VnN8N9Y2SG5cMEa-nd-EumBOXirE5oAWj6ovV0aMrY4IeuPt10OPT4BxGd7Ybjc7RsO9QPCqtfq6zzhIU8JSk3OeGUTMnWraa7Kq4QPEcjqkfHyH1CcZiHP6lGGBI85XtXbXaZQM_BpEQY4GqKO4mX-TRzbWYosAXs6nqqr2a2iL5OCZ-EW1WpvmYQ7yhJqRB9hMPeD9NzK530EqEUgBjZVRwtnmF6z4AZ3qzFtI8j2WPd_MIATOko7uufMtkJklbnjy6AF2N75UzSYiqqBpeYsxcFMBzJLCITU2hyq2de-JAkJYhzB3gA-Ym2IJ444pRLEtMbqWj6WdiIdHGPzToM95UDnPuJr2O6P6KJKW472XsREU8_xjh1LWQFbVYiDL1FJ5IT5h8awrEohvguWOw3Ij_mvpxiR0rF1vQ-Cn7SqU27beYXFAnotKsnU3BUiUF1xPkO_OqhUdsB8cu3iqtqk8EIuWFJqtNhhBb9SHKPNa_OWtZXKNo6s&cid=CAASJORoBfZNYY_lomI7VKMzyuWOsdvXjCiNdOwdv2Mw1k1txguWvQ&rfl=1%2Chttps%253A%252F%252F1plus1.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 01:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 01:01:45 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 0D99 27 KB
10 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 02:19:05 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 5815 0
104 B 342ms
82ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKwOf1u7Ztyn54wftwqL9RM&google_cver=1&google_push=AehlK4DkNqgw1Ceg5Ti1_DE6FPJwnqW1iBSoTRo82PMf-_EdHhPBOsaytjNGVD6CtK6YHrZw-_D6vMwO_l_toCe9VbBkj6h0AzM
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5815
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC2QqzOaY3XMMwC6JItwcnI&google_cver=1&google_push=AehlK4DOzuzJoTl0k5PtLiihxi6NJJVon9X3CPkWJ2ROIR98i81GuHkzYL3Bt81333nfc8HEk9KRwyrYPGkGtm...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMDc5MDEzNzMzNzczOTQwNQ%3D%3D&google_push=AehlK4DOzuzJoTl0k5PtLiihxi6NJJVon9X3CPkWJ2ROIR98i81GuHkzYL3Bt81333nfc8HEk9KRwyrYPGkGtmSQum...

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMDc5MDEzNzMzNzczOTQwNQ%3D%3D&google_push=AehlK4DOzuzJoTl0k5PtLiihxi6NJJVon9X3CPkWJ2ROIR98i81GuHkzYL3Bt81333nfc8HEk9KRwyrYPGkGtmSQumWWBRa2dzU

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEyMDc5MDEzNzMzNzczOTQwNQ%3D%3D&google_push=AehlK4DOzuzJoTl0k5PtLiihxi6NJJVon9X3CPkWJ2ROIR98i81GuHkzYL3Bt81333nfc8HEk9KRwyrYPGkGtmSQumWWBRa2dzU
Date: Sat, 16 Jul 2022 02:22:31 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5815
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF_qpagnk2H6XiMi1I5y9jM&google_cver=1&google_push=AehlK4CxTihTxl8ok2j3u1aON2QPBJGjiV9KxUk4TrXELdBDbTmI53ahXQLCjNM34gr9EHso7iD_QPlBzeJGmrdJQbzSS9V...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CxTihTxl8ok2j3u1aON2QPBJGjiV9KxUk4TrXELdBDbTmI53ahXQLCjNM34gr9EHso7iD_QPlBzeJGmrdJQbzSS9VHsR0&google_hm=MjAwNDI3MjI0MDI0MzYxMjE0

170 B
188 B

69ms
69ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CxTihTxl8ok2j3u1aON2QPBJGjiV9KxUk4TrXELdBDbTmI53ahXQLCjNM34gr9EHso7iD_QPlBzeJGmrdJQbzSS9VHsR0&google_hm=MjAwNDI3MjI0MDI0MzYxMjE0

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 16 Jul 2022 02:22:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CxTihTxl8ok2j3u1aON2QPBJGjiV9KxUk4TrXELdBDbTmI53ahXQLCjNM34gr9EHso7iD_QPlBzeJGmrdJQbzSS9VHsR0&google_hm=MjAwNDI3MjI0MDI0MzYxMjE0
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5815
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC1BuGX46FwXUWenJsMlhRw&google_cver=1&google_push=AehlK4C20Apgww_MFZfGkWTNz8URts9CCiU7H9bAn5ZAGkFuSsNXyqoA_Di1S591al97fBk_Pd6gI2LE...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC1BuGX46FwXUWenJsMlhRw&google_cver=1&google_push=AehlK4C20Apgww_MFZfGkWTNz8URts9CCiU7H9bAn5ZAGkFuSsNXyqoA_Di1S591al97fBk_Pd6...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExMDgzOTA0NzcwODYyMzE3NQ&google_push=AehlK4C20Apgww_MFZfGkWTNz8URts9CCiU7H9bAn5ZAGkFuSsNXyqoA_Di1S591al97fBk_Pd6gI2...

170 B
188 B

62ms
61ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExMDgzOTA0NzcwODYyMzE3NQ&google_push=AehlK4C20Apgww_MFZfGkWTNz8URts9CCiU7H9bAn5ZAGkFuSsNXyqoA_Di1S591al97fBk_Pd6gI2LEcTHtz1VBWSPNJfp1DoE

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODExMDgzOTA0NzcwODYyMzE3NQ&google_push=AehlK4C20Apgww_MFZfGkWTNz8URts9CCiU7H9bAn5ZAGkFuSsNXyqoA_Di1S591al97fBk_Pd6gI2LEcTHtz1VBWSPNJfp1DoE
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5815
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC1BuGX46FwXUWenJsMlhRw&google_cver=1&google_push=AehlK4Bxc7EsxBbe2EJxKdVe0a-4T676lVuiODgj9tCixDKdkEQiI6BVLWe3Tbm0D8CPW9H5c05xwwcF...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEC1BuGX46FwXUWenJsMlhRw&google_cver=1&google_push=AehlK4Bxc7EsxBbe2EJxKdVe0a-4T676lVuiODgj9tCixDKdkEQiI6BVLWe3Tbm0D8CPW9H5c05...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzEyMjA5MDAyNjA2MjM0MjIyNg&google_push=AehlK4Bxc7EsxBbe2EJxKdVe0a-4T676lVuiODgj9tCixDKdkEQiI6BVLWe3Tbm0D8CPW9H5c05xww...

170 B
188 B

61ms
60ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzEyMjA5MDAyNjA2MjM0MjIyNg&google_push=AehlK4Bxc7EsxBbe2EJxKdVe0a-4T676lVuiODgj9tCixDKdkEQiI6BVLWe3Tbm0D8CPW9H5c05xwwcFHR8XdNkcgFDbArImCok

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzEyMjA5MDAyNjA2MjM0MjIyNg&google_push=AehlK4Bxc7EsxBbe2EJxKdVe0a-4T676lVuiODgj9tCixDKdkEQiI6BVLWe3Tbm0D8CPW9H5c05xwwcFHR8XdNkcgFDbArImCok
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 5815 0
75 B 773ms
37ms Image
text/plain 185.86.137.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMrfKFe2pfB6NMbkLn-HY_w&google_cver=1&google_push=AehlK4BHRguRGBy-zi-LH4VlpzLCM1YpHE_H2pSe3AkWvlCllYz621refJquNcEqMmSqUUpoY6dE8b-MgbPHtZl-1zSNw38zkHw
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
content-length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 5815 43 B
65 B 51ms
48ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEEcE1vXTfNk7-MxVpUDtPm8&google_cver=1&google_push=AehlK4AYSRqo2bFfe2l1bRvEAqN6dJZya3bEzjg8EfiF1rYV-JRBJSwKu7frJKhOIhvhNKPO-pvQ77fDnirjPai21DBgBz09isw

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Jul 2022 02:22:31 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5815 0
12 B 53ms
51ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDEeysnEJzYG7lqnhgO1p7DIglSQMwya8If7oCBXLnUm3TffPMgVN03WOz3KEadvTjkAzfOg

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8384 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 73085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 06:04:26 GMT
etag: 48472445140208031
expires: Sat, 16 Jul 2022 06:04:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2B9A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51d7b1889eb4cbab86a7effb15366991ecf65f7e526c15c2c49c1db37e9b05c5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA85 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 24280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 19:37:51 GMT
expires: Sat, 15 Jul 2023 19:37:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2B9A 0
575 B 95ms
81ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D99 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jul 2023 20:01:51 GMT

GET
H2 200 main.gr.19.8.327.js Show response
static.adsafeprotected.com/ Frame 0D99 186 KB
60 KB 144ms
49ms Script
application/javascript 2600:9000:223f:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.327.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818610713&campId=15570238777&pubId=1&placementId=396795630&adsafe_par&bundleId=&dealId=&bidurl=https://1plus1.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa9efa00a715700d9dd94213288ca6924c7057dd521206c6d88b314bf096d788

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 21:30:35 GMT
content-encoding: gzip
age: 103916
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Jul 2022 19:13:43 GMT
server: AmazonS3
etag: W/"29895ca47eaa0e27860bfbc1ef717cee"
vary: Accept-Encoding
x-amz-version-id: nYToAbGY_e3UFYoC.y1N967wxOR7g6s.
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: _fsWA3EKzB7CdNAt1Ar194TDCriUWRnBcvhtAXQ8am4_EMc51pWDyg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4381 1 KB
749 B 42ms
41ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 73085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 06:04:26 GMT
etag: 48472445140208031
expires: Sat, 16 Jul 2022 06:04:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0D99 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 921d1a007ed338c58653674c27ca41d12d93b48d73b77372f28b6fac4fb7894c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8384
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAaaRbcXFrqDQ1tPJUOLhtk&google_cver=1&google_push=AehlK4DBTdLaDyyJnLZZvPykRCkAltqZNRcufG4T5SN9KOqqHh-T3S48Vk...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DBTdLaDyyJnLZZvPykRCkAltqZNRcufG4T5SN9KOqqHh-T3S48VkbUfoWkuzhn1-38Xn5nrt5gjIFso41z3MInry4kUTO3&google_hm=v5gyo6uZkYJQ...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DBTdLaDyyJnLZZvPykRCkAltqZNRcufG4T5SN9KOqqHh-T3S48VkbUfoWkuzhn1-38Xn5nrt5gjIFso41z3MInry4kUTO3&google_hm=v5gyo6uZkYJQHOpBEAau7A

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4DBTdLaDyyJnLZZvPykRCkAltqZNRcufG4T5SN9KOqqHh-T3S48VkbUfoWkuzhn1-38Xn5nrt5gjIFso41z3MInry4kUTO3&google_hm=v5gyo6uZkYJQHOpBEAau7A
pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8384
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKgkLrea0kC3fIIv8rmdsv0&google_cver=1&google_push=AehlK4ANW0vMbXgR1vb1NuOfMhNPFGSFazY4CxV0ilgCMO9kNmddCbP9Kj3lbsijeNZV0VeiyiKO0zB81T8z-RBFnA_Nfxlf9MvS
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9329591B23704CC088FB1714D6430DFA&google_push=AehlK4ANW0vMbXgR1vb1NuOfMhNPFGSFazY4CxV0ilgCMO9kNmddCbP9Kj3lbsijeNZV0VeiyiKO0zB81T8z-RB...

170 B
188 B

53ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9329591B23704CC088FB1714D6430DFA&google_push=AehlK4ANW0vMbXgR1vb1NuOfMhNPFGSFazY4CxV0ilgCMO9kNmddCbP9Kj3lbsijeNZV0VeiyiKO0zB81T8z-RBFnA_Nfxlf9MvS

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9329591B23704CC088FB1714D6430DFA&google_push=AehlK4ANW0vMbXgR1vb1NuOfMhNPFGSFazY4CxV0ilgCMO9kNmddCbP9Kj3lbsijeNZV0VeiyiKO0zB81T8z-RBFnA_Nfxlf9MvS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Fri, 15 Jul 2022 02:22:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8384
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPZ7q64XwWLshKq4pHoSxpc&google_cver=1&google_push=AehlK4CfbuLpDcSuNZOtRmkDqtCxBjXc2uU8oqAmreKdWGFBQqn9avSFarBFQfmL5KX03mYJ7Uz5fHlz-C1Uh9uEgWgW...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPZ7q64XwWLshKq4pHoSxpc&google_cver=1&google_push=AehlK4CfbuLpDcSuNZOtRmkDqtCxBjXc2uU8oqAmreKdWGFBQqn9avSFarBFQfmL5KX03mYJ7Uz5fHlz-C1Uh9...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336719249380487&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CfbuLpDcSuNZOtRmkDqtCxBjXc2uU8oqAmreKdWGFBQqn9avSFarBFQfmL5KX03mYJ7Uz5fHlz-C1Uh9uEgWgWSaMclsLc&google_hm=Pta-iEIhRUWarQYXqlS7eg==

170 B
188 B

53ms
53ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CfbuLpDcSuNZOtRmkDqtCxBjXc2uU8oqAmreKdWGFBQqn9avSFarBFQfmL5KX03mYJ7Uz5fHlz-C1Uh9uEgWgWSaMclsLc&google_hm=Pta-iEIhRUWarQYXqlS7eg==

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4CfbuLpDcSuNZOtRmkDqtCxBjXc2uU8oqAmreKdWGFBQqn9avSFarBFQfmL5KX03mYJ7Uz5fHlz-C1Uh9uEgWgWSaMclsLc&google_hm=Pta-iEIhRUWarQYXqlS7eg==
Date: Sat, 16 Jul 2022 02:22:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 8384 43 B
65 B 51ms
49ms Image
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEOAnp1y544V4foAoQtPhBHc&google_cver=1&google_push=AehlK4AextVbexZP0Dks-pas-mPjk_6tnqQEGCEZmK_yB57djGWmwQz8Jn4MO9zOTdUEm02GTk1Rqzoyo_C2j4StqmzI-EHKiCpU

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Jul 2022 02:22:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8384
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_hm=YtIg5zvPCuDTTcfGEKs4PAAAEbgAAAAB&google_nid=index&google_push=AehlK4C2Xgz9EpdMDQUanPnXdhiZofE6i_5ie...

170 B
188 B

61ms
60ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_hm=YtIg5zvPCuDTTcfGEKs4PAAAEbgAAAAB&google_nid=index&google_push=AehlK4C2Xgz9EpdMDQUanPnXdhiZofE6i_5iedAd58zlblXQ6gVBRaYiLPVzEs_kzHYNGx5eTEyY6WqZO2W2OrHC8l0_WVefuZU

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ph3nUfSOsGF6DYEDlUPjAzWtMPpVpIO%2BFF1iwEtUv8zuwleq%2Fl3qNMCAdi5SZ892HXy67w0IA6r4CH61nDYfVJIEd6gvWzVlMLwpa2tkk36qO2tLxicWOADhofMsliof8jveKEUF7zULHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_hm=YtIg5zvPCuDTTcfGEKs4PAAAEbgAAAAB&google_nid=index&google_push=AehlK4C2Xgz9EpdMDQUanPnXdhiZofE6i_5iedAd58zlblXQ6gVBRaYiLPVzEs_kzHYNGx5eTEyY6WqZO2W2OrHC8l0_WVefuZU
cache-control: no-cache
cf-ray: 72b745454e9b75d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8384
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BetzF8wQT-FygDXg0yvJWkzURVoUBi_UDpqc6fW_lKH82Jsd_jKE0-viIAeWGOkW4dF_poROFxQYm7isaxuyqnsToiUYM&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-e7c81291-e87d-45a4-a5db-15f6e11d4821-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BetzF8wQT-FygDXg0yv...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BetzF8wQT-FygDXg0yvJWkzURVoUBi_UDpqc6fW_lKH82Jsd_jKE0-viIAeWGOkW4dF_poROFxQYm7isaxuyqnsToiUYM&google_hm=A-fIEpHofUWkpdsV9uEdSCE

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BetzF8wQT-FygDXg0yvJWkzURVoUBi_UDpqc6fW_lKH82Jsd_jKE0-viIAeWGOkW4dF_poROFxQYm7isaxuyqnsToiUYM&google_hm=A-fIEpHofUWkpdsV9uEdSCE

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BetzF8wQT-FygDXg0yvJWkzURVoUBi_UDpqc6fW_lKH82Jsd_jKE0-viIAeWGOkW4dF_poROFxQYm7isaxuyqnsToiUYM&google_hm=A-fIEpHofUWkpdsV9uEdSCE
date: Sat, 16 Jul 2022 02:22:31 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe7c81291e87d45a4a5db15f6e11d4821003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 8384 0
75 B 689ms
37ms Image
text/plain 185.86.137.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMrfKFe2pfB6NMbkLn-HY_w&google_cver=1&google_push=AehlK4Dl00Nm2bdhtFG4sv2D4t6gsrOJsW6IkptpoQKroVv9tQUlMSvOoRhb_D0N54ETWPChs9WIMaZ3RcxY59mhIjCXgBOXxR9h
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8384 0
12 B 51ms
50ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ilvn20dGOjr0drardymgVpTNZpuQcPyrZKgfGGJBPRgmwHOpLB__rStpB_tltSRHLnBM5Y

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame AA85 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 07:17:56 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3F21 22 KB
8 KB 42ms
42ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 24280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 19:37:51 GMT
expires: Sat, 15 Jul 2023 19:37:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 r1.62a26dc282e3e1.36686457;cb=1657938150428392 Show response
rtr.innovid.com/ Frame 6327 9 KB
9 KB 430ms
44ms XHR
text/xml 2a05:d01c:1d8:8100:169e:15cb:462f:8154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtr.innovid.com/r1.62a26dc282e3e1.36686457;cb=1657938150428392?ivc_adstxt_domain=google.com&ivc_adstxt_publisher=pub-9138247653754533&ivc_appid=&ivc_campaignid=17275924504&ivc_creativeid=430148999&ivc_orderid=28362746&ivc_dealid=&ivc_publisherid=1&ivc_site=15111889383&ivc_dsp=dv360&ivc_dbmtoken=AD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:169e:15cb:462f:8154 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 04cd4fc06fa51c7b25eb07d55678070f8c4afce2c795efc506f56fbeedcb5eee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
request-time: 1
content-type: text/xml
access-control-allow-origin: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 9209
expires: -1

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4381
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESECZS4yBotVnJe6JQSw4v7us&google_cver=1&google_push=AehlK4ASDryPO-z64AGPKTPcEtGOgjDxwNlpwTr5c_gaG-JGSCWdBkcbTyj9peGGVqPtIvm0JX2EVEOxlNkiuUF7PkTjyKfQXiGm
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM2NDQ2OTI5MTM2MTg1MDU2NQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECZS4yBotVnJe6JQSw4v7us&google_cver=1

43 B
398 B

373ms
42ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECZS4yBotVnJe6JQSw4v7us&google_cver=1
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECZS4yBotVnJe6JQSw4v7us&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4381 0
103 B 220ms
83ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKwOf1u7Ztyn54wftwqL9RM&google_cver=1&google_push=AehlK4Adw4MBejgnMLLUVxEHP6y-kPFgxl1MDLinV6_Avlop0655OuEe02RnDJsGUHCUjfg84P3cLQXxc_T20jkFp516OefVVc15
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4381
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELfSXUoqhHDpZsh5kTmzYGw&google_cver=1&google_push=AehlK4BkdjlkbmRLwPU7f5jooaN_L-yEMF10h6PnTt2v15lJe7jlSYDUuMp68T5QXt5lxlijkWAGAU48D25FGLKX...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3o1i0iDlTgCR-XpLSEoO3g&google_push=AehlK4BkdjlkbmRLwPU7f5jooaN_L-yEMF10h6PnTt2v15lJe7jlSYDUuMp68T5QXt5lxlijkWAGAU48D25FGLKXBrsrpV1I7p8

170 B
188 B

53ms
53ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3o1i0iDlTgCR-XpLSEoO3g&google_push=AehlK4BkdjlkbmRLwPU7f5jooaN_L-yEMF10h6PnTt2v15lJe7jlSYDUuMp68T5QXt5lxlijkWAGAU48D25FGLKXBrsrpV1I7p8

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 16 Jul 2022 02:22:31 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=3o1i0iDlTgCR-XpLSEoO3g&google_push=AehlK4BkdjlkbmRLwPU7f5jooaN_L-yEMF10h6PnTt2v15lJe7jlSYDUuMp68T5QXt5lxlijkWAGAU48D25FGLKXBrsrpV1I7p8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 16 Jul 2022 02:22:30 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4381 0
191 B 135ms
44ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEG7-JnHmLkg4454a7KTpJ18&google_cver=1&google_push=AehlK4DLkSoVAeQz8GquUuEG2sP89J_lLdipQ2reYFIEl4x8jntvQbfE7DjXbj2S2SaJC6BuZxyqc32PFJR9lKXOepWWm83znXGO
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4381
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF_qpagnk2H6XiMi1I5y9jM&google_cver=1&google_push=AehlK4CxvHnsnYYVVSso26gIpv5NFFiMyPKTVYYqO9bvFGxmfyVyB35Ysc8RmS2uQ4HgFnkQYqatTlKueZYPvZiyoENtwfO...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CxvHnsnYYVVSso26gIpv5NFFiMyPKTVYYqO9bvFGxmfyVyB35Ysc8RmS2uQ4HgFnkQYqatTlKueZYPvZiyoENtwfOqf9WU&google_hm=NDAyMTE5OTEyMTgxMDI0Mj...

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CxvHnsnYYVVSso26gIpv5NFFiMyPKTVYYqO9bvFGxmfyVyB35Ysc8RmS2uQ4HgFnkQYqatTlKueZYPvZiyoENtwfOqf9WU&google_hm=NDAyMTE5OTEyMTgxMDI0MjE4Mg%3D%3D

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 16 Jul 2022 02:22:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CxvHnsnYYVVSso26gIpv5NFFiMyPKTVYYqO9bvFGxmfyVyB35Ysc8RmS2uQ4HgFnkQYqatTlKueZYPvZiyoENtwfOqf9WU&google_hm=NDAyMTE5OTEyMTgxMDI0MjE4Mg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4381 43 B
350 B 143ms
32ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEErTxTig-BU44Tl_asjwaYE&google_cver=1&google_push=AehlK4CFcoiUgBKhXQsYlrnb9VSdbPXb-ZJifVDyGMJWpyVCg8QgWhNyCmPUVK5AwnSy9PWt8c8sEh3-lGyRBwA3tYXJP-cTEsFX
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:30 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 30l1aocfv8i8tolsss3183u2gqu6pdq8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4381
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_hm=YtIg5zvPCuDTTcfGEKs4PAAAEbgAAAAB&google_nid=index&google_push=AehlK4C8SQNUDL7OnXCt-iCnGKC-1BOP6wmln...

170 B
188 B

61ms
60ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_hm=YtIg5zvPCuDTTcfGEKs4PAAAEbgAAAAB&google_nid=index&google_push=AehlK4C8SQNUDL7OnXCt-iCnGKC-1BOP6wmlnA-JdveGPTJ-HFDK_DhrenE6Ij3fScZPwiGkM5UG6Kh1xpRqOXdqTTgdzN6HwMD4

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGZITMLGSm4CPvNobFa1bl0bmYl4as7%2Fo0o2zo%2BrIiOGN2cBUDRlzJFepivWhxld%2BOh%2FLZbfRdcmr0%2BC5NPnRT9a1Boj2JaJgQ%2BWNzOawuIIOdlE76t8yUmpEpDjutN42pkqCBJrdm2S%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEEm8J-JbkXytpeaun9g9uw&google_hm=YtIg5zvPCuDTTcfGEKs4PAAAEbgAAAAB&google_nid=index&google_push=AehlK4C8SQNUDL7OnXCt-iCnGKC-1BOP6wmlnA-JdveGPTJ-HFDK_DhrenE6Ij3fScZPwiGkM5UG6Kh1xpRqOXdqTTgdzN6HwMD4
cache-control: no-cache
cf-ray: 72b745454e9c75d1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4381 0
12 B 50ms
49ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPSXDhahnUSIrIeKbhDThkqC9zoqZbZa2_UwKWhLlZirLGlrhiKAf2vqE46kjZHdXB5lKF

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17050711140528819064/ Frame 5393 1 KB
614 B 51ms
51ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

077d73098105bcba9714d377c5495dea5c6ae260c9fd1cb21f79b9efd8707d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 586
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 16 Jul 2022 02:22:31 GMT
expires: Sun, 16 Jul 2023 02:22:31 GMT
last-modified: Tue, 24 May 2022 09:49:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D99 0
27 B 172ms
86ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvfRHrv2YQtv8D1Wvu8G-KzeIKub59Pm9nZWFwxPQzGwFEmHsfgxTSbEaM6WC7RXPtxy7Gmyz2P3yis6-HEfenQ6L9zt2Yqp9ePpsnbO_6FKPfOIjUnzbKVEoZIq_5vIleOdhjAjSiCOMwTK-ob-KuN8H9U4CTDGT5FnKBZagCRvjrcgWkcQl-MpT8gTO0UuB49ZRT7MjygWYDWmspN5kG6e9jtf3PrhKPmkN4fRRNG05IwCLeE6ifExfC1f5hNZGhj-sB4qCuyY3fs9zGrPFRDXijRfvq3cOGNISfHhpXCCixDFpE-cGrownZqq9sy8mF344tNil9z2CWJLiMNYllGqgQoinUkN7CXj8UHJ824f2V__Z7GeN0L6ahx-k-eeO71MFH-VVjcyoVVRFklVvssFFDEz9-5OUCFDVBhSpYVoNyEQ91FG1FG5M9BlMxFowlA9JltmO9RxDI7MUamDAI80MYxGIK9a0uVOakgvbGykD0rFkto7jhEBdaD562wb17DPTi98rpLZkcn8ellGzqQHa9rA55mT2tEuYs0EU3fD2N7gK70oL3vxMPdqcyEnrnovShdyx1p-gPbv5mswXiSK9o7fSjtiqae_W_VevTpBh5RcQ9kts-ydrEpc71xlmA-HK3v9Iza9vdxSnLcAOXmw9EPE7qt91W8IpfEKpJu2vjNj12Q2wygrcBoApGzEoGWMux8g_F5rHgFdHHG9aEOMZDtqRu_jNZ6lQLbuZRnFjlJ5kzq6rVhFHDlBQsaZvM6nVOJdrjDjYxhyU_db6b11YpnJboredcFpXDhxHdBhR1jGVMjGxrUPpCTLOebeKUz7JNV_mVVwxXMhfzDDeUhMi_B-fZlLST103uL8qGYzcsj-SV8FfVDwpZ3aegRfZdi72TEnx0Eppm9w_0xix6l9h0neWExmTY0qap2EEHq9rkawBSLnACugFzkzTrQ-R5iRUAwGwVU5BnBNlvTDWwStJdunKOJebaB8OsrVPx4BVF0SD-u9jMs1GlLeAZxmW0wyI1twUsO6kVtZ2e4KGnH1y2wI5Rw_UuYhfeQ2aO4w9TgqQt7eXP6HsnoxbE14DuesQ7wB9nC2AJFWVz_9YRp5J146lPu10Dv9rDn009uSq5YuiOoDYpz8bWw9QxwguQGlxIAlt1c25l2GWyntWistfAMN3MqAwV5th0PMoKZlP0-LVMHIJxzksW8Lc2QA&sai=AMfl-YQ7e00rVIVNMObjvfKdPtwBn2hf-KuRb_NsjMRxBgVyN3AQs5j484czq_cSPjt1olkVwiBpNni_GnwEfJDQWm1Vh29O6n4J2NhbgkkASpC_-lw3r2oF138ebd-OZ8Rh0dNBlfqgUjguv01E68E3eOToQmNb4k4CZwcQu4dKgHKtwpJk5ILCTk1vGt1Ebo6j7ELIXh4LqEl3u5O1pGC0UQ&sig=Cg0ArKJSzP_JrprInCUUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=202&cbvp=1&cstd=198&cisv=r20220707.29468&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 16 Jul 2022 02:22:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 0D99 43 B
1 KB 270ms
59ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_uk&extLi=26964678&extCr=163170885&extPm=322750361&gdpr_consent=&gdpr=

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 16 Jul 2022 02:22:31 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 16 Jul 2022 02:22:30 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1630
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F21 36 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 07:17:56 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 5393 118 KB
40 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 07:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 07:12:48 GMT

GET
H3 200 preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5393 64 KB
16 KB 83ms
81ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16579
x-xss-protection: 0
last-modified: Mon, 12 Feb 2018 18:09:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 02:22:31 GMT

GET
H3 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5393 112 KB
38 KB 85ms
82ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 02:22:31 GMT

GET
H3 200 en_GB_polite.js Show response
s0.2mdn.net/creatives/assets/2377528/ Frame 5393 88 KB
27 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53657aad91e8acd57b698f1c870b19257b454563162f6ba5fafd0328de064e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28008
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:44:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 02:31:31 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 6D5E 80 KB
21 KB 43ms
42ms Script
application/javascript 2600:9000:223f:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 13004668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: svfvZqANLr6NPcfHH0z6zOGBKT1YQmBeKdohCCimHt6eiLoIyeZDZQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 0D99 43 B
216 B 62ms
61ms Image
image/gif 52.51.170.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925113&advId=818610713&campId=15570238777&pubId=1&placementId=396795630&adsafe_par&bundleId=&dealId=&bidurl=https://1plus1.ua/&adsafe_url=https%3A%2F%2F1plus1.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:32b965c3-fa6c-8f95-c7f3-972e500b4e9a,c:iuCTCT,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5d49f858fd-l7j56,rg:ie,pt:1-5-15,mu:10000,br:c,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:249,mot:0,app:0,maw:0,fm:tbIfwkF+111%7C112%7C113%7C114%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e1%7C1e2%7C1e31%7C1f*.925113%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:271,oid:2503cd83-04ae-11ed-a32c-869a539abfa1,v:19.8.327,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.170.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-170-224.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
220 B 29ms
29ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/460538/hbw_master_298309_4139.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://1plus1.ua
Date: Sat, 16 Jul 2022 02:22:30 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
X-Robots-Tag: noindex

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0D99 43 B
215 B 325ms
105ms Image
image/gif 2600:1f18:1aca:4281:61aa:2c32:4233:52a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=32b965c3-fa6c-8f95-c7f3-972e500b4e9a&tv=%7Bc:iuCTDu,pingTime:-3,time:307,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:270%7D,%7Bpiv:0,vs:o,r:l,t:306%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:307,n:306,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:270,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.600%5D%7D%7D,%7Bsl:o,t:306,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tbIfwkF+111%7C112%7C113%7C114%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e1%7C1e2%7C1e31%7C1f*.925113%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61aa:2c32:4233:52a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0D99 43 B
216 B 321ms
104ms Image
image/gif 2600:1f18:1aca:4281:61aa:2c32:4233:52a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=32b965c3-fa6c-8f95-c7f3-972e500b4e9a&tv=%7Bc:iuCTDv,pingTime:-6,time:308,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:308,n:306,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:270,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.600%5D%7D%7D,%7Bsl:o,t:306,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tbIfwkF+111%7C112%7C113%7C114%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e1%7C1e2%7C1e31%7C1f*.925113%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:1plus1.ua*&br=c
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61aa:2c32:4233:52a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0D99 43 B
215 B 303ms
105ms Image
image/gif 2600:1f18:1aca:4281:61aa:2c32:4233:52a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=32b965c3-fa6c-8f95-c7f3-972e500b4e9a&tv=%7Bc:iuCTDR,pingTime:-2,time:330,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:263,beZ:266,mfA:512,cmA:514,inA:514,inZ:519,prA:519,prZ:527,si:534,poA:535,poZ:548,cmZ:548,mfZ:548,loA:571,loZ:574,ltA:592,ltZ:592%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:270%7D,%7Bpiv:0,vs:o,r:l,t:306%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:330,n:306,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:270,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B53~1,0~0%5D,as:%5B53~300.600%5D%7D%7D,%7Bsl:o,t:306,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B24~0%5D,as:%5B24~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tbIfwkF+111%7C112%7C113%7C114%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b11%7C1b12%7C1c%7C1d%7C1e1%7C1e2%7C1e31%7C1f*.925113%7C1f1%7C1f2%7C1f31%7C1f4%7C1g1,idMap:1f*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:57,readyFired:true%7D&br=c
Requested by: Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61aa:2c32:4233:52a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA85 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxUWy5iDSYsubN-ut9u8P6a6N8AMAAAAAOAHgBAI&bg=!lZalltLNAAaYcLjmuHA7ACkAdvg8WiJZTaqmCYvfP49FZLBIzNg7D7tiZ6Lksv_3aBzG5ULKy7IW-QIAAADLUgAAAAJoAQcKABMMt0vGTI39BvzHKhpVUEt852OQmQLffir4s2yJDyapXxM5inh3zHqfOERsXifH1OYS2h7BL46KUW95CJmqwuYq_k0RhfQa_FOSsx-mCLoOvUe4--byEjjXbJ2QbUsM3AHAsW_fGCUiW6VTrB_Az82zlXYG50msA4POk0Y7bi3WM35CseRpOJSmtIBXJAjseQZyUCp3DMeu7GMcnHAhZV-FSWtmjJ5Hjl-f4BBuud2KHp5nIvsfzJXj3m2ER2jAHzR0sWyewZdhH0410VvDtNTsHK3ImViB60t7lA1YE6DX4AtGea2xbXmHXGb6UVVl4GLJex6OLjBheUhei8HXvzPmbLBhYXge2MLS-PlQFibC_QlEDf35DcV5cZrCIRMeztwWpg0MunNxtkQZ9X5qxgUT8HZSG85fcAfjsAOui-J-W1opNdQRhXyMxBVCF-RDMdN-NrRYXvPm2q84B-YIRvgz3GO42zW2yb0lqZEa6UBpPlGnqavdv6jhP7m1411DpMdQiyBg5LKoZV7Ry0j_YcpEITMpe2U9oaaQoHEpTLezgRSkrOFJdQVTzie-vFNwQ9HPogSiLVKY_L07rD9i5BUxW7iRBQRxV5X-V3XHTGe8oIJmdeod0alRC2Ede2phr5C6FxHRXYEwb49atDgspcFdNzs2JSBOKYNyxwNL1ABUx8D10ZJm_uOVSbMFaLTHTboqKqXkf8K2QwdJ0zimsXfvKqF1p2eSzwaMkgLA4noS5B9dsvFG6qjJB-tAm3oFGWzB9bcqrBd8MdQDJfzxXqhPiiiGmZEREOfTxAz039jzOTwluU-WyOX8_RZreM_ZyhfD8ecC1Gu9BSWFkK_JVhBhcY1DwIV3RPNxQ8QWdKfKlzwVaD59pKDUG_X2FEfBoA7s4YxWBjyheCsX6D6GyvNQj1flFsUnWFZ_u9MO2bOF8spid8kD6FdErXVczqkY897KGg8HDYvJkzAyuBypi5sXggIxeeiedmUJPf-ekNm7Atg_gC4d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0D99 0
26 B 77ms
76ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssvfRHrv2YQtv8D1Wvu8G-KzeIKub59Pm9nZWFwxPQzGwFEmHsfgxTSbEaM6WC7RXPtxy7Gmyz2P3yis6-HEfenQ6L9zt2Yqp9ePpsnbO_6FKPfOIjUnzbKVEoZIq_5vIleOdhjAjSiCOMwTK-ob-KuN8H9U4CTDGT5FnKBZagCRvjrcgWkcQl-MpT8gTO0UuB49ZRT7MjygWYDWmspN5kG6e9jtf3PrhKPmkN4fRRNG05IwCLeE6ifExfC1f5hNZGhj-sB4qCuyY3fs9zGrPFRDXijRfvq3cOGNISfHhpXCCixDFpE-cGrownZqq9sy8mF344tNil9z2CWJLiMNYllGqgQoinUkN7CXj8UHJ824f2V__Z7GeN0L6ahx-k-eeO71MFH-VVjcyoVVRFklVvssFFDEz9-5OUCFDVBhSpYVoNyEQ91FG1FG5M9BlMxFowlA9JltmO9RxDI7MUamDAI80MYxGIK9a0uVOakgvbGykD0rFkto7jhEBdaD562wb17DPTi98rpLZkcn8ellGzqQHa9rA55mT2tEuYs0EU3fD2N7gK70oL3vxMPdqcyEnrnovShdyx1p-gPbv5mswXiSK9o7fSjtiqae_W_VevTpBh5RcQ9kts-ydrEpc71xlmA-HK3v9Iza9vdxSnLcAOXmw9EPE7qt91W8IpfEKpJu2vjNj12Q2wygrcBoApGzEoGWMux8g_F5rHgFdHHG9aEOMZDtqRu_jNZ6lQLbuZRnFjlJ5kzq6rVhFHDlBQsaZvM6nVOJdrjDjYxhyU_db6b11YpnJboredcFpXDhxHdBhR1jGVMjGxrUPpCTLOebeKUz7JNV_mVVwxXMhfzDDeUhMi_B-fZlLST103uL8qGYzcsj-SV8FfVDwpZ3aegRfZdi72TEnx0Eppm9w_0xix6l9h0neWExmTY0qap2EEHq9rkawBSLnACugFzkzTrQ-R5iRUAwGwVU5BnBNlvTDWwStJdunKOJebaB8OsrVPx4BVF0SD-u9jMs1GlLeAZxmW0wyI1twUsO6kVtZ2e4KGnH1y2wI5Rw_UuYhfeQ2aO4w9TgqQt7eXP6HsnoxbE14DuesQ7wB9nC2AJFWVz_9YRp5J146lPu10Dv9rDn009uSq5YuiOoDYpz8bWw9QxwguQGlxIAlt1c25l2GWyntWistfAMN3MqAwV5th0PMoKZlP0-LVMHIJxzksW8Lc2QA&sai=AMfl-YQ7e00rVIVNMObjvfKdPtwBn2hf-KuRb_NsjMRxBgVyN3AQs5j484czq_cSPjt1olkVwiBpNni_GnwEfJDQWm1Vh29O6n4J2NhbgkkASpC_-lw3r2oF138ebd-OZ8Rh0dNBlfqgUjguv01E68E3eOToQmNb4k4CZwcQu4dKgHKtwpJk5ILCTk1vGt1Ebo6j7ELIXh4LqEl3u5O1pGC0UQ&sig=Cg0ArKJSzP_JrprInCUUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=440&vt=11&dtpt=238&dett=3&cstd=198&cisv=r20220707.29468&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5393 7 KB
6 KB 56ms
56ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4b7b283bfebc3217d3674589e8dd557e24471eba105ac32e2352061a64cc2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 Jul 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5789
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F21 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPVU-5iDSYoq1OLW7x_APpaCyqAIAAAAAOAHgBAI&bg=!Tk2lTQnNAAaYcLjmuHA7ACkAdvg8WpWLQupk4s2PPx4ZY2cFjNp4dH28UIEEEAbF8BJkUCY7se-0EAIAAAC1UgAAAAJoAQcKAFuNY6XbGXEztOuUY2gMuFkK6UaTDlI-0s57-n245wCgINNkQZ52Y-YaRkmI2BvcXM2CLdqcIufoT3xL5kubQfgdUTpuEFI9cGHbouaITSKBOGa0Kb69nnogL4OymQLlTKU6QBYK_xhcuGKuwmKGvRaJGFBj2XrapAncsnIXuWyqduK8JEWLVRPm7H93U35WyNzHXPWVhJ1DDix-k-v42mb5_Lx5l6WVMqBzP-VMe0xL9EgKv1W4NLEbngCKJJ2wzwveYTCFmMTtGHxKDadL7elXQ4ZsSYPDnfVZ98SDHeBFZzBRdA_xpCwzWWhEufjWWOsDoYFoi11UeiaaimnvTx_DISF10q809Z6gt73v-cFgaMV8UcyI9MbIbTgc-yVkVBytLh3HnD217bA1uMzu7RN8xo95Hyo4uaJWODO0d8WtYVTD2KFcLEaU5kW0CUQG0VCbJYmHkIzwlL9mgn6LurGMR6Oq24XdstJ46fCxCDIf-akoKemp1319iMxN457BBKim-6fZtI4yztXP9SuabrIbNpWYe6AwPWDRqR9yoHidnO0Y8ZgbnS0sQ2XJSwYYCIi-BKN6XOonk6gLuC7N50Cf0m1w2h0YHL5ajp-pXnIxwq1fiX_fAHzBfoP2dG77EGNVos39vogV_aJXeETKRW9DRi_YLqmuf089n3cyxDbNMwF2SI6icSeavo3ggEi-wRubAf3_3aX2gDFLAeZssgZv260Cux-WJhFjmsUpqRzbC-C6PlU8EFwsownsxnYzomgoBuPuyG4IcBj7jTcidmbBfUbUfSV5hZe84OJS0Bq18-V7FxJid6Qv_kidA7UqtqwcMNfr4ZMYNKM4jF6vXZy4zMvVqI2A-umQ2W33UfmfYtbMcEyKsAM0Du-UTHduL7Nav7IUCN_wh0JR7BiPTodXwuBJoUPv8ED7FHh31-Yb7QLoOjQ4DHS7KQA2SZtuIpXwcMN90bEBdGN_mUSKecu4tnOmmA0ZptFT5i0dUoe1_XxXvEyp8Z6OqscPtyiYPimWpz8KjK_j2kL9gK1pq6l9hvbYcq_zb40G4W7acHG8M2HQWjYFSnMP_Thp8YpBdi-Qe3HD-UCdwpbx52QlSrxPpqF4

Requested by

Host: 50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
URL: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5393 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 16 Jul 2022 02:22:31 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6327 41 KB
15 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 08:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 08:18:39 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6327 0
54 B 477ms
176ms Ping
image/gif 2607:f8b0:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l5n9kgmt&c=5553670833757&slotId=2776835416878.5&qqid=COidkPSs_PgCFW7ruwgdXs0I4g&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=1000&br=800&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=3&vhc=0&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&umsem=0&ape=1&met.4=videopreviewvisible.yr
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:814::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content v_216.kbps800.mp4
s-video.innovid.com/DCO/915882/1654702524334/media/ Frame 6327 33 KB
0 187ms
46ms Media
video/mp4 104.90.105.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-video.innovid.com/DCO/915882/1654702524334/media/v_216.kbps800.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.105.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-105-27.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: _h2rmL8XkqEQtdnUXzpk5tbJ_D0Ko4QF
Last-Modified: Wed, 08 Jun 2022 17:03:18 GMT
Server: AmazonS3
x-amz-request-id: 232Q5Q1F7MZCRCG4
ETag: "a67210db73435e362935f6f2da3452e7"
Content-Type: video/mp4
Content-Range: bytes 0-864645/864646
Date: Sat, 16 Jul 2022 02:22:31 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 864646
x-amz-id-2: yl/x/40wccwmuXiZeYqt76phRtJxRrRVzsQ0b72oxv4YIIaLj56KkYKYDuxf2hr/QZeJSLEc13M=

POST
H2 204 csi
csi.gstatic.com/ Frame 6327 0
54 B 478ms
177ms Ping
image/gif 2607:f8b0:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l5n9kh3y&c=5553670833757&slotId=2776835416878.5&qqid=COidkPSs_PgCFW7ruwgdXs0I4g&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=1000&br=800&mt=video%2Fmp4&vs=640x360&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Frtr.innovid.com%252Fr1.62a26dc282e3e1.36686457%253Bcb%253D1657938150428392%253Fivc_adstxt_domain%253Dgoogle.com%2526ivc_adstxt_publisher%253Dpub-9138247653754533%2526ivc_appid%253D%2526ivc_campaignid%253D17275924504%2526ivc_creativeid%253D430148999%2526ivc_orderid%253D28362746%2526ivc_dealid%253D%2526ivc_publisherid%253D1%2526ivc_site%253D15111889383%2526ivc_dsp%253Ddv360%2526ivc_dbmtoken%253DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:814::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame B654 36 KB
14 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 07:17:56 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 9211 23 KB
9 KB 42ms
42ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 316603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 10:25:48 GMT
expires: Wed, 12 Jul 2023 10:25:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9211 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jul 2023 20:45:25 GMT

GET
H3 200 300x600_NH_D_AF_Savannah-Best-Age.jpg Show response
s0.2mdn.net/creatives/assets/2373736/ Frame 5393 24 KB
24 KB 51ms
50ms XHR
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2373736/300x600_NH_D_AF_Savannah-Best-Age.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8023fe892cbd3328341705e6612e08ea89e1e2395ae9e4a34bdcab7f68dec94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24994
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:00:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 02:37:31 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0D99 43 B
215 B 105ms
105ms Image
image/gif 2600:1f18:1aca:4281:61aa:2c32:4233:52a7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925113&asId=32b965c3-fa6c-8f95-c7f3-972e500b4e9a&tv=%7Bc:iuCTJs,pingTime:-10,time:677,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1657938151758%7C%7C76f16dfa94a4f7930e610a8ce2707e52%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ca7aadbfa143b58007425c52577541ca6%7C%7C2ecf2549152481bb046ca8591fce4bd1%7C%7C563445316ced37b788d4ca3f78268803%7C%7C44053f500cca573bd8b7fc92515816f5%7C%7C08498bca5cdb2d305d52130e8803fefe%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61aa:2c32:4233:52a7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
BLOB 200
OK f9ce546b-7b96-4f6e-a29d-1dd134b50802
https://s0.2mdn.net/ Frame 5393 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://s0.2mdn.net/f9ce546b-7b96-4f6e-a29d-1dd134b50802
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8023fe892cbd3328341705e6612e08ea89e1e2395ae9e4a34bdcab7f68dec94

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 24994
Content-Type: image/jpeg

GET
H3 200 en_GB_imageanimation_NH_D_AF_Savannah-Best-Age_300x600.js Show response
s0.2mdn.net/creatives/assets/3199196/ Frame 5393 40 KB
23 KB 51ms
51ms XHR
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3199196/en_GB_imageanimation_NH_D_AF_Savannah-Best-Age_300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea7ec71f2e3b1f2017fc4581e0bbd10316de4f475c767d0c2ce5eccb2988db82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23657
x-xss-protection: 0
last-modified: Mon, 09 May 2022 13:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 02:37:31 GMT

GET
H/1.1 206
Partial Content v_216.kbps800.mp4
s-video.innovid.com/DCO/915882/1654702524334/media/ Frame 6327 12 KB
13 KB 127ms
42ms Media
video/mp4 104.90.105.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-video.innovid.com/DCO/915882/1654702524334/media/v_216.kbps800.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.105.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-105-27.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 48cea86340e74a11edbcded780ed93b3a8b0d4578b7542a55e8a9ee034a578c6

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=851968-

Response headers

x-amz-version-id: _h2rmL8XkqEQtdnUXzpk5tbJ_D0Ko4QF
Last-Modified: Wed, 08 Jun 2022 17:03:18 GMT
Server: AmazonS3
x-amz-request-id: 232Q5Q1F7MZCRCG4
ETag: "a67210db73435e362935f6f2da3452e7"
Content-Type: video/mp4
Content-Range: bytes 851968-864645/864646
Date: Sat, 16 Jul 2022 02:22:31 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12678
x-amz-id-2: yl/x/40wccwmuXiZeYqt76phRtJxRrRVzsQ0b72oxv4YIIaLj56KkYKYDuxf2hr/QZeJSLEc13M=

GET
H3 200 js-animation_en_GB_imageanimation.js Show response
s0.2mdn.net/creatives/assets/3389262/ Frame 5393 75 KB
20 KB 43ms
43ms XHR
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3389262/js-animation_en_GB_imageanimation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/en_GB_polite.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887bbef2171d49c602ab37b73b95b357191fd804e7f51ba15c15b750126645dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17050711140528819064/index.html?e=69&leftOffset=0&topOffset=0&c=OgPat654P1&t=1&renderingType=2&ev=01_247
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 02:13:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20098
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:44:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Jul 2022 02:28:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9211 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bo1xt5yDSYp6yBcjRzQa67b9YAAAAADgB4AQC&bg=!d3SldDDNAAaYcLjmuHA7ACkAdvg8Wmf46-AKxzyKXxtczpgqVv3cSC3ZXIZ4zxaYXWPXgY8T62D80wIAAABXUgAAAAJoAQcKAEFVAqhyYLyEsB2bGKRKRKKZr8VB1ClwgYI62cvYuDE6NfOy1XSctFeISKL2mgaVgM4Zzu_7QYpfGVhs40G-LLA_gJkC2RrDsu4vhNDDTTumD7BYBR-rU6BipAf9Ya_ldcVj0SYZEYkfFGn6W30TotyBOGY_pOMs_cNYl998vtZPq0ajUuc4usuiH7AHTgIjKI7wU7OIRUjJ_t235M_xZvE8hGU1-DNUVBqDhRFvDworRsMYqxAKM3vHICiBQlaNZ40R2VesGBAMP2Mr_pGWGCcvKZc12OVXxwLLhe4ycyQyDEhlpNHfXi93zhIWMSz4QUuTkkb0E22FB6c4pVhTCm6ekT4V9BkdhNV17xiCiY236OpTA9XK1pFylaafxoANCm87ToJ-TfrP8_aD8H7teZgVfM6AvDJZ03fciFMD2dgiXgfXr6gBAJoGYZJaVdFHlPck58Rg6J8RZTtXVzoAMtuVgL9HnXy_qrUZIXthH3szsozUwGyqkTQrCaQ--_3S6TKKFHkTdJjmq8lFH12_wO6qT-83DT2CsDuwXYe2Ij4SRAqDESKzCWuDtA5BVu7qWAVp3xkt0DWxLsn8h4vaY5-AB1NlTZ5Ns2kBWoFFBnxmH4nFFYS8qm-gY-RMEKu89TEM70FOHlsQ1HJT7y91Evk9UdzJ5wv3v-6iOQdKnSFetpIUN_TH2eF1hSbaay8C1Uppi7b6xN0uEY2QuG3wr1kOo83i6j07UcJZHyAYufBBcQH2FQxGchBOnjZn-GhmMTTdMTAKVVJSPUEj1QvqNVnuGa9ifTKb6owb2FZsWE13Sax0TlHk0T5xQcY1O-tjOUahJnigEc1hjELO4YJiHy9bF0IDjkAfeBjH3ajqZW0iuMfm3uyXeDriww847VEY4wbHlsY3Xg5S8PA5crfa2D14Io2Se5Qn9pJw5ZjBsx4eyfpvQrgkkvNEA3UCIDumnoyW5SfBOkNVfoGw5t7FO_2bzqrl9UXjCD0nB-eBmrmIB9ZzmekA-zdCWCZpPL7-qBzQnWCE6lng65FYU7Luz1-JvOi7yJiMPi7VyK5P3Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NH_D_AF_Savannah-Best-Age;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMIisCu9Kz8-AIVtd0RCB0lkAwlEAAYACDFlOdNQhMI6Z2Q9Kz8-AIVbuu7CB1ezQji;stragg=1;&timestamp=1657938151914;str=LH/NULL/391/amadeusBestPrice/ Frame 0D99 42 B
494 B 171ms
76ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIisCu9Kz8-AIVtd0RCB0lkAwlEAAYACDFlOdNQhMI6Z2Q9Kz8-AIVbuu7CB1ezQji;stragg=1;&timestamp=1657938151914;str=LH/NULL/391/amadeusBestPrice/NH_D_AF_Savannah-Best-Age;strtype=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content v_216.kbps800.mp4
s-video.innovid.com/DCO/915882/1654702524334/media/ Frame 6327 812 KB
813 KB 52ms
51ms Media
video/mp4 104.90.105.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-video.innovid.com/DCO/915882/1654702524334/media/v_216.kbps800.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.90.105.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-105-27.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8f9eb8c6252be15725cfd2b1e8cbf9d17fae9445ac775a4398cff4cbcd98837e

Request headers

Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=32768-

Response headers

x-amz-version-id: _h2rmL8XkqEQtdnUXzpk5tbJ_D0Ko4QF
Last-Modified: Wed, 08 Jun 2022 17:03:18 GMT
Server: AmazonS3
x-amz-request-id: 232Q5Q1F7MZCRCG4
ETag: "a67210db73435e362935f6f2da3452e7"
Content-Type: video/mp4
Content-Range: bytes 32768-864645/864646
Date: Sat, 16 Jul 2022 02:22:31 GMT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 831878
x-amz-id-2: yl/x/40wccwmuXiZeYqt76phRtJxRrRVzsQ0b72oxv4YIIaLj56KkYKYDuxf2hr/QZeJSLEc13M=

GET
DATA 200
OK truncated
/ Frame 5393 16 KB
16 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B9A 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuE8Faq8prr-B5vtTaeiAfPUlLjYC2mtst3UMrQHpmPLMou6aOydU5KhVLcYBAyH4n3fQJAruuzhwQcLeFx9V0EFblpaWhITI4xZJIuPNkUNH4cD-tmJb5w-nKx_McEWKAV76bFmdtiHlp-&sai=AMfl-YSXREcUveBHHAQ6ZXtEGY_V24bJEyiwhAYPZOs9VH-j7CslXgN5raOHn7CZf4ttdx80H8ddOnmdN-tTsezkI17gSiBP9_-3qnAFSUSsacWM8yoc0VJETSzk8CU&sig=Cg0ArKJSzJZ7PAq94SSaEAE&cid=CAASJORoTiErp1OkMHrG1VcBufcaJwsSqUg66d7bROehQg_8SEeHRw&id=lidar2&mcvt=1053&p=1020,80,1140,1060&mtos=1053,1053,1053,1053,1053&tos=1053,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2198103003&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657938150813&rpt=239&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 / Show response
graph.facebook.com/v2.2/ 202 B
617 B 185ms
61ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v2.2/?fields=og_object{engagement}&id=https://1plus1.uahttps://1plus1.video/video/embed/E2fzXbha?l=ua

Requested by

Host: 1plus1.ua
URL: https://1plus1.ua/build/js/app.js?id=ff35a9d53833cf45c98e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1cc8020d98b5c52018e8dc2d506532cc31537332b01daaf46e4b393c6c5008f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1005853794
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: HJLy6xdYi16bwJTIEBjIsTJITi9EsPCcgax5cMGskF7hd09pB6y7jZoESWZFTOw1KFzLnqd1S36jeAruq6LJTQ==
x-fb-trace-id: E9WFkMYdCsl
date: Sat, 16 Jul 2022 02:22:32 GMT
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: AyJnAewa_eI_k6RV6_zGCY-
cache-control: no-store
facebook-api-version: v7.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

1x1.gif
ag.innovid.com/ Frame 6327
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audien...
https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audie...

43 B
294 B

277ms
38ms

Image
image/gif

2a05:d01c:1d8:8101:dca8:6c50:abca:109d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audience_id=30320343&action=play&version_id=216&session_id=39dd10605c4df903984ff064336baf733cf2d4c4&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17275924504%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw%26iv_f%3Dp%26audience_id%3D30320343%26version_id%3D216%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3DManchester%26iv_geo_state%3DMAN%26iv_geo_zip%3DM32%26iv_geo_lat%3D53.4507%26iv_geo_lon%3D-2.3186
Protocol: H2
Server: 2a05:d01c:1d8:8101:dca8:6c50:abca:109d London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audience_id=30320343&action=play&version_id=216&session_id=39dd10605c4df903984ff064336baf733cf2d4c4&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17275924504%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw%26iv_f%3Dp%26audience_id%3D30320343%26version_id%3D216%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3DManchester%26iv_geo_state%3DMAN%26iv_geo_zip%3DM32%26iv_geo_lat%3D53.4507%26iv_geo_lon%3D-2.3186
cache-control: no-cache
content-length: 0
expires: -1

GET
H3 200 dc_oe=ChMI3sG49Kz8-AIVyGjTCh269g8LEAAYACCk-cZSQhMI6J2Q9Kz8-AIVbuu7CB1ezQji;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 6327 42 B
63 B 165ms
78ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3sG49Kz8-AIVyGjTCh269g8LEAAYACCk-cZSQhMI6J2Q9Kz8-AIVbuu7CB1ezQji;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D814000151%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1657938152154;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6327 42 B
64 B 54ms
51ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxfK85iDSYuiSGu7W7_UP3pqjkA6v8MGRaoS4s5nFEPAuEAEg_f-FI2C7hoCA0ArIAQWpAreNqP_56LM-qAMByAObBKoE2QFP0BospeWk0qtz9kv1OXxcfp3PATeWbvSIuYuJoHH_6gDmcIAPGlAqBox0Cnr16Ep1JstjjWydCS3gR52q1bozkO2sQ9fJrDqOupZ0MGlmrLBC3eutUoapzGeH2F7d20KvLuYI8_7yxitFpqKAmhnv9XulSJxUaf-ZCLIZKe5WX8ey8TxlB-YCNtDxiWOYve9AgF7EUxHUtWDdXTksfNuUwU-veap5T9iNzUT0tzY743YRpqLJ_DvayXv0YOZbgj5y0qzxunM4XyaJ9-wU11HsBmaqg48L3mxNwATy4sTciATgBAOQBgGgBnmAB4O0mW2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE96U7Q_QEwDYEwOIFAfYFAHQFQH4FgGAFwE&sigh=mF1fB2eZojs&label=part2viewed&ad_mt=5&acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D814000151%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1657938152154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
ag.innovid.com/ Frame 6327
Redirect Chain

https://s.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audien...
https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audie...

43 B
295 B

276ms
37ms

Image
image/gif

2a05:d01c:1d8:8101:dca8:6c50:abca:109d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audience_id=30320343&action=init&version_id=216&session_id=39dd10605c4df903984ff064336baf733cf2d4c4&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17275924504%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw%26iv_f%3Dp%26audience_id%3D30320343%26version_id%3D216%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3DManchester%26iv_geo_state%3DMAN%26iv_geo_zip%3DM32%26iv_geo_lat%3D53.4507%26iv_geo_lon%3D-2.3186
Protocol: H2
Server: 2a05:d01c:1d8:8101:dca8:6c50:abca:109d London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
server: nginx
content-type: text/plain
location: https://ag.innovid.com/1x1.gif?project_hash=1gt6if&client_id=6995&video_id=915882&channel_id=2927448&publisher_id=4847&placement_tag_id=0&project_state=2&r=1657938151548&placement_hash=16dgfe&audience_id=30320343&action=init&version_id=216&session_id=39dd10605c4df903984ff064336baf733cf2d4c4&ivc_exdata=ivc_adstxt_domain%3Dgoogle.com%26ivc_adstxt_publisher%3Dpub-9138247653754533%26ivc_appid%3D%26ivc_campaignid%3D17275924504%26ivc_creativeid%3D430148999%26ivc_orderid%3D28362746%26ivc_dealid%3D%26ivc_publisherid%3D1%26ivc_site%3D15111889383%26ivc_dsp%3Ddv360%26ivc_dbmtoken%3DAD1EzRQAAABmCl4KDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhEImODmrUCoAu3NcrAC-o_DDUAB0gIqGAAiEwjonZD0rPz4AhVu67sIHV7NCOIoATABOIS4s5nFEEACSAFYmIQgEIebjs0Bi0ZV4yOFyglXXWNt3UytEw%26iv_f%3Dp%26audience_id%3D30320343%26version_id%3D216%26iv_geo_dma%3D%26iv_geo_country%3DGB%26iv_geo_city%3DManchester%26iv_geo_state%3DMAN%26iv_geo_zip%3DM32%26iv_geo_lat%3D53.4507%26iv_geo_lon%3D-2.3186
cache-control: no-cache
content-length: 0
expires: -1

GET
H2 200 uuid
rtr.innovid.com/placement/16dgfe/ Frame 6327 0
226 B 44ms
40ms Image
text/plain 2a05:d01c:1d8:8100:169e:15cb:462f:8154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtr.innovid.com/placement/16dgfe/uuid?cb=c5137464-31bd-b7bf-4afc-3bfc4baebdea
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:169e:15cb:462f:8154 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
cache-control: no-cache
content-length: 0
request-time: 0
expires: -1

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6327 0
27 B 90ms
87ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUPzbibHu6N84l-TZ7vsxQQULThN6Ujh9yrGXugHvXxQIcZ8Eto8mMZ2lrfsZKGFtN5Ta4mH212Y4JyJMCFh1nF3wzEF51Uc0Am9nxP4Ya6SWRDqKU9O0XVwyX_KJ5dDH2EYFDlS7bvV5JbUCOFhLtLSXfg-5i9UWf6gAaWvYaJ-1T6HO4WNIT1XtsoPK36pQAhgFb5kXj12aEjHvqk_J7GPitcqlp3pCeJOq_Srqpw8wJomTj6TUB_kxvdAblNu9eDeBwjoIiQ_4MNMXfRWrBLpeNQKSavScGKAxDsUKYwsZ74_KPvy_UHQembLExtc9fngqeHA4mNUshkOlrBISQvEJlFxhTNp9jJIfXIQqsHD1dgqctf3fQANbgK5WENSKu6wVJlsX2zskmXUR1AluPq3ccOTWyRFBt53cxLteaUkFXCsmm223ASGpYqCH4klXT4JCHb3usZl8nFMv6OQoSStBPXs0HS-JLXwEXsNkCDPkbuwsV1Qk-Afa9DsN3gqaEvXojUQv3ZZIeVFVxGHW1FQetYCoOGZNoVsws9uAhLKeJFQ6J-exH1Q-fTAngyGDMBkwbaleVvHRymEmochIqVnqll9mKqltnHlmG34XR_6ZjQWwfu9JbEJHW7ZN0uIDSjrc3For8a9d0FJZ789TRp2AXyR6m_jKXfdBlOyINQggM7-6TzOwLUfjBhLcAf9FfVd0X2ROA4gOImo2jNv4Ej_Ig8Rjh6UcbmnWymPJ8JzopZZx3lr1mqpQ9UNdd98J18TsprfiVYcrxiwyAyCxYN-sHgaoipd0mjLJVlA9CO4yLwg0prU9AWLqycRFLyIibbNo4x_IyHiv7hyKWtVcbpvH5G_ginFx0Bme4rmDnoTRqzu_1ftWMLCKnOf_1vI_gWk2gv--GgFQbSRyI6-Dfnu2Sn-yXvi9dB09gaXdOVwjeshZxEM8zoUQpYjRp1KStss5tJx_nfsBV20nqtOT4LmiiDvpNof3DhOhcExKTAYB1sOQis5E0oaJrdRmPWtoz7c_6aZRLQCR9kZCHg6c_VP61czA5M53Wj8AgdiHpiO2OoYcBobtyE-yzA4XEm2HxI5erUOdM9Cza69QPxa4mxjVwAnY__9bWyEUf1i18_T8&sai=AMfl-YQ87XeQNL_eBM89rVtdALgFUeWYPRzwRpmjRPo-w32VnozNCKH6UaEiBzP2R_qQ72DNOkP7jj5lMI7n_h6FKC3bsuj5RItMOSnKP5okVF6UxeQRoW4XdCKLiQgM3zjIlnd77ZfNmb5KK8Frvhsei3t3P4u8-Dy2-2GWFbQbZp0It2lbCObPOT6uSb52Lm2qPQ2WULXgo0SJ7KeJPn5Dpw&sig=Cg0ArKJSzMMfhhX6b6GQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 16 Jul 2022 02:22:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 6327 0
0 55ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM7sbhDtzXIYh5uOzQEgATAB&v=APEucNWudGBKZ56k_k01YsfM5VveMsZKuGiXGOIY4dM3ml2Wb1mV-FrwuQuuxeIPUWZDH24Ybgh969gC0w5odmv0KzYVD3zXHw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6327 0
20 B 77ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI3sG49Kz8-AIVyGjTCh269g8LEAAYACCk-cZSQhMI6J2Q9Kz8-AIVbuu7CB1ezQji;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos...
ade.googlesyndication.com/ddm/activity/ Frame 6327 42 B
63 B 166ms
80ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3sG49Kz8-AIVyGjTCh269g8LEAAYACCk-cZSQhMI6J2Q9Kz8-AIVbuu7CB1ezQji;met=1;acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D814000151%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1657938152154;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6327 42 B
64 B 80ms
78ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty3bhd6tERQry4hVb0uPvp7cjNwySfIKQWCL6WBvpRHPofsjolkzQWSIDFwitB-1R55UvF1pFbINxTp2UgVNvkNw53vdVkeADP30Mc8fok9Sbtzm7AzlvLCxwMkbvzSMQ&sai=AMfl-YSsc5sJhmNZHeKj40k-Twt9p9fXt0YznwKVRnZ_btnGByTz0TPp-1TP8v9kS8cp7VzlLBj_B7a1GCLsL52OVTSeNNiCtlnI0OM0xxr8Psc21Az4yNrZNuldoPA&sig=Cg0ArKJSzISU82NsZqv8EAE&cid=CAASJORoCah9eg6fXubMjlD-cfMOk_f4VlnnP2nzxI5BaGUR8VRkJQ&id=lidarv&acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D814000151%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1657938152154&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6327 42 B
64 B 55ms
52ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxfK85iDSYuiSGu7W7_UP3pqjkA6v8MGRaoS4s5nFEPAuEAEg_f-FI2C7hoCA0ArIAQWpAreNqP_56LM-qAMByAObBKoE2QFP0BospeWk0qtz9kv1OXxcfp3PATeWbvSIuYuJoHH_6gDmcIAPGlAqBox0Cnr16Ep1JstjjWydCS3gR52q1bozkO2sQ9fJrDqOupZ0MGlmrLBC3eutUoapzGeH2F7d20KvLuYI8_7yxitFpqKAmhnv9XulSJxUaf-ZCLIZKe5WX8ey8TxlB-YCNtDxiWOYve9AgF7EUxHUtWDdXTksfNuUwU-veap5T9iNzUT0tzY743YRpqLJ_DvayXv0YOZbgj5y0qzxunM4XyaJ9-wU11HsBmaqg48L3mxNwATy4sTciATgBAOQBgGgBnmAB4O0mW2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHgCwGADAGwE96U7Q_QEwDYEwOIFAfYFAHQFQH4FgGAFwE&sigh=mF1fB2eZojs&label=vast_creativeview&ad_mt=5&acvw=sv%3D929%26v%3D20220627%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D13000%26vmtime%3D5%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D814000151%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1657938152154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6327 0
17 B 179ms
177ms Ping
image/gif 2607:f8b0:4005:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l5n9kh43&c=5553670833757&slotId=2776835416878.5&qqid=COidkPSs_PgCFW7ruwgdXs0I4g&fb=outstream-lima&gpm_i=3&gpm_c=3&gpm_a=3&smb=1000&br=800&mt=video%2Fmp4&vs=640x360&dm=13000&event_name=first_play&asset_bytes=188268&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1ex~videopreviewstarted.1ey
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4005:814::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 75ms
75ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 16 Jul 2022 02:22:33 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 75ms
75ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=8CEAFDC712AC4DC6A1CB600302E32C24&time=1657938153201&location=https%3A%2F%2F1plus1.ua%2F&referrer=&is_flash=0&session_id=82364937&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=inline_cm&param1=~cm_timer~&param2=5&param3=1200&param4=2676&param5=7&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 16 Jul 2022 02:22:33 GMT
server: nginx/1.18.0
content-length: 36
content-type: application/json

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=XpEnlHxpTHlpNDkyTFZwUzJIOTJCTFhhdHYrQjVRZDFCZUpXSzFDK1BieGZaTkNUVS9yakVkTys0SmI2YzgvZlQzY0xGbmdZR1FhNnIyZnJWWmR5L1FZVThLbENOeGpPbWlGR2FlZUN1NE13b2hNcmNqR1ZkMS8zcVVnR0...

414 B
663 B

38ms
38ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XpEnlHxpTHlpNDkyTFZwUzJIOTJCTFhhdHYrQjVRZDFCZUpXSzFDK1BieGZaTkNUVS9yakVkTys0SmI2YzgvZlQzY0xGbmdZR1FhNnIyZnJWWmR5L1FZVThLbENOeGpPbWlGR2FlZUN1NE13b2hNcmNqR1ZkMS8zcVVnR0Z3bS9tZ2tRaHBIdGlJaDhuUktYSmFsaEEzcXd1c2hhcXpLZUs3U1E4UUJ5R0k1c3M2YktudmVjczR5L201Z3IvdWVzeEl4a0pXVUJwcFUvMXFualV5VHl1QnZmbmNjTm1zOGE5OFE2cVV6TitReVdvbzZXMXBKeGhLZVlqZzRHNnJPbnpKVm51YXdnSlMrZkIzSkU4L1VGdlh5S1krdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f460fd410e3756d5f3759f594033d9ea87ee8897d188eba8c1333874774587f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1plus1.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:33 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3863
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 16 Jul 2022 02:22:32 GMT
location: https://mug.criteo.com/sid?cpp=XpEnlHxpTHlpNDkyTFZwUzJIOTJCTFhhdHYrQjVRZDFCZUpXSzFDK1BieGZaTkNUVS9yakVkTys0SmI2YzgvZlQzY0xGbmdZR1FhNnIyZnJWWmR5L1FZVThLbENOeGpPbWlGR2FlZUN1NE13b2hNcmNqR1ZkMS8zcVVnR0Z3bS9tZ2tRaHBIdGlJaDhuUktYSmFsaEEzcXd1c2hhcXpLZUs3U1E4UUJ5R0k1c3M2YktudmVjczR5L201Z3IvdWVzeEl4a0pXVUJwcFUvMXFualV5VHl1QnZmbmNjTm1zOGE5OFE2cVV6TitReVdvbzZXMXBKeGhLZVlqZzRHNnJPbnpKVm51YXdnSlMrZkIzSkU4L1VGdlh5S1krdz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1467
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
616 B 141ms
45ms XHR
application/json 141.95.98.71

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19189/hb_298309_4139.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.71 -, , ASN (),

Reverse DNS

Software

Resource Hash

59bbd22a762ea296ff5296fb57cf626cbf20a1999bfb48a7811c9081d97661b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://1plus1.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://1plus1.ua
date: Sat, 16 Jul 2022 02:22:32 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 182ms
70ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F1plus1.ua%2F&domain=1plus1.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://1plus1.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://1plus1.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 16 Jul 2022 02:22:32 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1601
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 108ms
36ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 16 Jul 2022 02:22:33 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1819
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/_1657938149152/redot.gif?l=107&vis=1&fpdata=-UNLOAD&lsdata=1v4aCtG6nsQi4Cp2QEuNbCeuAswFeJJjzRKyGdCvKDv.T7S.Cu9Q7J5ix3LbuctipIDK2wkpUL5unIPbcypwMPwweEGh/_1xY0rAjSEs99/&ltime=76&id=ByA1NmOpnbt8LmYqyjQkWrd8.l0YgocyqLXiHjiJayv.h7&et=data&hsrc=3&extra=_EC%3Dstreamcontent%7C_SPI%3D1657938149784%7C_SP%3DE2fzXbha%7C_SPD%3D1plus1.ua%7C_SPV%3D100%7C_SPR%3D665x400%7C_SC%3DE2fzXbha%7CcurrentDomain%3D1plus1.ua%7CcurrentNetwork%3Dhome%7CprojectID%3D128902%7C_SCV%3D100%7Cmute%3Dfalse%7C_SCR%3D665x400%7C_SCT%3DStarodavni%20tradiciyi%20guculivsirovariv%20ta%20sekreti%20virobnictva%20karpatskih%20tverdih%20siriv%7CvideoType%3D3%7CUserType%3DNotAuthorized%7CCategory%3DENT_AVT_1P1%7C_SCD%3D3189%7C_SCTE%3DVideo%7C_SCPD%3D20210612%7C_SCTY%3D1%2F00%7CcontentType%3Dfun%7C_SCTT%3D1&eventid=0&fr=3&tz=0&fv=-&href=https%3A%2F%2F1plus1.video%2Fvideo%2Fembed%2FE2fzXbha%3Fl%3Dua&ref=https%3A%2F%2F1plus1.ua%2F&screen=1600x1200r1000&col=24&window=665x400

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.521.0_uk.html

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/instream/video/client.js

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1plus1.ua/	1969-12-31 23:59:59	Name: Value: store.test
.1plus1.video/	1970-01-20 22:03:30	Name: _opov_sid_ Value: 5p6qhbce41mu2vhj4tpihrljv7
1plus1.ua/	1970-01-21 06:49:06	Name: _opov_hid_l Value: 9231c108-3ff9-5c9b-ae6b-d1416c0a7b99
.1plus1.ua/	1970-01-20 22:03:33	Name: _opov_sid_ Value: 5p6qhbce41mu2vhj4tpihrljv7
1plus1.ua/	1970-01-20 13:58:13	Name: _pk_id.2.1c86 Value: 76671aaf7d51d7a7.1657938148.1.1657938148.1657938148.
1plus1.ua/	1970-01-20 04:32:19	Name: _pk_ses.2.1c86 Value: *
.1plus1.ua/	1970-01-20 22:03:30	Name: _ga Value: GA1.2.836394917.1657938148
.1plus1.ua/	1970-01-20 04:33:44	Name: _gid Value: GA1.2.928627624.1657938148
.1plus1.ua/	1970-01-20 04:32:18	Name: _gat_UA-22507043-9 Value: 1
.1plus1.ua/	1970-01-20 04:32:18	Name: _gat_UA-113262294-1 Value: 1
.1plus1.ua/	1970-01-20 13:17:54	Name: _hjSessionUser_1437498 Value: eyJpZCI6IjJhMDA3NjJlLTU3Y2QtNTQ4OS04YWExLTFmN2QwMDdjMGU2MyIsImNyZWF0ZWQiOjE2NTc5MzgxNDgxMTIsImV4aXN0aW5nIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 04:32:19	Name: _hjFirstSeen Value: 1
1plus1.ua/	1970-01-20 04:32:18	Name: _hjIncludedInSessionSample Value: 0
.1plus1.ua/	1970-01-20 04:32:19	Name: _hjSession_1437498 Value: eyJpZCI6ImU5MGY5YWE5LWY3YTItNGZhYS1hZDQzLTBmNGE5ZWVlZTZhOCIsImNyZWF0ZWQiOjE2NTc5MzgxNDgxMzYsImluU2FtcGxlIjpmYWxzZX0=
.1plus1.ua/	1970-01-20 04:32:19	Name: _hjAbsoluteSessionInProgress Value: 0
.1plus1.ua/	1970-01-20 14:01:06	Name: __gfp_64b Value: g4HFa6qCliwpL45qpra7sFKcS0U2FSlAAKNn8p_M_mP.O7\|1657938147
a4p.adpartner.pro/	1970-01-20 05:58:42	Name: apuid Value: ad8d0522-0429-4bb8-a21a-84de21f29652
1plus1.ua/	1970-01-20 05:15:30	Name: _pbjs_userid_consent_data Value: 2024371239917068
.1plus1.ua/	1970-01-20 13:17:54	Name: _pubcid Value: ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55
.prebid.a-mo.net/	1970-01-20 13:17:54	Name: __amc Value: 1_1657938148_1657938148
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.admixer.net/	1970-01-20 06:41:54	Name: am-uid Value: cfd4ebefcf564c96a73262a16241584c
.facebook.com/	1970-01-20 06:41:54	Name: fr Value: 0UQ1iFAQZWUEvCICN..Bi0iDk...1.0.Bi0iDk.
.e-planning.net/	1970-01-22 17:51:30	Name: E Value: AFqgu5dUysewdUfX
.openx.net/	1970-01-20 13:17:54	Name: i Value: ea6f2ca3-6c8c-491a-ac7b-81c32dea6e55\|1657938148
.doubleclick.net/	1970-01-20 13:53:54	Name: IDE Value: AHWqTUkSJU_crwGYUPa68LBRD6n3Rv-qPAF0HXg6gTbFecW8NdlK8Ze2GTTm9K50I7E
.1plus1.ua/	1970-01-20 13:53:54	Name: __gads Value: ID=743aeeee4a031cbe:T=1657938148:S=ALNI_MYCE_UIgAlnq_4DSHAUDdAdLG4SiA
.adnxs.com/	1970-01-20 06:41:54	Name: icu Value: ChgI4axaEAoYASABKAEw5MHIlgY4AUABSAEQ5MHIlgYYAA..
.adnxs.com/	1970-01-20 06:41:54	Name: uuid2 Value: 4726839337623585090
.ads.adnuntius.delivery/	1970-01-20 05:15:30	Name: usi Value: lws1!adnfp65b6e64d67e46fa8
.ads.adnuntius.delivery/	1969-12-31 23:59:59	Name: sessionId Value: 85ef9f53818ec545c19d6963208f13a5
.ads.adnuntius.delivery/	1970-01-20 04:44:54	Name: i Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 04:44:54	Name: r Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 04:44:54	Name: s Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 04:44:54	Name: v Value: 0AAAAAQAA
.ads.adnuntius.delivery/	1970-01-20 04:44:54	Name: c Value: 0AAAAAQAA
.rubiconproject.com/	1970-01-20 13:17:54	Name: khaos Value: L5N9KEVR-24-6CHZ
.rubiconproject.com/	1970-01-20 13:17:54	Name: audit Value: 1\|SDziDG3X/Egb1AK2NTZZD1qbBgMWySGKoH1GQZR6kui8sl0V5U9bPvLY4nygvoOTfr2w3YCIInLgcRgjl6EitdZeyV7KzLVX3OlDu/ORdD8=
.adtelligent.com/	1970-01-20 06:01:34	Name: vmuid Value: 05d216d9260e7e87
.adtelligent.com/	1970-01-20 06:01:34	Name: a307558 Value: ad8d0522-0429-4bb8-a21a-84de21f29652
.mathtag.com/	1970-01-20 13:58:13	Name: uuid Value: de8d62d2-20e5-4e00-91f9-7a4b484a0ede
.quantserve.com/	1970-01-20 06:41:54	Name: d Value: EG4BCQHQJoEA
.quantserve.com/	1970-01-20 14:02:32	Name: mc Value: 62d220e5-22c81-2fa9a-9faec
.simpli.fi/	1970-01-20 13:19:20	Name: suid Value: 9329591B23704CC088FB1714D6430DFA
.everesttech.net/	1970-01-20 13:17:54	Name: everest_g_v2 Value: g_surferid~YtIg5QAQdjFhmAAj
1plus1.video/	1970-01-21 06:49:06	Name: _opov_hid_l Value: 55663f89-3404-52fc-98f8-ed38abd26ae0
.hit.gemius.pl/	1970-01-20 14:01:06	Name: Gdyn Value: KlGTzRMGQMQG0eG9nQaP8goissGMA19oL6nxmG7MmenMbeaiGsRP0QlGvGQp0Fg8SsGT8SpGDlnaxFYhERSG
.criteo.com/	1970-01-20 13:53:54	Name: uid Value: 8f89832f-beef-4fee-99fe-639a0c0ae8b6
.1plus1.ua/	1970-01-20 13:53:54	Name: cto_bundle Value: cMGCTl9DcHhQZk9EajlRUFpSOEdaemx5bDYyM2d3V1I1cWs0MXFvQSUyQmN3cnJJSlZkbnA4eGpLdEg5YThkWHRJaXlkMXQyQjh5VHBDY1RNYWhlbHJPZWxrU2RrY0RTTW9XNHR2SUJOM3Q2UGI4WVNXbHYlMkZHJTJGaDV2QVZQZkdDUkpxSDVQVmhaaUVaekxXMiUyQjZjeVpmSjlVVjFYQSUzRCUzRA
.adnxs.com/	1970-01-20 06:41:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?(L2e!O!@wnfH8K6pQK`!5=E<L5?%K31.cNy68mY>ce^=mm)^7j3NZH/:/`r[)D^W_bpRzqF1`b^0c)tn:t
.casalemedia.com/	1970-01-20 13:17:54	Name: CMID Value: YtIg5zvPCuDTTcfGEKs4PAAA
.casalemedia.com/	1970-01-20 06:41:54	Name: CMPS Value: 4536
.casalemedia.com/	1970-01-20 06:41:54	Name: CMPRO Value: 4536
.adfarm1.adition.com/	1970-01-20 06:41:54	Name: UserID1 Value: 7120790137337739405
.mathtag.com/	1970-01-20 05:15:30	Name: mt_mop Value: 4:1657938151
.yahoo.com/	1970-01-20 13:18:15	Name: A3 Value: d=AQABBOcg0mICEJKbcLP5gJps-xO0Cfxtv7QFEgEBAQFy02LcYgAAAAAA_eMAAA&S=AQAAApFptB3xKiwyBBan1AOUvas
.adform.net/	1970-01-20 05:16:56	Name: C Value: 1
.1rx.io/	1970-01-20 13:17:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e7c81291-e87d-45a4-a5db-15f6e11d4821-003%22%7D
.adform.net/	1970-01-20 05:58:42	Name: uid Value: 3122090026062342226
.turn.com/	1970-01-20 08:51:30	Name: uid Value: 4364469291361850565
.casalemedia.com/	1970-01-20 06:41:54	Name: CMTS Value: 4380
.targeting.unrulymedia.com/	1970-01-20 13:17:54	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e7c81291-e87d-45a4-a5db-15f6e11d4821-003%22%7D
m.exactag.com/	1970-01-20 06:41:54	Name: exactag_new_gk Value: 7be4642574bd42d2a8df4f7035ea1c9d%7c14.09.2022+02%3a22%3a29
m.exactag.com/	1970-01-20 08:51:30	Name: exactag_new_uk Value: 4d60aac417dd4279a21b4f6b9d6ac9d7%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: a9dd594064264160b9aeddac
.bidswitch.net/	1970-01-20 13:17:54	Name: tuuid Value: 3ed6be88-4221-4545-9aad-0617aa54bb7a
.bidswitch.net/	1970-01-20 13:17:54	Name: c Value: 1657938151
.bidswitch.net/	1970-01-20 13:17:54	Name: tuuid_lu Value: 1657938151
.rfihub.com/	1970-01-20 13:53:54	Name: eud Value: H4sIAAAAAAAAAFvFwmtoZmpuaWxhaGpobmwGAD0dfHoQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDQysTS2MDCxMBfiM9RN8_IMK06xTAkyS7UEAFFfO6slAAAA
.rfihub.com/	1970-01-20 13:53:54	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDQysTS2MDCxMBfiM9RN8_IMK06xTAkyS7UEAFFfO6slAAAA
.innovid.com/	1970-01-20 06:41:54	Name: uuid Value: 1e91a510-80f2-4cf8-8fe2-aaad8b77e500-20220715 22:22:31

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://1plus1.ua/(Line 2074) Message: Allow attribute will take precedence over 'allowfullscreen'.
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://1plus1.ua').
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://1plus1.ua').
network	error	URL: https://graph.facebook.com/v2.2/?fields=og_object{engagement}&id=https://1plus1.uahttps://1plus1.video/video/embed/E2fzXbha?l=ua Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://pa.tns-ua.com/viewability/cm.html(Line 25) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://1plus1.ua').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1plus1.ua
1plus1.video
50bab965b1f9ec81d96fa3a63d916744.safeframe.googlesyndication.com
a4p.adpartner.pro
ad.turn.com
ade.googlesyndication.com
ads.adnuntius.delivery
adservice.google.co.uk
adservice.google.com
adtelligent-d.openx.net
ag.innovid.com
api.1plus1.video
assay.1plus1.ua
bid.g.doubleclick.net
bidder.criteo.com
c1.adform.net
cdn.admixer.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
graph.facebook.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
images.1plus1.ua
images.1plus1.video
imasdk.googleapis.com
inv-nets.admixer.net
ls.hit.gemius.pl
m.exactag.com
mug.criteo.com
onetag-sys.com
p.rfihub.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
player.adtelligent.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r.turn.com
rtb.openx.net
rtr.innovid.com
s-video.innovid.com
s.innovid.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
source.mmi.bemobile.ua
ssbsync.smartadserver.com
sslpagestat.mmi.bemobile.ua
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.mathtag.com
sync.pubwise.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
gaua.hit.gemius.pl
hbopenbid.pubmatic.com
imasdk.googleapis.com
s0.2mdn.net
104.18.18.126
104.90.105.115
104.90.105.27
108.177.15.157
141.95.98.71
142.250.185.130
142.250.186.130
145.239.237.56
146.0.227.110
146.59.10.80
147.75.198.217
147.75.85.234
151.101.130.49
159.122.14.34
172.217.18.2
178.250.0.157
178.250.2.131
18.66.139.84
18.66.97.10
185.184.8.90
185.255.84.150
185.29.134.248
185.64.190.78
185.86.137.122
193.0.160.128
194.247.175.23
194.247.175.26
195.137.240.100
195.137.240.108
195.137.240.12
195.137.240.21
195.137.240.88
2001:4860:4802:38::178
2001:678:cb4:bbbb::11
213.19.147.44
216.58.212.162
2600:1f18:1aca:4281:61aa:2c32:4233:52a7
2600:9000:223f:1600:8:48e:53c0:93a1
2602:803:c003:200::51
2606:4700:3030::6815:5525
2607:f8b0:4005:814::2003
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2002
2a00:1450:4001:803::2006
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9b
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:12::1370
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:d29:3605:ceb0:a2e8:d44c:f538
2a05:d01c:1d8:8100:169e:15cb:462f:8154
2a05:d01c:1d8:8101:dca8:6c50:abca:109d
2a05:d01c:1d8:8102:9602:fd0d:b77b:851e
2a0c:5c81:5142::2
35.227.252.103
35.244.159.8
37.157.4.25
37.252.173.215
45.133.44.3
46.249.52.248
51.38.120.206
51.83.220.94
52.222.236.122
52.29.193.101
52.51.170.224
62.149.0.72
66.155.71.25
85.114.159.93
85.14.248.91
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04027cdf264306048b3a831567cfdc1767f5b4aac179a2cc302971819bb6fccc
04cd4fc06fa51c7b25eb07d55678070f8c4afce2c795efc506f56fbeedcb5eee
068ad721456309f6489020d0e40edfdbca01168f8c37152d9c7bed8125cb8497
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
077d73098105bcba9714d377c5495dea5c6ae260c9fd1cb21f79b9efd8707d94
08e819e60be247e943e3f4c3fddf82ce1160b8c68037e0331806a68bd814e632
0990a71f0b3cb5ce0ad9c0848fdeff8ab463a7efa2ede2366046ad42ad682328
0a020c62f8fd598e3213ebb678717344f4870bdf0c29f58cdbeac4234f4bc546
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e91b740e0aebfa7aeeff33dd62379b9920fd9419282ba124be588f8670fec89
0f928b2d352c19a2ee92bef4966d9bbcbd73894d3fea60f128579c1790f94950
0fb1468e01fc61820e905556d9a6bfd354404ea647b17db099f5913efa77658a
0fc2fc5d88d357fa83957e664039e6a19588081e55a215d8d077eed82d43beba
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1148cea90d831ff802c5113203371d2bbec7fe86d0f64c819c986891a21889c7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
142df9a221a555d9b282174a8b66fdeeaeb33e23fbe5e8eb4ada06ce25851b3c
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
16aec55d227d15b95ca9a2297e928565f7563468e81b0f92cfaff43c2aede381
176cec0c0610df2346dd22066f273900fa263f1071814b001d07ffbd654b9eda
18490029527d0166564d08d77d15347f5c7604cb916606860eb0bf458565ba9f
1a1cbd003f02f0c1712e6de047260a8897034a6966acd5cccf3472fd1637ffb3
1bc4309a869cde21cc30a3f1bcf0054598f38e2e3302f5918ada4ab71abed0fc
1bdd42a8be0dcd6021774c2e0a0f6b8275bad01f6a8c552017efebc24a6a0373
1cc8020d98b5c52018e8dc2d506532cc31537332b01daaf46e4b393c6c5008f2
1cdfcce6b6f3ae6c87c8a77ca49086cf6cfa8f325851cb0ce08ecf647368d390
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ebf61ba37ace596f6836cb88dd3021af226b5399779bae28fe12ed6e039b465
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f91f5ec38f54d6fb2ddaeb53ef0b8b6e1d9bd2db00b5f3ce5ac10856160d8de
20d2d99d78d7e35b98435a64ae5a754217afbc9745bfea2e877911c18a6b7cd7
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8
2314da4607398a6481be7b838cabed671605b3706f882c5435b677adfe8734b7
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
23845140980bbddcdaf3e0af4346535e9111acc4ee4381e21ad1e4b3398e6c49
23f331359de0e845064fa1129d6ed9475df6239845db5d2a1dd6f31699900473
257a1ff5096a40aae5ad9be238eaf0e7218dc7a0c274bf0e5962a9c4117d31b8
27ab148b12f4e75ed2c3e8a4da9883cd1e9366ad862b8623b06931e9a6f48c50
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b229fa865eb106077d1b9911b836203ccb3f38a234b07b4f5a7254b6274ae54
2b7f68582252a22f529528a5bcd334c5d727a7e972d2808677aaee4a4ba20259
2cb0ec77d4a1357c426f57e0902f8e2dca5ba6c33937990a15be829288d4823e
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
308d1c3bbfac1ba84cd0b5d0aac40cdd95e130bbe817813b796c71afb7e2e6ba
31031d8e89cb1b7397456fc89cd2b0e0890205aa3adb579aa6eb9102de92de91
319a3b588cf5be1f43cee5597080357d7c8a82a8c9e3291fd2e2c5b970baa3f1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3414b58bed1def0f8a1f6eb4d0a00aefe269558f7c83e4991514f7557906d5d8
3429242792bca181adf72270f1e3f7dfa931e684c12d1295df5a14867cc50446
3439c344f5171b95ef402e9a2188fad228146a9d99cd9b129180904268faf1dc
39e7ad46d37215dc1a92b8cb054787467e232ecf8963952d9558aa598e7f7c45
3a8c4a370d100b654183a9d9139a74ddc57e4f8ab79eac4a68808df1411d5671
3a9986123f85baf58020eb48713941ec749aae9e64147f64ac637088294b4e42
3ab326af9dc6c82a2117248f99b169c68e64ef429ca3cfb75ddf9aa81e07c3a4
3b0464081ea585a89a02303644ebb231f4cbf5ce95d349a3fcd277b15acbe9f6
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d12474efe350378c34e9b349972f824af7ef2d49335b174638d6e104880a35d
3dac64a94fcc4eae3c54f1f12824e9b82bebbec1acb3cb8b908f4ecc1f90e578
3e85d2ef5d5a896cb9d1d50537ddbfc37b3f3ae1f051a165a48ed4bed05a7dba
3f75a7301544fdaaf94086082b8b62b9f9ce4dcfae60ba07cb025f62b7e6eb2f
3fdf445b8cfc96cac2dc15cf848136734465e421404c4af45aa2edf8aac271e1
414ed1b56ea4fd76dc0d3178f562b0f3419520913ae42052d99509097c06e174
4278c7c1497524cc5ed603a391f335486caca0a63e8b097f1dc8f6e3e87a76ac
4596b3d166f6e8609c22c2c710e14944bf6dfdf65b6eb8f8e3106628d390385a
46cd96d21285100a19a2758aa24249788de9eb7fcabda220aea863c03cbfa792
474612c771ed61dcbefc6cbf06bb7f91ab2e583ecb4bd6eb17877bd3748a4f1b
4838f1e1e47c4f4d278446b6f8cc63bef633e46d32a20d7d1489fc81788b2035
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c780f7e651b6071883d1dbf7a21e38f4b9e9250335487cc846abc0b4cff053
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
48cea86340e74a11edbcded780ed93b3a8b0d4578b7542a55e8a9ee034a578c6
49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12
4a1ad78b6964024fc4acd3091a5aeea0c137020c0f054868abb060db0c3847f0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2ce8d360f61186e0ba56478c0bc8e848e2ad5958fd08900e13bb0981541a64
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dfc0827d50b5a140e70520be9dc20b22bcf433fe5e3128075714092e55e00fc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511fd6c628a19c3fdc4040b78e3c6214780fca54b1c07e863ec9bc8dba031c24
517d4417f1918881abb8b87e7be918ca95b9eb50de3a5ef4a46e2e39626aba7b
51a08135537c93d4958a2101bb558ac7110f108e420fbec93f77623ddcd606e2
51d7b1889eb4cbab86a7effb15366991ecf65f7e526c15c2c49c1db37e9b05c5
53af3da5173c66ad4df6e6fcec17453161af02ec5012ee34863b759abda694c7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5592dbfa89130d94ececbedcaf5d1d9929a20b0c097471932e0a157ecbfd5cd7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59bbd22a762ea296ff5296fb57cf626cbf20a1999bfb48a7811c9081d97661b7
5a4bf6765c70fc79d4a77d75bbd839f0054209a82412b838a05b070141ef0889
5c037e3edf7471e0100f03c97f08d353cdc548781316c267214452824e4b9ac4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5f9ecc527406b9b72bc3a9f4527892dcf842584b7e6aeb7ce816a4c7c8803954
6030223b5a0f8cb565b817fed301a66ff90780dd7c180bc73cb1ae921d871a9b
60fc51ea46895093c19dc65da65fd9364ab45da67a07374ffcb264c5cdcb4975
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
623b8ed926c2eb6436ec5a876949f4986eea52ccb69a6a0064164dd9d6361179
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67318e1c9ea0047b035276d21690ea657f781686c5fb857f4f80ba1084ea3671
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
689b332aedec7ced489f493af8655ec9a122b75d0d48d9581637f019a55d6649
6927c24b0af36e882d5042b98d4a3565048a436e64c3ddcd5baf4e072a542f68
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f84409399c119fe995560cadb0b1bda6c311eabcf91917fd5a2a34930f4543f
6fedefcd6ee8f007e59f1845351b3031d6366a6d6600896decd20b7762bb0e72
714576ef1d7b58980b7658ae9b8b4d74a223fba87934dc442db4098873e179a3
727d017565f60a77f88f8753c1b297bb752bd86fae73e89ae9cff404d5de1902
72a734555c9c733033852c05263879fa2d9fab4adbc63df71a4acad880b9fa59
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
77639b450a3179e657341017374b6b46eaa79cf1e02cd816c53feb97db03bf6c
78f41a9fa63f80a45ca282d8a5d85cbe5feaaaa73260e59f7f76093aa7f207d2
792972a6b7f330144c0cf22b9c63f8efaff4665dfb2b43868d0cbbaff721d100
79fedb60d990f49ddc96ec710f7105bf86ea8e3e8478b307e855e80d7ff85305
7a27f41b89121812af5d5e0970bc3f6c861170d0c6260731c1e485170f5feb6e
7bb41cb01e8d4beee575e8407d30ea36e35b372e463778e8ad16813236423d53
7e6edea54ce8e20a389520d8987ce05d3b0ad269008dd07de7600ed4b8e8d2ae
7f4b62d09dc30ffd1f6943c722fc053199beca02c3a5962264608d05ec583484
7f9a44771c2088ce273d74602d782522125915870f00d6adee316c0504c80de5
80134ebe636f3f0419855cf356a8e87c286de078b7504c4e1990d62ef7e115c1
8188ec1e8a570a8a90e580d3ecfc1cf7c716669875d5cfa23574730d5d1ffc40
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
851ab1d0997cc0dd8c000ccb7d04106aafa3d5586dd097a74a0805301b8ec95d
8794fbe947f4fea8408fadf27d5b9701c18c3b9f573d8ec7a712fe36c28ca8e9
887bbef2171d49c602ab37b73b95b357191fd804e7f51ba15c15b750126645dd
8a224f5666106a0d1c78951d4dfb964ab63183d044119a68404f7c01c19f951d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ea36d679c5c9dd3d5582d5f55c70ef4d7e3cf8d5360f8c45a637587483f6ee1
8f9e71ad37578a2db5a8e702ba31316a65dc3f36b2883198adab4d8261631483
8f9eb8c6252be15725cfd2b1e8cbf9d17fae9445ac775a4398cff4cbcd98837e
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91de3383f4d414607a4246729b96b78eae0baf354f07d1a2bdf053750b644efe
921d1a007ed338c58653674c27ca41d12d93b48d73b77372f28b6fac4fb7894c
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
958ea524788a7b3edbea2733e90ab10e62161108dd25ea0b6758e6ec81cba4cc
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a401c6c6f61a160dcc701972266497637630b0988568f25ca2efcaaa3a432709
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af34b74868f58da2483e0ad87af7bfb087d4fc23ee86139a4fba443bb66e5f
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a691ce0fb054d5f2128394b9ad9c5961d7c0cdc1804bc83d6760df78ee304d7f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8023fe892cbd3328341705e6612e08ea89e1e2395ae9e4a34bdcab7f68dec94
a8c5824bb2413000ac2a6cdb2521f48424469172d3ec0ea1eed7f71c0f11ead7
a9e04d460cd99d565537389bb0621fd8c76e4d09e200e84224b0bfe43226f3f0
abee2ab95491ef1e29b65b7c025f035fc075327c87817750d1149ed782780477
ac7d2fe900025cf93204a654c7e4e5d48d595c99f63f3e937a52c37458b738ce
ac95eb37dcd9efd57fcaf63e86a650288df7f1681b674f6558aacf7fcfc4d464
aca88c77db657855a53897ba6fa046fc402c7cb020a751a8ba9c41cecd6ac150
ae0b2fa6956c5bbeab3ebb80e69bc0d313506fbf6d9a75fdd41d3511d8aeb120
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0bcbd12aa7ab180b87cf82f1e93cd257f500f417fc5f8a1f06ad96c8df354e1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14c725050dc585b301493c4668a7a89583269c92bcbc246c5e601782ea8aa3e
b22bb244d60d81ab4d4611b71bc9ad3dabf57d542be4c6dbb895d5bdc72e0e75
b5209a372c57cdeb6ad0ecddbfaebe51c888d03a4456e1da83f22e6ad0a939e5
b53657aad91e8acd57b698f1c870b19257b454563162f6ba5fafd0328de064e9
b68d6252e63c5207f080a8969aa75600d5d252f67d454fd9a0a8a7e3e89d0686
b7f22c16e15e0cd19fdb0c110b67fff7af4a79bd7d58889490b630ef4a3fc58b
ba742f176681a3603b31f011390722e48d49719c69a4d60584fe60bbaf29fb57
bbb05b94711d32b94bf45db19a44a6f68bc361a1374016744bfd911dc43c4e3c
bc612c0463c547f2d209aebf6d513fe30242194a0c14739ac81495248c0c4d66
bc905b60ec328e6967db6be1a6319ab9ca7646d292f9d43bd63baa9e4d478303
bd9072da49e87b2c3688527532eb51a54a6886366915be497e4e2de0c83e5859
be507956ae129681d402d7dbf759ea08548a190301fa54fa2a6286347e64a3b7
c1664f45bc92def41dbd3f8d4bd057e6ce4003b168b33cfafcbca2ae19533209
c3a2c09d4b3a501673a796b19cc25755533ba4c54aaadedc8b8fa4ac41d8f93f
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb0e7e3763aba8d4bab6f43dbe3bdd63c814fec07ed53c0443643871a41ef302
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
ce7c4b304c61ab6f6bc5bc4d333177a66061d1b84c6ee3b0b322ec360f65dcc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd5a04c696bf13721ea7b8d1094c8432135fc5f9d457ecf2c1d80bcf87e2235
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2d5b38dab063f33a17e743518b185ec00efbb4494c46f3b58571dfdc56958fc
d44e385c0fad7008b20e4859ffa28f5bb0290c2870a738f2adcb3b3a1d6880cd
d4b7b283bfebc3217d3674589e8dd557e24471eba105ac32e2352061a64cc2e3
d53983b8a7a627c27b27f485bd6758c1168243d7e30c94d30d86d34f6ac89529
d5f78d77eeffb449e68105d7f5ce8209e7e1e079a50aba03bd9bdd72b6d2b4e3
d807c12f029f4df6967f2f082f63eee8013a45f2125c9201b368bb4bb37f9361
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddcede6dc423a82c6a23bcd3624f799da8710d00831dc72a7e8eda1b4aa08f6a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4c22817bbfbe8cf4693af5efbc6b598e3211dd8ad123ab70c52e67486f2a13
df9c17e851d12c6d0ac0f10c305ebc16f258623f9ebd3dbe1517dab85c2aa515
dfa114ccc40c04812c245ee2bcd1f30a9fa4ec5411cac11a22a4f3163ac9c79a
e2b2134adf52398755a5e6428ee95f6a6f99db6b82530f2b3e964c5be470cfe0
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3af053c9461cab6ac82ebcf749fd62e62421b330ac4ae4dd12558ca0fe43b0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e420fe96fd012b70bc6c29971edde31d417346e6f683936a2fd03b5c454d13c2
e52ce9aedd00c17de0baddbfc8112577c1a48f3d1c8aee25953a53feb7281d7c
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
ea25c23ad0003dc8675fbf7223d08215353d3092c3eaac453c10aaa2d4e55e86
ea7ec71f2e3b1f2017fc4581e0bbd10316de4f475c767d0c2ce5eccb2988db82
ebfd5cc8290373a6b594e340a5c524cc3aace79843dc06232db0d7c05004f408
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ee734b7a7a90aca78f134641a456d1887253a2990eba06fd109bea1cb876e0b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f1f3fd397b3a2fe331f7c691c53f0b577d2cbd2398b84e4c3fc8fcb653570a2a
f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5
f37d4d26f9adb40c5edb56ade0aa60b59d5f5f7bdacab6d34a13b2a3f8e120fc
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f460fd410e3756d5f3759f594033d9ea87ee8897d188eba8c1333874774587f8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b0a6c42f28bad7c4e3c0f8bc589f91b4e13c96220bb091e088294becf603ba
f7d679ac3eacbeb4ab5801b3f1dd63d710fad1c3d44440be04f102adb53a6bcb
f98c3b183a8834fa2303d8c358f62cc42785540dec4bcca3bf682dcd893874bb
f9b09225eeee716c1f859129c051dca496fed4c973a095886bb970b61e01011e
fa1e91b87103157f908a9ee3b3c0eab74ab3c71026f7538071c715a009f73b7a
fa9efa00a715700d9dd94213288ca6924c7057dd521206c6d88b314bf096d788
fb28e529eb48422c4f3150357d137cfa2fba6055291e5e75ad8239da66074888
fe0abf3c4bd85393310780feb423d41c8886c3a9f5f36de8fb9153eacc572d33
ff3ae49d160812d67552eddd8cde0a5b4bae37c20ebdcf47784a74f6f23be809

1plus1.ua Open in urlscan Pro 195.137.240.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

397 Requests

91 %HTTPS

42 %IPv6

56 Domains

94 Subdomains

75 IPs

13 Countries

8495 kBTransfer

16286 kBSize

72 Cookies

28 Outgoing links

Page URL History

Redirected requests

397 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

1plus1.ua Open in urlscan Pro
195.137.240.100 Public Scan

Screenshot
Live screenshot

Full Image

397
Requests

91 %
HTTPS

42 %
IPv6

56
Domains

94
Subdomains

75
IPs

13
Countries

8495 kB
Transfer

16286 kB
Size

72
Cookies

397 HTTP transactions
7 data transactions